The Daily Patch
Back to News
vulnerability🌍EuropeThe Hacker News

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

Thursday, December 18, 2025

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

What

Authorities disrupted a large-scale scam operation involving call centers in Ukraine, while new malware and government initiatives to enhance digital safety were reported.

Where

Ukraine and various European countries

When

The call center operation was disrupted on December 9, 2025; SantaStealer has been active since at least July 2025.

Key Factors

  • Call centers employed approximately 100 people to execute scams.
  • SantaStealer operates entirely in-memory to evade detection and uses multiple data-collection modules.
  • The U.K. government is encouraging tech companies to implement nudity-detection algorithms.

Takeaways

  • Organizations should enhance their fraud detection measures to combat sophisticated scams.
  • The emergence of modular malware like SantaStealer highlights the need for advanced cybersecurity defenses.
  • Stakeholders should monitor government initiatives that may impact technology and privacy regulations.
Read Full Article

Opens original article on The Hacker News

Similar News

Over 10K Fortinet Firewalls Exposed to Actively Exploited 2FA Bypass

Over 10K Fortinet Firewalls Exposed to Actively Exploited 2FA Bypass

Kimwolf Botnet Exploits Residential Proxies to Infiltrate Home Networks

Kimwolf Botnet Exploits Residential Proxies to Infiltrate Home Networks

RondoDox Botnet Exploits Critical React2Shell Flaw in Next.js Servers

RondoDox Botnet Exploits Critical React2Shell Flaw in Next.js Servers

IBM API Connect Critical Authentication Bypass Disclosed

IBM API Connect Critical Authentication Bypass Disclosed