Daily Security Briefing #097
- DjediTech
- Security , Newsletter
- December 8, 2025
Table of Contents
December 8, 2025 | Read Online
Voynich cipher recreation, U.S. cyber threat escalation, Triada Android malware campaign…
Executive Summary
Cybersecurity continues to evolve as attackers refine their techniques and expand their reach into both national security and consumer domains. Recent reports highlight growing threats to U.S. infrastructure with cyberattacks increasingly used as tools of geopolitical influence. Meanwhile, advanced malware campaigns targeting Android users exemplify the persistent risks in mobile environments. Researchers are also uncovering sophisticated exploitation techniques in messaging platforms and compromised websites. On the defensive front, analysis of remote access trojans and improvements in threat intelligence provide valuable tools for cybersecurity professionals.
Top Articles
Substitution Cipher Based on The Voynich Manuscript
A new academic paper introduces the Naibbe cipher, a homophonic substitution cipher designed to replicate characteristics of the historic Voynich Manuscript. The study explores the possibility of the manuscript being ciphertext through a historically plausible encryption method that converts Latin and Italian text into Voynich-like scripts. This cryptographic approach offers fresh insights into an enduring mystery in manuscript analysis.
Schneier
Cyber Threats to the U.S.: What Policymakers Need to Know for 2026
A comprehensive report outlines the evolution of cyberattacks against the United States, emphasizing their role as instruments of national strategy beyond isolated incidents. Foreign states, criminal groups, and ideological actors now conduct coordinated campaigns aimed at undermining U.S. political stability and institutions. The briefing distills critical points for government leaders to anticipate and mitigate these multi-faceted threats in the coming year.
Checkpoint Blog
Triada Malware Strikes Android Users Through Multiple Ad Networks in Sophisticated Hacker Scheme
Researchers uncovered a large-scale malware operation leveraging the Triada Trojan by exploiting multiple advertising networks over several years. The campaign abused trusted platforms and compromised accounts to distribute malware that targets Android users, demonstrating advanced persistence and obfuscation tactics within ad networks. This discovery highlights continuing challenges in securing mobile advertising ecosystems.
CyberPress
Exposing the Core Functionalities of QuasarRAT: Encrypted Configuration and Obfuscation Techniques
Security analysts reveal detailed techniques for extracting encrypted configurations from QuasarRAT, a widely used .NET remote access trojan. Using tools such as Jupyter Notebook and dnSpy, the research demystifies the trojan’s obfuscation layers, providing cybersecurity teams with actionable methods to detect and counter its deployments effectively.
GBHackers
Hackers Exploit Delivery Receipts in Messengers to Steal Private User Data
A novel attack discovered by researchers at the University of Vienna leverages delivery receipts in popular messaging apps to silently extract sensitive user data without triggering alerts. This vulnerability, termed “Careless Whisper,” exposes a subtle channel attackers can use to monitor users while bypassing conventional notification-based defenses.
CyberPress
Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT
The JS#SMUGGLER campaign has been identified as using compromised websites to distribute the NetSupport remote access trojan. The attack involves injecting obfuscated JavaScript loaders into webpages and utilizing encrypted HTML Applications as the delivery mechanism, showcasing sophisticated layering of infection vectors to avoid detection and amplify reach.
The Hacker News
FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024
According to FinCEN, ransomware-related extortion amassed more than $2.1 billion over three years, with a peak in 2023 followed by a decline in 2024 after targeted law enforcement actions against prominent gangs like ALPHV/BlackCat and LockBit. The report underscores the ongoing financial impact ransomware poses globally despite intensified countermeasures.
BleepingComputer
Malicious VSCode extensions on Microsoft’s registry drop infostealers
Two malicious extensions available on Microsoft’s Visual Studio Code Marketplace have been found distributing information-stealing malware. These threat actors leverage the trusted developer platform to harvest screenshots, credentials, and browser session data, posing significant risks even to security-conscious developer communities.
BleepingComputer
Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More
A recent summary of cybersecurity developments outlines a volatile landscape featuring critical USB malware, newly discovered vulnerabilities like React2Shell, persistent WhatsApp worm threats, and bugs disrupting AI-powered integrated development environments. The rapid pace of discoveries and exploits calls for continuous vigilance and swift response among security teams.
The Hacker News
8th December – Threat Intelligence Report
The latest threat intelligence bulletin details recent attacks including zero-day exploits targeting Oracle E-Business Suite servers at the University of Pennsylvania and University of Phoenix. These breaches resulted in the exposure of at least 1,488 individuals’ data and highlight the critical importance of patch management and continuous monitoring in academic institutions.
Check Point Research
INE Earns G2 Winter 2026 Badges Across Global Markets
INE, a cybersecurity and IT education platform, received seven G2 Winter 2026 badges recognizing leadership and momentum in online technical skills training. The awards reflect growing global demand for high-quality cybersecurity education and INE’s commitment to empowering professionals with cutting-edge knowledge.
GBHackers
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.