EPISODE · Dec 3, 2025 · 8 MIN
RadioCSIRT English Edition – Your Cybersecurity Update for Wednesday, 3 December 2025 (Ep.39)
from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ
Welcome to your daily cybersecurity briefing.DeepSeek Releases V3.2 Open Source Model Rivaling GPT-5 The Chinese AI startup DeepSeek has officially released its V3.2 and V3.2-Speciale models under a fully permissive MIT license. Claiming to outperform GPT-5 in reasoning tasks, the release utilizes a novel "Sparse Attention" architecture to maximize efficiency, marking a significant shift in the open-source AI landscape.CISA Adds Android Framework Flaws to KEV CatalogCISA has updated its Known Exploited Vulnerabilities (KEV) catalog with two critical flaws affecting the Android Framework. The vulnerabilities, involving privilege escalation and information disclosure, are currently being exploited in the wild, requiring immediate attention from federal agencies and mobile fleet managers.CERT-FR Warns of Critical Python Denial of Service RisksFrance's CERT-FR has issued an alert regarding multiple vulnerabilities within the Python runtime environment. These flaws allow remote attackers to trigger Denial of Service (DoS) conditions on unpatched systems, threatening the availability of backend infrastructure and web applications relying on the language.Microsoft Silently Mitigates Windows LNK Zero-DayMicrosoft has deployed a silent mitigation for a high-severity LNK vulnerability (CVE-2025-9491) actively exploited by state-sponsored groups. The update changes how shortcut target fields are displayed to reveal malicious whitespace padding, though experts warn it does not fully block the execution of malicious payloads.Critical Security Advisory Issued for Next.js FrameworkA new security advisory has been published for Next.js, the popular React framework. The vulnerability, detailed in a GitHub Security Advisory, poses risks to applications using affected versions. Developers are urged to review the disclosure and upgrade their dependencies to the latest stable release immediately.Don’t Think – Patch Now!Sources:GitHub – DeepSeek V3.2 Release https://github.com/deepseek-ai/DeepSeek-V3.2-ExpCISA – KEV Catalog Update https://www.cisa.gov/news-events/alerts/2025/12/02/cisa-adds-two-known-exploited-vulnerabilities-catalogCERT-FR – Python Vulnerability Alert https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-1060/BleepingComputer – Microsoft LNK Mitigation https://www.bleepingcomputer.com/news/microsoft/microsoft-mitigates-windows-lnk-flaw-exploited-as-zero-day/GitHub – Next.js Security Advisory https://github.com/vercel/next.js/security/advisories/GHSA-9qr9-h5gf-34mpYour feedback is welcome.Email: [email protected]: https://www.radiocsirt.comWeekly Newsletter: https://radiocsirtintl.substack.com
NOW PLAYING
RadioCSIRT English Edition – Your Cybersecurity Update for Wednesday, 3 December 2025 (Ep.39)
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.