EPISODE · Nov 27, 2025 · 7 MIN
RadioCSIRT – Your Cybersecurity Update for Thursday, 27 November 2025 (Ep.33)
from RadioCSIRT - English Edition · host Marc Frédéric GOMEZ
Welcome to your daily cybersecurity briefing.CERT-FR: Advisory 2025-AVI-1042CERT-FR has issued a new advisory describing several critical vulnerabilities impacting Gitlab.RomCom via SocGholishArctic Wolf reports a campaign in which the RomCom threat group leveraged the SocGholish delivery infrastructure for the first time to deploy a targeted Mythic loader. The intrusion targeted a U.S. company indirectly connected to Ukraine, highlighting the evolving infection chains associated with GRU Unit 29155.ShadowV2 IoT BotnetFortinet has analyzed ShadowV2, a Mirai-based IoT botnet observed exclusively during the major AWS outage in October. The botnet exploited at least eight vulnerabilities across devices from D-Link, TP-Link, DigiEver, TBK, and others. Activity targeted routers, NAS systems, and DVRs across multiple sectors, with global impact.Don’t Think – Patch Now !Sources:CERT-FR – 2025-AVI-1042https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-1042/Arctic Wolf – RomCom / SocGholish https://arcticwolf.com/resources/blog/romcom-utilizing-socgholish-to-deliver-mythic-agent-to-usa-companies-supporting-ukraine/BleepingComputer – ShadowV2 Botnet https://www.bleepingcomputer.com/news/security/new-shadowv2-botnet-malware-used-aws-outage-as-a-test-opportunity/Your feedback is welcome.Email: [email protected]: https://www.radiocsirt.comWeekly Newsletter: https://radiocsirtintl.substack.com
NOW PLAYING
RadioCSIRT – Your Cybersecurity Update for Thursday, 27 November 2025 (Ep.33)
No transcript for this episode yet
Similar Episodes
Mar 31, 2026 ·143m
Mar 24, 2026 ·88m
Feb 27, 2025 ·73m