Threat Advisories:
Serpents in Disguise: MuddyWater’s Hidden ToolsetExposed Operation Hanoi Thief: When Fake CVs Become Cyber Weapons CVE-2025-61757: Oracle Identity Manager Pre-Auth RCE Under Active Attack ShadowPad Gatecrashes the Enterprise by Hijacking WSUS Vulnerability Shai-Hulud 2.0 Fuels Global NPM Supply-Chain Compromise StealC V2 Spreads via Malicious Blender Files The Windows Update Deception: How ClickFix Lures Unleash Stealthy Stealers Cl0p Ransomware Surge 2025: Operational Patterns and Key Mitigations ShadowRay Strikes Back: Inside the Multi-Purpose Ray Cluster Takeover November 2025 Linux Patch Roundup CVE-2025-11001 Turns a Simple Unzip into a System-Level Ambush CVE-2025-55241: Critical Cross-Tenant Privilege Escalation in Microsoft Entra ID TamperedChef: A High-Severity Multi-Stage Infostealer Operation Eternidade Stealer: Brazil’s New WhatsApp-Driven Cybercrime Engine Gh0st RAT Multi-Campaign Delivery Surge Targets Chinese Speakers FortiWeb Flaw Exploited in the Wild: Patch Immediately Google Patches High-Risk V8 Zero-Day Hitting Chrome Users FortiWeb Hijack: The Hidden Vulnerability Fueling Admin Account Creation Lazarus Group’s New Comebacker Variant Targets Aerospace & Defense Threat Actors Turn RMM Tools into Backdoor Gateways
Hive Pro recognized in Gartner® Magic Quadrant™ for Exposure Assessment Platform, 2025 Watch platform in action
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s ComparisonSave Cost , Reduce Complexity and Increase Security by Augmenting and Replacing your existing Vulnerability Management platform
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Blog
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe
Platform
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s Comparison
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Blog
Company
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe
December 3, 2025

Weekly Threat Digest : 24th NOVEMBER to 30th NOVEMBER 2025

HiveForce Labs

HiveForce Labs

For a detailed threat digest, download the PDF file here


HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week, eight major attacks were detected, five critical vulnerabilities were actively exploited, and one threat actor was closely monitored, reflecting an alarming escalation in malicious activities.

Cl0p ransomware has evolved into 2025’s most aggressive extortion force, weaponizing zero-days for rapid, automated data theft at massive scale, forcing defenders to prioritize fast patching, tight segmentation, and rigorous exfiltration monitoring. ShadowRay 2.0 exposes how rapidly cybercriminals are weaponizing AI-era infrastructure, turning misconfigured Ray clusters into stealthy, self-spreading engines for cryptomining, data theft, and botnet expansion, underscoring the urgency of hardening access and visibility across modern AI stacks.

Additionally, ClickFix turns a single misguided “update” click into a stealthy, steganography-driven infection chain, proving that even advanced attacks still rely on basic user trust to succeed. Shai-Hulud 2.0 weaponizes npm’s supply chain at scale, using poisoned preinstall scripts and stolen tokens to self-propagate, turning routine package installs into a destructive breach that demands urgent secret rotation and dependency audits. These rising threats pose significant and immediate dangers to users worldwide.


Subscribe to receive our weekly threat digests and alerts directly in your inbox.

Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

A vulnerability management system dashboard displaying asset scans and prioritized security risks.
Article
Blog
What Is a “Next Generation” Vulnerability Management Solution?
A vulnerability management system helps you find, assess, and fix security weaknesses, giving your team a clear, organized view of your cyber risk.
Security professionals analyzing threat intelligence on the Insight Hive Pro platform dashboard.
Reviews
Blog
Insight Hive Pro: A Complete Platform Review
Get a clear look at Insight Hive Pro—features, benefits, and real user feedback to help you decide if this platform fits your cybersecurity needs.
Security team in a control room using dashboards for proactive exposure management.
Blog
Blog
What Is Exposure Management? A Proactive Guide
Get a clear, actionable overview of exposure management. Learn how to identify, assess, and reduce cybersecurity risks across your entire attack surface.
Security analysts reviewing Breach and Attack Simulation (BAS) data on a large digital dashboard.
Blog
Blog
What Does BAS Stand For? A Complete Guide
Get clear on what BAS means in cybersecurity, building automation, and business software. Learn how BAS impacts security and operations across industries.
How BAS helps threat exposure management with security cameras and digital circuits.
Threat Digests
Blog
How BAS Helps Threat Exposure Management: A Complete Guide
See how BAS helps threat exposure management by simulating real attacks, prioritizing risks, and giving you actionable insights to strengthen your defenses.
Comparing vulnerability management tools on a computer monitor to find the best security solution.
Reviews
Blog
7 Best Vulnerability Management Tools Compared
Compare the top vulnerability management tools to find the best fit for your security needs. Get clear insights on features, strengths, and practical benefits.
A security operations center using a CTEM platform with threat maps and analytics to manage cyber risk.
Blog
Blog
What is CTEM? Your Guide to Reducing Cyber Risk
Learn how CTEM helps you reduce cyber risk by prioritizing real threats, validating defenses, and focusing on what matters most for your organization.
Cybersecurity analysts defending against SafePay ransomware threats in a security operations center.
Threat Digests
Blog
SafePay Ransomware: TTPs and Defense Strategies
Learn how SafePay ransomware operates, its attack methods, and practical defense strategies to protect your organization from data loss and extortion.

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo