Welcome to your daily cybersecurity briefing.
The FBI has issued a public service announcement regarding the evolution of “virtual kidnapping” scams, where criminals are now using AI-altered images from social media to fabricate proof-of-life. By manipulating photos to depict physical harm or captivity, threat actors are successfully pressuring families into paying ransoms for loved ones who are actually safe, marking a dangerous shift in extortion tactics.
Threat actors are actively exploiting a command injection vulnerability in Array Networks AG Series VPNs to implant webshells and establish persistence. Critical to note is that while the vendor patched this flaw in May, no CVE identifier was assigned, leaving many organizations blind to the risk as automated vulnerability scanners fail to detect the unpatched appliances.
A sophisticated new Android banking trojan dubbed “FvncBot” has been detected in the wild, utilizing custom code rather than leaked sources. The malware distinguishes itself by using H.264 video streaming to bypass standard anti-screen-capture protections (FLAG_SECURE), allowing attackers to steal credentials and remotely control devices in near real-time.
New research indicates that 97% of U.S. medical professionals have their personal home addresses and family details exposed on people-search databases. This massive leak of Personally Identifiable Information (PII) significantly escalates physical security risks for healthcare staff, enabling targeted harassment and doxxing by disgruntled patients or hostile actors.
Mozilla is officially terminating its Monitor Plus partnership with privacy vendor Onerep following a critical third-party risk management failure. The decision comes after investigations revealed that the founder of the privacy service—hired to remove users from data broker lists—was simultaneously operating an active people-search data broker business.
Don’t Think – Patch Now!
Sources:
BleepingComputer:https://www.bleepingcomputer.com/news/security/fbi-warns-of-virtual-kidnapping-ransom-scams-using-altered-social-media-photos/
BleepingComputer:https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells/
CyberPress:https://cyberpress.org/android-users-hit-by-fvncbot-malware/
HelpNetSecurity:https://www.helpnetsecurity.com/2025/12/05/incogni-healthcare-staff-data-exposure-report/
KrebsOnSecurity:https://krebsonsecurity.com/2025/11/mozilla-says-its-finally-done-with-two-faced-onerep/
Your feedback is welcome.
Email: radiocsirt@gmail.com
Website: https://www.radiocsirt.com
Weekly Newsletter: https://radiocsirtintl.substack.com