Welcome to your daily cybersecurity briefing.
Russia has blocked access to Apple’s FaceTime platform and Snap’s Snapchat service, citing their alleged use in coordinating terrorist operations, recruiting criminal actors, and facilitating large-scale fraud against Russian citizens. The decision follows a pattern of escalating restrictions targeting foreign communication platforms, including recent bans on Roblox, Viber, and Signal, with WhatsApp now reportedly under consideration for nationwide blocking.
Google has released a critical Chrome update addressing thirteen security issues, four classified as high severity. One of the flaws, CVE-2025-13633, is a use-after-free vulnerability in Chrome’s Digital Credentials feature that could enable heap corruption through a malicious HTML payload once the renderer process is compromised. Given Chrome’s massive global user base, timely patching is essential across both Chrome and Chromium-derived browsers.
FIRST Fondation highlights how its A4 program is strengthening national CSIRTs by transforming raw threat intelligence into actionable operational outputs. Through on-site engagements with teams in The Bahamas, Cameroon, Malawi, and Trinidad and Tobago, A4 focuses on analysis workflows, communication readiness, stakeholder coordination, and integration into global trust networks such as the Multi-Stakeholder Ransomware SIG.
A new Python-based CVE-2025-55182 Surface Scanner has been released to detect exposed React Server Components endpoints in ReactJS and Next.js environments. Instead of attempting exploitation, the tool identifies systems that accept RSC protocol traffic and Next.js action headers, signalling a potential attack surface that may lead to remote code execution if further module-mapping and gadget enumeration confirm the presence of exploitable conditions.
Don’t Think – Patch Now!
Listen to the full show here.
Sources:
https://www.bleepingcomputer.com/news/security/russia-blocks-facetime-and-snapchat-over-use-in-terrorist-attacks/
https://www.malwarebytes.com/blog/news/2025/12/google-fixes-13-security-issues-affecting-billions
https://www.first.org/blog/20251201-NatCSIRT
https://cyberpress.org/new-scanner-tool-for-detecting/
Your feedback is welcome.
Email: radiocsirt@gmail.com
Website: https://www.radiocsirt.com
Weekly Newsletter: https://radiocsirtintl.substack.com