CyberNews: 26/12/2025 Edition

Published by Dunateo on 2025-12-26

Today’s roundup

  • Trust Wallet Chrome extension hack tied to millions in losses
  • Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection
  • ‘All brakes are off’: Russia’s attempt to rein in illicit market for leaked data backfires
  • Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited

    • Summary

    A compromised update for the Trust Wallet Chrome extension, released on December 24, has led to millions in cryptocurrency losses for several users whose wallets were drained. A related phishing domain has also been observed by security researchers in connection with the incident.

    A critical security flaw has been disclosed in LangChain Core, the foundational Python package of the LangChain ecosystem. This vulnerability enables attackers to exploit serialization injection to steal sensitive data and influence large language model (LLM) responses through prompt injection techniques.

    Russia's decades-old illicit 'probiv' market, where personal data is sold by corrupt officials from government and corporate databases, is reportedly being exploited by Ukrainian intelligence services. This development complicates Moscow's ongoing efforts to control the sprawling underground information economy.

    Fortinet has identified active exploitation of CVE-2020-12812, a five-year-old improper authentication vulnerability in its FortiOS SSL VPN. This flaw (CVSS 5.2) allows threat actors to bypass two-factor authentication by altering the case of a username under specific configurations involving local 2FA users linked to LDAP. Although patches were released in July 2020, the vulnerability continues to be actively abused and has previously been exploited by Iran-linked APT groups and the Hive ransomware gang.

    Want to dig deeper?

    Vulnerabilities

    CVE-2020-12812 Critical