Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext.

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext.

DEC 2, 20255 MIN
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext.

DEC 2, 20255 MIN

Description

<br/> Hunting for SharePoint In-Memory ToolShell Payloads<br/> A walk-through showing how to analyze ToolShell payloads, starting with acquiring packets all the way to decoding embedded PowerShell commands.<br/> <a href="https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Hunting%20for%20SharePoint%20In-Memory%20ToolShell%20Payloads/32524">https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Hunting%20for%20SharePoint%20In-Memory%20ToolShell%20Payloads/32524</a><br/> Android Security Bulletin December 2025<br/> Google fixed numerous vulnerabilities with its December Android update. Two of these vulnerabilities are already being exploited.<br/> <a href="https://source.android.com/docs/security/bulletin/2025-12-01">https://source.android.com/docs/security/bulletin/2025-12-01</a><br/> 4.3 Million Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign<br/> A group or individual released several browser extensions that worked fine for years until an update injected malicious code into the extension<br/> <a href="https://www.koi.ai/blog/4-million-browsers-infected-inside-shadypanda-7-year-malware-campaign">https://www.koi.ai/blog/4-million-browsers-infected-inside-shadypanda-7-year-malware-campaign</a><br/>