Other News.

MITRE ATT&CK Blog:

• ATT&CK v18: Detection Strategies, More Adversary Insights,
• What Comes After Detection Rules? Smarter Detection Strategies in ATT&CK
• ATT&CK v17: New Platform (ESXi), Collection Optimization, & More Countermeasures
• v16 Cloud Rebalancing, Analytics,
• Introducing TAXII 2.1 and a fond farewell to the TAXII 2.0 Server

---

The Hacker News:

• STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware
• Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
• Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT
• ⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More
• How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?

---

SANS Internet Storm Center:

• ISC Stormcast For Tuesday, December 9th, 2025 https://isc.sans.edu/podcastdetail/9730, (Tue, Dec 9th)
• ISC Stormcast For Monday, December 8th, 2025 https://isc.sans.edu/podcastdetail/9728, (Mon, Dec 8th)
• AutoIT3 Compiled Scripts Dropping Shellcodes, (Fri, Dec 5th)
• ISC Stormcast For Friday, December 5th, 2025 https://isc.sans.edu/podcastdetail/9726, (Fri, Dec 5th)
• ISC Stormcast For Thursday, December 4th, 2025 https://isc.sans.edu/podcastdetail/9724, (Thu, Dec 4th)

---

Threat Research:

• Inside Shanya, a packer-as-a-service fueling modern attacks
• Sharpening the knife: GOLD BLADE’s strategic evolution
• WhatsApp compromise leads to Astaroth deployment
• November Patch Tuesday does its chores
• BRONZE BUTLER exploits Japanese asset management software vulnerability

---

NVD (National Vulnerability Database):

• CVE-2023-36409
• CVE-2023-36769
• CVE-2023-47004
• CVE-2023-45556
• CVE-2023-5605