922 - Microsoft corrige 3 zero-days em Patch Tuesday de dezembro
Description
Referencias do episodio
Webinar Tendencias em Cyber 2026
https://www.even3.com.br/tendencias-em-cyber-2026-661705/
Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws
https://www.bleepingcomputer.com/news/microsoft/microsoft-december-2025-patch-tuesday-fixes-3-zero-days-57-flaws/
Microsofts December 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-62221)
https://www.tenable.com/blog/microsofts-december-2025-patch-tuesday-addresses-56-cves-cve-2025-62221
Microsoft and Adobe Patch Tuesday, December 2025 – Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/12/09/microsoft-patch-tuesday-december-2025-security-update-review
Fortinet warns of critical FortiCloud SSO login auth bypass flaws
https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-forticloud-sso-login-auth-bypass-flaws/
Multiple Fortinet Products FortiCloud SSO Login Authentication Bypass
https://www.fortiguard.com/psirt/FG-IR-25-647
Security Advisory EPM December 2025 for EPM 2024
https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024
CVE-2025-10573: Ivanti EPM Unauthenticated Stored Cross-Site Scripting (Fixed)
https://www.rapid7.com/blog/post/cve-2025-10573-ivanti-epm-unauthenticated-stored-cross-site-scripting-fixed/
PeerBlight Linux Backdoor Exploits React2Shell CVE-2025-55182
https://www.huntress.com/blog/peerblight-linux-backdoor-exploits-react2shell
EtherRAT: DPRK uses novel Ethereum implant in React2Shell attacks
https://www.sysdig.com/blog/etherrat-dprk-uses-novel-ethereum-implant-in-react2shell-attacks
China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182)
https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/
CVE-2025-55182: React2Shell Critical Vulnerability — what it is and what to do
https://www.dynatrace.com/news/blog/cve-2025-55182-react2shell-critical-vulnerability-what-it-is-and-what-to-do/
Roteiro e apresentação: Carlos Cabral
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
United States
