Security news weekly round-up - 12th December 2025
Source: Dev.to
Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails
The attack does not rely on a jailbreak or prompt injection. Instead, it uses polite, sequential instructions—phrases like “take care of,” “handle this,” and “do this on my behalf”—to shift ownership to the agent. This demonstrates how tone and sequencing can nudge a large language model (LLM) into complying with malicious commands without verifying their safety.
Good news: Perplexity and Microsoft have released patches for their agentic browsers (Comet and Microsoft Edge). Google has not prioritized a fix.
The Big Catch: How Whaling Attacks Target Top Executives
Whaling attacks follow the same pattern as regular spear‑phishing or BEC attacks: threat actors perform detailed reconnaissance on high‑profile targets. Publicly available information—social‑media profiles, company websites, media interviews, and keynote videos—provides the necessary intel. Oversharing on social media can inadvertently supply attackers with the data they need to craft convincing spear‑phishing messages aimed at executives.
Warning: WinRAR Vulnerability CVE‑2025‑6218 Under Active Attack by Multiple Threat Groups
The vulnerability has been patched, but active exploitation continues, indicating that many users have not applied the fix. The South‑Asia‑focused Bitter APT has weaponized CVE‑2025‑6218 to achieve persistence on compromised hosts, dropping a C# trojan via a lightweight downloader. The attack uses a RAR archive (“Provision of Information for Sectoral for AJK.rar”) containing a benign Word document and a malicious macro template.
New DroidLock Malware Locks Android Devices and Demands a Ransom
DroidLock is a dangerous Android ransomware. To avoid infection, do not sideload APKs from outside the Google Play Store unless you fully trust the source. If a device is infected, the malware can:
- Wipe the device
- Lock the device
- Change the PIN, password, or biometric data to prevent user access
Google Ads for Shared ChatGPT, Grok Guides Push macOS Infostealer Malware
When users search for information on Google, they may encounter ads for publicly shared ChatGPT or Grok conversations that include step‑by‑step instructions. One of those steps is a command that, if executed, downloads the AMOS infostealer onto the victim’s Mac.
How to defend: After receiving such LLM‑generated instructions, ask the model (e.g., ChatGPT) whether the steps are safe to execute. Kaspersky reports that the model will flag the instructions as unsafe.
Cover photo by Debby Hudson on Unsplash.