🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
3 NovCritical UniFi OS Flaw Enables Remote Code ExecutionSecurity researchers have uncovered a severe unauthenticated Remote Code Execution vulnerability in Ubiquiti’s UniFi OS that earned a substantial $25,000 bug bounty reward. Tracked as CVE-2025-52665, this critical flaw allows attackers to gain complete control of UniFi devi…GBHACKERS.COM
3 NovHackers Actively Scanning TCP Ports 8530/8531 for WSUS CVE-2025-59287Security researchers at the SANS Internet Storm Center have detected a significant spike in suspicious network traffic targeting Windows Server Update Services (WSUS) infrastructure worldwide. The reconnaissance activity focuses specifically on TCP ports 8530 and 8531, which corr…GBHACKERS.COM
3 NovXWiki SolrSearch Exploit Attempts (CVE-2025-24893) with link to Chicago Gangs/Rappers, (Mon, Nov 3rd)XWiki describes itself as "The Advanced Open-Source Enterprise Wiki" and considers itself an alternative to Confluence and MediaWiki. In February, XWiki released an advisory (and patch) for an arbitrary remote code execution vulnerability. Affected was the SolrSearch component, w…ISC.SANS.EDU
3 NovOpenAIs Aardvark soll Fehler im Code erkennen und behebenKI soll das Thema Sicherheit frühzeitig in den Development-Prozess miteinbeziehen. Summit Art Creations/ Shutterstock OpenAI hat Aardvark vorgestellt, einen autonomen Agenten auf Basis von GPT-5. Er soll wie ein menschlicher Sicherheitsforscher in der Lage sein, Code zu scannen, …CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 21[−]
3 NovChina-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomatssubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/10/china-linked-hackers-exploit-windows.html cross-posted from: lemmy.sdf.org/post/45081057 Archived Oct 31, 2025Ravie LakshmananMalware / Threat Intelligence A China-affiliated threa…INFOSEC.PUB
3 NovAlarm Bells in Ivy League SchoolIn this episode, host David Shipley discusses a significant cybersecurity breach at the University of Pennsylvania, which involved offensive emails sent from legitimate university addresses. The attackers claim to have accessed sensitive data, though their statements remain unver…CYBERSECURITYTODAY.LIBSYN.COM
3 NovEDR-Redir V2 Evades Detection on Windows 11 by Faking Program FilesSecurity researcher TwoSevenOneT has released EDR-Redir V2, an upgraded evasion tool that exploits Windows bind link technology to bypass endpoint detection and response solutions on Windows 11. The new version demonstrates a sophisticated approach to redirecting security softwar…GBHACKERS.COM
3 NovWhat does aligning security to the business really mean?As part of his company’s AI center of excellence, Tim Sattler works to identify where and how the technology can provide measurable benefits. “We’re discussing opportunities,” he says. That Jungheinrich AG’s AI team is doing so is hardly remarkable. What’s notable is that Sattler…CSOONLINE.COM
3 NovUS Appeals Court lowers burden of proof for data breach lawsuitsAn October decision of the 4th US Circuit Court of Appeals in Virginia has — yet again — altered the risk calculus of data breaches by easing litigants’ ability to successfully sue breached companies in limited situations. The case involved an insurance company data breach that r…CSOONLINE.COM
3 NovNew BOF Tool Bypasses Microsoft Teams Cookie Encryption to Steal User ChatsCybersecurity researchers at Tier Zero Security have released a specialised Beacon Object File (BOF) tool that exploits a critical weakness in Microsoft Teams cookie encryption, enabling attackers to steal user chat messages and other sensitive communications. The vulnerability s…GBHACKERS.COM
3 NovTransforming Frontline Workflows with Passwordless Access, AI costs, and the News - ESW #431Segment 1: Interview with Joel Burleson-Davis Frontline workers can’t afford to be slowed down by manual, repetitive logins, especially in mission-critical industries where both security and productivity are crucial. This segment will explore how inefficient login methods erode p…YOUTUBE.COM
3 NovAnthropic Claude – Unternehmensdaten gefährdetEin aktueller Report zeigt, wie sich über Anthropic Claude sensible Daten extrahieren lassen. Photo Agency | shutterstock.com Eine kürzlich bekannt gewordene Schwachstelle im KI-Assistenten Claude von Anthropic könnte von Angreifern ausgenutzt werden, um heimlich Unternehmensdate…CSOONLINE.COM
3 NovNew HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South KoreaThe North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor codenamed HttpTroy as part of a likely spear-phishing attack targeting a single victim in South Korea. Gen Digital, which disclosed details of the activity, did not reveal any …THEHACKERNEWS.COM
3 NovRhysida ransomware exploits Microsoft certificate to slip malware past defensesThe Rhysida ransomware gang, known for targeting enterprises, has shifted to using malvertising campaigns to spread its malware. In its recent campaigns, the threat actor has impersonated fake download pages mimicking legitimate software such as Microsoft Teams, PuTTY and Zoom. R…CSOONLINE.COM
3 NovHacktivists increasingly target industrial control systems, Canada Cyber Centre warnsSecurity experts have long warned about the dangers of exposing industrial control systems (ICS) to the internet, where they can become easy targets for government-affiliated threat groups and hacktivists. In a new alert urging CISOs to take action, the Canadian government’s Cent…CSOONLINE.COM
3 NovUNC6384 Targets European Diplomats Via Windows Exploitsubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/unc6384-european-diplomat-windowsSH.ITJUST.WORKS
3 NovChina-linked hackers exploited Lanscope flaw as a zero-day in attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/china-linked-hackers-exploited-lanscope-flaw-as-a-zero-day-in-attacks/SH.ITJUST.WORKS
3 NovAttackers dig up $11M in Garden Finance crypto exploit • The Registersubmitted by kid to cybersecurity 2 points | 0 comments https://www.theregister.com/2025/10/31/attackers_dig_up_11m_in/SH.ITJUST.WORKS
3 NovCybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight NetworksBad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management (RMM) software for financial gain and ultimately steal cargo freight. The threat cluster, believed to be active since at least Ju…THEHACKERNEWS.COM
3 Nov KEVMicrosoft: Patch for WSUS flaw disabled Windows Server hotpatchingAn out-of-band (OOB) security update that patches an actively exploited Windows Server Update Service (WSUS) vulnerability has broken hotpatching on some Windows Server 2025 devices. [...]BLEEPINGCOMPUTER.COM
3 NovReport: AI Poisoning Attacks Are Easier Than Previously ThoughtAttackers can more easily introduce malicious data into AI models than previously thought, according to a new study from Antropic. Poisoned AI models can produce malicious outputs, leading to follow-on attacks. For example, attackers can train an AI model to provide links to phis…KNOWBE4.COM
3 NovFake Solidity VSCode extension on Open VSX backdoors developersA remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source registry, uses an Ethereum smart contract to establish a communication channel with the attacker. [...]BLEEPINGCOMPUTER.COM
3 NovHow an ex-L3 Harris Trenchant boss stole and sold cyber exploits to RussiaPeter Williams sold eight exploits to a Russian zero-day broker by smuggling them from his employer’s highly secured air-gapped network. A court document, plus exclusive reporting by TechCrunch and interviews with former Trenchant staff, explains how Williams pulled off the heist…TECHCRUNCH.COM
3 NovLawmakers say stolen police logins are exposing Flock surveillance cameras to hackersFlock said around 3% of its law enforcement customers do not use multi-factor authentication, potentially exposing dozens of law enforcement agency accounts open to compromise and improper access.TECHCRUNCH.COM
3 NovCreating a Linux Application Using VSCodium, Cline, OpenRouter, and ClaudeIn March I created a Windows Application Using Visual Studio Code, Cline, OpenRouter, and Claude . This was a program that created square screen captures. The user doesn't need to manually ensure the dimensions are a square. The program makes the window grow and shrink while keep…TAOSECURITY.BLOGSPOT.COM
📢 SECURITY ADVISORIES 8[−]
🔥 INCIDENT REPORTING 15[−]
3 NovProton Warns of 300 Million Stolen Login Details Circulating on Dark WebPrivacy-focused technology company Proton has issued a warning about the escalating data breach crisis, revealing that hundreds of millions of stolen login credentials are actively circulating on the dark web. Through its Data Breach Observatory initiative, Proton is directly mon…GBHACKERS.COM
3 NovConti Ransomware Operator Extradited to the United StatesA Ukrainian national accused of participating in one of the most damaging ransomware campaigns in history has been extradited from Ireland to face charges in the United States. Oleksii Oleksiyovych Lytvynenko, 43, appeared in federal court in Tennessee following his transfer from…GBHACKERS.COM
3 NovWeekly Update 476Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite The 2 billion email address stealer log breach I talk about this week is almost ready to go at the time of writing. It's been mass…TROYHUNT.COM
3 NovRibbon Communications Breach Marks Latest Telecom Hacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/ribbon-communications-breach-latest-telecom-attackSH.ITJUST.WORKS
3 Nov‘We got hacked’ emails threaten to leak University of Pennsylvania datasubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/offensive-we-got-hacked-emails-sent-in-penn-security-incident/SH.ITJUST.WORKS
3 NovResearchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial DataCybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive data from compromised devices. According to CYFIRMA, which analyzed three different samples of BankBot-YNRK, the malware incorpo…THEHACKERNEWS.COM
3 NovOpen VSX Registry Responds to Leaked Tokens and Malicious Extension IncidentThe Open VSX team and Eclipse Foundation have addressed a significant security incident involving leaked authentication tokens and malicious extensions on their popular code marketplace. The organization has now contained the situation and outlined concrete steps to prevent futur…GBHACKERS.COM
3 NovGround zero: 5 things to do after discovering a cyberattackWhen every minute counts, preparation and precision can mean the difference between disruption and disasterWELIVESECURITY.COM
3 Nov⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & MoreCyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe. From spying and fake job scams to strong ransomware…THEHACKERNEWS.COM
3 NovClaude AI APIs Can Be Abused for Data ExfiltrationAn attacker can inject indirect prompts to trick the model into harvesting user data and sending it to the attacker’s account. The post Claude AI APIs Can Be Abused for Data Exfiltration appeared first on SecurityWeek .SECURITYWEEK.COM
3 NovNew HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Koreasubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2025/11/new-httptroy-backdoor-poses-as-vpn.htmlSH.ITJUST.WORKS
3 NovHackers use RMM tools to breach freighters and steal cargo shipmentsThreat actors are targeting freight brokers and trucking carriers with malicious links and emails to deploy remote monitoring and management tools (RMMs) that enable them to hijack cargo and steal physical goods. [...]BLEEPINGCOMPUTER.COM
3 NovUS cybersecurity experts indicted for BlackCat ransomware attacksThree former employees of cybersecurity incident response companies DigitalMint and Sygnia have been indicted for allegedly hacking the networks of five U.S. companies in BlackCat (ALPHV) ransomware attacks between May 2023 and November 2023. [...]BLEEPINGCOMPUTER.COM
3 NovSesameOp: Novel backdoor uses OpenAI Assistants API for command and controlMicrosoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) as a mechanism for command-and-control (C2) communications. Instead of relying …MICROSOFT.COM
3 NovDOJ accuses US ransomware negotiators of launching their own ransomware attacksThree people, including two U.S. ransomware negotiators, are accused of working on behalf of the ALPHV/BlackCat ransomware gang.TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 18[−]
3 NovISC Stormcast For Monday, November 3rd, 2025 https://isc.sans.edu/podcastdetail/9682, (Mon, Nov 3rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
3 NovOpenAI Introduces Aardvark, an AI Security Agent Powered by GPT-5OpenAI has announced the launch of Aardvark, an autonomous AI security agent powered by GPT-5 that aims to revolutionize how organizations discover and fix software vulnerabilities. The new tool, currently available in private beta, represents a significant advancement in automat…GBHACKERS.COM
3 NovWindows 11 24H2/25H2 Flaw Keeps Task Manager Running After You Close ItMicrosoft has acknowledged a persistent bug affecting Windows 11 versions 24H2 and 25H2 that prevents Task Manager from properly terminating when users close the application. The issue causes multiple instances of the system monitoring tool to accumulate in the background, potent…GBHACKERS.COM
3 NovGoogle Pays $100,000 in Rewards for Two Chrome VulnerabilitiesThe two bugs are high-severity type confusion and inappropriate implementation issues in the browser’s V8 JavaScript engine. The post Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
3 NovChinese APT Uses ‘Airstalk’ Malware in Supply Chain AttacksPowerShell and .NET variants of the malware abuse AirWatch’s MDM API to establish a C&C communication channel. The post Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
3 NovAI Summarization OptimizationThese days, the most important meeting attendee isn’t a person: It’s the AI notetaker. This system assigns action items and determines the importance of what is said. If it becomes necessary to revisit the facts of the meeting, its summary is treated as impartial evidence. But cl…SCHNEIER.COM
3 NovOpen VSX rotates access tokens used in supply-chain malware attacksubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/open-vsx-rotates-tokens-used-in-supply-chain-malware-attack/SH.ITJUST.WORKS
3 NovCybersecurity M&A Roundup: 45 Deals Announced in October 2025Significant cybersecurity M&A deals announced by Jamf, LevelBlue, Ping Identity, Twilio, and Veeam Software. The post Cybersecurity M&A Roundup: 45 Deals Announced in October 2025 appeared first on SecurityWeek .SECURITYWEEK.COM
3 NovCrooks target luxury brands with 1,330 fake domains | Cybernewssubmitted by kid to cybersecurity 2 points | 0 comments https://cybernews.com/cybercrime/crooks-target-luxury-brands-with-1330-fake-domains/SH.ITJUST.WORKS
3 NovThe Evolution of SOC Operations: How Continuous Exposure Management Transforms Security OperationsSecurity Operations Centers (SOC) today are overwhelmed. Analysts handle thousands of alerts every day, spending much time chasing false positives and adjusting detection rules reactively. SOCs often lack the environmental context and relevant threat intelligence needed to quickl…THEHACKERNEWS.COM
3 NovMalware implant authors can see you delete their evil code • The Registersubmitted by kid to cybersecurity 1 points | 0 comments https://www.theregister.com/2025/11/02/cyber_exec_pleads_guilty_to/SH.ITJUST.WORKS
3 NovWho is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI ReleasesKolter leads a panel at OpenAI that has the authority to halt the ChatGPT maker’s release of new AI systems if it finds them unsafe. The post Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases appeared first on SecurityWeek .SECURITYWEEK.COM
3 NovConnect with Jesper Gerved: Talking cyber risk quantification with Richard Seiersensubmitted by ashar to security_cpe 2 points | 0 comments https://vimeo.com/1113200716/5d5e4e2b53 Connect with Jesper Gerved Jesper Gerved interviews Richard Seiersen , one of the authors of the best-selling book “How to Measure Anything in Cybersecurity Risk”. “In my conversation…INFOSEC.PUB
3 NovCISO Burnout – Epidemic, Endemic, or Simply Inevitable?CISO burnout is increasing. Are we simply more aware of the condition? Or have demands on the CISO grown and burnout is now the inevitable result? In 2019, burnout was defined by the World Health Organization as an occupational phenomenon rather than a medical condition. In 2025,…SECURITYWEEK.COM
3 NovHow Software Development Teams Can Securely and Ethically Deploy AI ToolsTo deploy AI tools securely and ethically, teams must balance innovation with accountability—establishing strong governance, upskilling developers, and enforcing rigorous code reviews. The post How Software Development Teams Can Securely and Ethically Deploy AI Tools appeared fir…SECURITYWEEK.COM
3 NovUkrainian Extradited to US Faces Charges in Jabber Zeus Cybercrime CaseYuriy Igorevich Rybtsov, aka MrICQ, was arrested in Italy and lost his appeal to avoid extradition to the US. The post Ukrainian Extradited to US Faces Charges in Jabber Zeus Cybercrime Case appeared first on SecurityWeek .SECURITYWEEK.COM
3 Nov'TruffleNet' Attack Uses Stolen Credentials Against AWSsubmitted by kid to cybersecurity 2 points | 0 comments https://www.darkreading.com/vulnerabilities-threats/trufflenet-attack-stolen-credentials-awsSH.ITJUST.WORKS
3 NovHackers Help Organized Crime Groups in Cargo Freight Heists - Infosecurity Magazinesubmitted by kid to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/hackers-organized-crime-cargo/SH.ITJUST.WORKS
🌐 CYBER THREAT LANDSCAPE 3[−]
3 NovOAuth Device Code Phishing: Azure vs. Google ComparedDevice code phishing abuses the OAuth device flow — Azure can yield very powerful tokens while Google limits scopes, reducing the blast radius. Register for Huntress Labs' Live Hack to see live Microsoft 365 attack demos, explore defensive tactics, and get an Identity Security As…BLEEPINGCOMPUTER.COM
3 NovMicrosoft: SesameOp malware abuses OpenAI Assistants API in attacksMicrosoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel. [...]BLEEPINGCOMPUTER.COM
3 NovMalicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server AliveCybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex's John Tuckner, the extension in question, juan-bianco.solidity-vlang (version 0.0.7), was first published on…THEHACKERNEWS.COM
📡 INFOSEC NEWS 3[−]
3 NovMicrosoft: Windows Task Manager won’t quit after KB5067036 updateMicrosoft has confirmed a known issue that is preventing users from quitting the Windows 11 Task Manager after installing the October 2025 optional update. [...]BLEEPINGCOMPUTER.COM
3 NovKaspersky for Linux expands security options for home users | Kaspersky official blogThe Linux version of Kaspersky protection for home users is now available for Kaspersky Standard, Kaspersky Plus, and Kaspersky Premium subscribers.KASPERSKY.COM
3 NovHacker steals over $120 million from Balancer DeFi crypto protocolThe Balancer Protocol announced that hackers had targeted its v2 pools, with losses reportedly estimated to be more than $128 million. [...]BLEEPINGCOMPUTER.COM