matlock.ca // THREAT INTELLIGENCE

97Articles

9Categories

2025-11-05Date

🚨

CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation EvidenceThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in que…

KEVTHEHACKERNEWS.COM — 05 Nov 2025

🚨

CISA Issues Alert on Gladinet CentreStack and Triofox Vulnerabilities Under Active ExploitationThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Gladinet CentreStack and Triofox to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. The flaw, tracked as CVE-2025-11371, exposes sensit…

KEVGBHACKERS.COM — 05 Nov 2025

🐛

Critical RCE Bug in Leading React Native NPM Module Could Allow Full System Compromise

GBHACKERS.COM — 05 Nov 2025

🐛

CISA Warns of CWP Vulnerability Exploited in the Wild

KEVSECURITYWEEK.COM — 05 Nov 2025

🐛

AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks

GBHACKERS.COM — 05 Nov 2025

🐛

CISA Alerts of Control Web Panel Command Injection Flaw Actively Exploited

KEVGBHACKERS.COM — 05 Nov 2025

🐛

Office sandbox file security to disappear from enterprise Windows by late 2027, Microsoft confirms

CSOONLINE.COM — 05 Nov 2025

⚠️

Crowdstrike cybersecurity report highlights a spike in physical attacks on privileged users

CSOONLINE.COM — 05 Nov 2025

⚠️

How crooks use IT to enable cargo theft

CSOONLINE.COM — 05 Nov 2025

⚠️

DragonForce Cartel Surfaces from Leaked Conti v3 Ransomware Source Code

GBHACKERS.COM — 05 Nov 2025

⚠️

Ransomware Insider Threats, AI Vulnerabilities, and Major Security Gaffes

CYBERSECURITYTODAY.LIBSYN.COM — 05 Nov 2025

⚠️

Attackers Exploit Microsoft Teams Flaws to Manipulate Messages and Fake Notifications

GBHACKERS.COM — 05 Nov 2025

⚠️

Hackers Abuse OneDrive.exe via DLL Sideloading to Run Malicious Code

GBHACKERS.COM — 05 Nov 2025

⚠️

10 promising cybersecurity startups CISOs should know about

CSOONLINE.COM — 05 Nov 2025

⚠️

Security Professionals Charged for Using BlackCat Ransomware Against American Businesses

KEVGBHACKERS.COM — 05 Nov 2025

⚠️

Jupyter Misconfiguration Exposes Systems to Root Privilege Escalation

GBHACKERS.COM — 05 Nov 2025

⚠️

Hackers Exploit AI Tools to Intensify Ransomware Attacks on European Organizations

GBHACKERS.COM — 05 Nov 2025

⚠️

Defense Against Configurations as CIOs and CISOs Show Value Through Risks and Metrics - BSW #420

YOUTUBE.COM — 2025-11-05

⚠️

APT-C-60 Campaign: Malicious VHDX Hosted on Google Drive Lures Job Applicants

GBHACKERS.COM — 05 Nov 2025

⚠️

Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover

SECURITYWEEK.COM — 05 Nov 2025

⚠️

NGate Malware Enables Unauthorized Cash Withdrawals at ATMs Using Victims’ Payment Cards

GBHACKERS.COM — 05 Nov 2025

⚠️

I wanted the Signal protocol implementation in javascript, but couldnt find one suitable... so i tried to create it myself.

INFOSEC.PUB — 5 Nov 2025

⚠️

Scientists Need a Positive Vision for AI

SCHNEIER.COM — 2025-11-05

⚠️

A Cybercrime Merger Like No Other — Scattered Spider, LAPSUS$, and ShinyHunters Join Forces

SH.ITJUST.WORKS — 5 Nov 2025

⚠️

Hackers exploit WordPress plugin Post SMTP to hijack admin accounts

SH.ITJUST.WORKS — 5 Nov 2025

⚠️

Three Infamous Hacker Groups Join Forces as the ‘Scattered LAPSUS$ Hunters

GBHACKERS.COM — 05 Nov 2025

⚠️

Norway discovers that its Chinese electric buses can be remotely disabled

SH.ITJUST.WORKS — 5 Nov 2025

⚠️

Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data

THEHACKERNEWS.COM — 05 Nov 2025

⚠️

Exploiting Microsoft Teams: Impersonation and Spoofing Vulnerabilities Exposed Microsoft Teams Vulnerabilities Uncovered

SH.ITJUST.WORKS — 5 Nov 2025

⚠️

Clop Ransomware Group Exploits New 0-Day Vulnerabilities in Active Attacks

GBHACKERS.COM — 05 Nov 2025

⚠️

Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly

THEHACKERNEWS.COM — 05 Nov 2025

⚠️

Human Error is Still a Top Contributor to Cyberattacks

KNOWBE4.COM — 05 Nov 2025

⚠️

CISA warns of critical CentOS Web Panel bug exploited in attacks

BLEEPINGCOMPUTER.COM — 05 Nov 2025

⚠️

WordPress plugin hole enables account takeover

CSOONLINE.COM — 05 Nov 2025

⚠️

Russian APT abuses Windows Hyper-V for persistence and malware execution

CSOONLINE.COM — 05 Nov 2025

⚠️

250 Episodes of Cloud Security Podcast by Google: From Confidential Computing to AI-Ready SOC

KEVMEDIUM.COM — 05 Nov 2025

⚠️

Risky Business #813 -- FFmpeg has a point

RISKY.BIZ — 05 Nov 2025

📋

Microsoft: October Windows updates trigger BitLocker recovery

BLEEPINGCOMPUTER.COM — 05 Nov 2025

📋

Microsoft Issues Alert: BitLocker Recovery Risk After October 2025 Updates

GBHACKERS.COM — 05 Nov 2025

📢

Louvre-Raubzug offenbart jahrzehntelanges Security-Versagen

CSOONLINE.COM — 05 Nov 2025

📢

Securing critical infrastructure: Why Europe’s risk-based regulations matter

MICROSOFT.COM — 05 Nov 2025

📢

Cisco security advisory (AV25-726)

CYBER.GC.CA — 2025-11-05

🔥

Curly COMrades Hacker Group Deploys New Tools for Stealthy Remote Access on Compromised Windows 10 Systems

GBHACKERS.COM — 05 Nov 2025

🔥

Swedish IT Company Data Breach Exposes Personal Details of 1.5 Million Users

GBHACKERS.COM — 05 Nov 2025

🔥

Nikkei Says 17,000 Impacted by Data Breach Stemming From Slack Account Hack

SECURITYWEEK.COM — 05 Nov 2025

🔥

Mysterious 'SmudgedSerpent' Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions

THEHACKERNEWS.COM — 05 Nov 2025

🔥

Why SOC Burnout Can Be Avoided: Practical Steps

THEHACKERNEWS.COM — 05 Nov 2025

🔥

Apache OpenOffice disputes data breach claims by ransomware gang

SH.ITJUST.WORKS — 5 Nov 2025

🔥

Data breach at major Swedish software supplier impacts 1.5 million

SH.ITJUST.WORKS — 5 Nov 2025

🔥

University of Pennsylvania confirms hacker stole data during cyberattack

TECHCRUNCH.COM — 05 Nov 2025

🔥

University of Pennsylvania confirms data stolen in cyberattack

BLEEPINGCOMPUTER.COM — 05 Nov 2025

🔥

SonicWall says state-sponsored hackers behind security breach in September

BLEEPINGCOMPUTER.COM — 05 Nov 2025

🔥

5 ways to strengthen your firewall and endpoint’s defenses against ransomware

SOPHOS.COM — 05 Nov 2025

🔥

Hyundai AutoEver America data breach exposes SSNs, drivers licenses

BLEEPINGCOMPUTER.COM — 05 Nov 2025

🔥

2 Billion Email Addresses Were Exposed, and We Indexed Them All in Have I Been Pwned

TROYHUNT.COM — 05 Nov 2025

🕵️

ISC Stormcast For Wednesday, November 5th, 2025 https://isc.sans.edu/podcastdetail/9686, (Wed, Nov 5th)

ISC.SANS.EDU — 05 Nov 2025

🕵️

Silent Lynx APT New Attack Targeting Governmental Employees Posing as Officials

GBHACKERS.COM — 05 Nov 2025

🕵️

FIN7 Hackers Leverage Windows SSH Backdoor for Stealthy Remote Access and Persistence

GBHACKERS.COM — 05 Nov 2025

🕵️

US Sanctions North Korean Bankers Accused of Laundering Stolen Cryptocurrency

SECURITYWEEK.COM — 05 Nov 2025

🕵️

US sanctions North Korean bankers linked to cybercrime, IT worker fraud

BLEEPINGCOMPUTER.COM — 05 Nov 2025

🕵️

Portal26 Raises $9 Million for Gen-AI Adoption Platform

SECURITYWEEK.COM — 05 Nov 2025

🕵️

U.S. Sanctions 10 North Korean Entities for Laundering $12.7M in Crypto and IT Fraud

THEHACKERNEWS.COM — 05 Nov 2025

🕵️

Daylight Raises $33 Million for AI-Powered MDR Platform

SECURITYWEEK.COM — 05 Nov 2025

🕵️

Google Warns: AI Makes Cyber Threats Faster and Smarter by 2026

GBHACKERS.COM — 05 Nov 2025

🕵️

ConductorOne Raises $79 Million in Series B Funding

SECURITYWEEK.COM — 05 Nov 2025

🕵️

Microsoft pulls 200 Rhysida certificates | Cybernews

SH.ITJUST.WORKS — 5 Nov 2025

🕵️

Malanta Emerges from Stealth with $10 Million Seed Funding

SECURITYWEEK.COM — 05 Nov 2025

🕵️

Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks - SecurityWeek

SH.ITJUST.WORKS — 5 Nov 2025

🕵️

Beware: 239 Dangerous Android Apps Found on Google Play with 40M+ Installs

GBHACKERS.COM — 05 Nov 2025

🕵️

Armis Raises $435 Million in Pre-IPO Funding Round at $6.1 Billion Valuation

SECURITYWEEK.COM — 05 Nov 2025

🕵️

Pro-Russian Hackers Use Linux VMs to Hide in Windows

SH.ITJUST.WORKS — 5 Nov 2025

🕵️

Flare Raises $30 Million for Threat Exposure Management Platform

SECURITYWEEK.COM — 05 Nov 2025

🕵️

Solving the AI Black Box Problem with Prisma AIRS 2.0

PALOALTONETWORKS.COM — 05 Nov 2025

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 5 Nov 2025

🕵️

Webinar Today: Scattered Spider Exposed – Critical Takeaways for Cyber Defenders

SECURITYWEEK.COM — 05 Nov 2025

🕵️

Operation Peek-a-Baku: Silent Lynx APT Targets Dushanbe with Espionage Campaign

SH.ITJUST.WORKS — 5 Nov 2025

🕵️

The Rapid Advancement of Malicious AI Is Changing Cyberdefense Forevermore

KNOWBE4.COM — 05 Nov 2025

🕵️

Fehlendes KI-Training wird zum Sicherheitsrisiko

CSOONLINE.COM — 05 Nov 2025

🕵️

Google warns of new AI-powered malware families deployed in the wild

BLEEPINGCOMPUTER.COM — 05 Nov 2025

🕵️

Detecting fraudulent North Korean hires: A CISO playbook

SOPHOS.COM — 05 Nov 2025

🕵️

Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns

SECURITYWEEK.COM — 05 Nov 2025

🕵️

Updates to Domainname API, (Wed, Nov 5th)

ISC.SANS.EDU — 05 Nov 2025

🕵️

Rogue Negotiators, Gemini Pulled, Apple’s AI Shift, Disappearing CAPTCHAs, and More! - SWN #526

YOUTUBE.COM — 2025-11-05

🕵️

New Study Warns of AI-Driven Extortion Attacks

KNOWBE4.COM — 05 Nov 2025

🕵️

The limits of zero-knowledge for age-verification | Brave

INFOSEC.PUB — 5 Nov 2025

🌐

Faster, safer, stronger: Sophos Firewall v22 security enhancements

SOPHOS.COM — 05 Nov 2025

🌐

Gootloader malware is back with new tricks after 7-month break

BLEEPINGCOMPUTER.COM — 05 Nov 2025

📡

Securing the Open Android Ecosystem with Samsung Knox

THEHACKERNEWS.COM — 05 Nov 2025

📡

Police busts credit card fraud rings with 4.3 million victims

BLEEPINGCOMPUTER.COM — 05 Nov 2025

📡

Armis raises $435M pre-IPO round at $6.1B valuation after refusing M&A offers

TECHCRUNCH.COM — 05 Nov 2025

📡

Google gets the US government’s green light to acquire Wiz for $32B

TECHCRUNCH.COM — 05 Nov 2025

📡

Cyber theory vs practice: Are you navigating with faulty instruments?

BLEEPINGCOMPUTER.COM — 05 Nov 2025

📡

UK carriers to block spoofed phone numbers in fraud crackdown

BLEEPINGCOMPUTER.COM — 05 Nov 2025

📡

Windows 11 Store gets Ninite-style multi-app installer feature

BLEEPINGCOMPUTER.COM — 05 Nov 2025

📡

Half of the world's satellite traffic is unencrypted | Kaspersky official blog

KASPERSKY.COM — 05 Nov 2025

📡

Sharing is scaring: The WhatsApp screen-sharing scam you didn’t see coming

WELIVESECURITY.COM — 05 Nov 2025

📡

How Workers VPC Services connects to your regional private networks from anywhere in the world

CLOUDFLARE.COM — 05 Nov 2025