🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
7 Nov KEVCisco fixes critical flaws in Unified Contact Center ExpressCisco released patches for two critical vulnerabilities in its Unified Contact Center Express (CCX) that could allow attackers to bypass authentication and execute commands as root on the underlying system. The company also warned today about a new attack variation targeting two …CSOONLINE.COM
7 NovAmazon WorkSpaces for Linux Vulnerability Exposes Valid Auth Tokens to AttackersA recently disclosed vulnerability in the Amazon WorkSpaces client for Linux exposes a critical security flaw that could allow attackers to gain unauthorized access to user environments due to improper handling of authentication tokens. The issue, tracked as CVE-2025-12779, has p…GBHACKERS.COM
7 NovChrome 142 Update Patches High-Severity FlawsAn out-of-bounds write flaw in WebGPU tracked as CVE-2025-12725 could be exploited for remote code execution. The post Chrome 142 Update Patches High-Severity Flaws appeared first on SecurityWeek .SECURITYWEEK.COM
7 NovCisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362submitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/11/cisco-warns-of-new-firewall-attack.htmlSH.ITJUST.WORKS
7 NovData Exposure Vulnerability Found in Deep Learning Tool KerasThe vulnerability is tracked as CVE-2025-12058 and it can be exploited for arbitrary file loading and conducting SSRF attacks. The post Data Exposure Vulnerability Found in Deep Learning Tool Keras appeared first on SecurityWeek .SECURITYWEEK.COM
7 NovLandfall Android Spyware Targeted Samsung Phones via Zero-DayThreat actors exploited CVE-2025-21042 to deliver malware via specially crafted images to users in the Middle East. The post Landfall Android Spyware Targeted Samsung Phones via Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
7 NovSamsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsAppA now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a "commercial-grade" Android spyware dubbed LANDFALL in targeted attacks in the Middle East. The activity involved the exploitation of CVE-2025-21042 (CVSS score: 8.8), an out-of-…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 23[−]
7 NovMalicious npm packages contain Vidar infostealerMalicious code continues to be uploaded to open source repositories, making it a challenge for responsible developers to trust what’s there, and for CISOs to trust applications that include open source code. The latest example comes from researchers at Datadog Security, who said …CSOONLINE.COM
7 NovClaude Desktop Hit by Critical RCE Flaws Allowing Remote Code ExecutionSecurity researchers have uncovered severe remote code execution vulnerabilities in three official Claude Desktop extensions developed and published by Anthropic. The Chrome, iMessage, and Apple Notes connectors, which collectively boast over 350,000 downloads and occupy prominen…GBHACKERS.COM
7 NovInnovative Tools and Tactics in CybersecurityIn this episode of 'Cybersecurity Today,' hosted by Jim Love, the focus is on recent developments and tactics in cybersecurity. The episode discusses Meter's networking solutions, the innovative tactics of the ransomware group Killen using common Windows tools, and three new open…CYBERSECURITYTODAY.LIBSYN.COM
7 NovWhy can’t enterprises get a handle on the cloud misconfiguration problem?Seven years ago, I wrote about how cloud security configuration errors were putting enterprise data at risk. Amazon storage buckets were being left open to the public left and right, with millions of sensitive records exposed. Companies were new to the whole cloud thing, and clou…CSOONLINE.COM
7 NovWie CISOs vom ERP-Leid profitierenSecurity Platformization ist eine Herausforderung – gut, wenn man vorher weiß, worauf es (nicht) ankommt. Jacob Lund / Shutterstock Studienerkenntnissen zufolge sind in einem durchschnittlichen (Groß-)Unternehmen zwischen 40 und 80 separate Sicherheits-Tools im Einsatz. Wildwuchs…CSOONLINE.COM
7 NovNew Phishing Campaign Targets Travelers via Compromised Hotel Booking.com AccountsCybersecurity researchers have uncovered a sophisticated phishing campaign that exploits compromised hotel booking accounts to defraud travellers worldwide. The campaign, which has been active since at least April 2025, leverages stolen credentials from hotel administrators to im…GBHACKERS.COM
7 NovOver 15 Malicious npm Packages Exploiting Windows to Deploy Vidar MalwareDatadog Security Research has uncovered a sophisticated supply chain attack targeting the npm ecosystem, involving 17 malicious packages across 23 releases designed to deliver the Vidar infostealer malware to Windows systems. The campaign, attributed to a threat actor cluster tra…GBHACKERS.COM
7 NovBusiness continuity and cybersecurity: Two sides of the same coinAs someone who has spent over six years in the trenches of IT operations at Amazon, managing critical infrastructure that cannot afford downtime, I’ve witnessed firsthand how the convergence of cyberthreats and business continuity has fundamentally changed the game for executives…CSOONLINE.COM
7 NovAttackers Exploit Active Directory Sites to Escalate Privileges and Compromise DomainSecurity researchers have uncovered a dangerous attack vector targeting Active Directory Sites, a critical yet often overlooked component of enterprise network infrastructure. According to a recent technical analysis by Quentin Roland, attackers can exploit ACL-based attack paths…GBHACKERS.COM
7 Nov‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phonesA newly identified Android spyware targeted Galaxy devices for close to a year, including users in the Middle East, researchers exclusively tell TechCrunch.TECHCRUNCH.COM
7 NovVibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplaceIn a suspected test effort, unknown actors have successfully embedded a strain of ransomware-style behavior, dubbed Ransomvibe, into extensions listed for Visual Studio Code. According to Secure Annex findings, the malicious code published to the VSCode extension marketplace was …CSOONLINE.COM
7 NovNew Analysis Reveals LockBit 5.0’s Core Features and Dual-Stage Attack ModelLockBit has remained one of the most dominant ransomware-as-a-service (RaaS) groups in the world since its emergence as ABCD ransomware in 2019 and official launch as LockBit in 2020. Despite high-profile setbacks including international law enforcement takedowns in early 2024 an…GBHACKERS.COM
7 NovWashington Post victim of Cl0p gang Oracle hackWashington Post is latest victim of Oracle-hacking Cl0p gang | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/security/washington-post-clop-oracle-ebs-victim-zero-day-hack/SH.ITJUST.WORKS
7 NovDefending digital identity from computer-using agents (CUAs)For years, organizations have relied on passwords and multi-factor authentication (MFA) based on shared secrets like SMS codes and one-time passwords (OTPs) as the foundation of identity security. The rise of computer-using agents (CUAs) will accelerate attackers’ ability to auto…CSOONLINE.COM
7 NovClickFix Attack Evolves: Weaponized Videos Trigger Self-Infection TacticsClickFix attacks have surged dramatically over the past year, cementing their position as pivotal tools in the modern attacker’s arsenal. These sophisticated social engineering campaigns coerce users into executing malicious code on their own devices, bypassing traditional awaren…GBHACKERS.COM
7 NovBronze Butler APT Exploits 0-Day Bug to Root Japan Orgssubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/application-security/bronze-butler-apt-exploits-zero-day-vuln-root-japanSH.ITJUST.WORKS
7 NovID verification laws are fueling the next wave of breachesID laws are forcing companies to store massive amounts of sensitive data, turning compliance into a security risk. Acronis explains how integrated backup and cybersecurity platforms help MSPs reduce complexity and close the gaps attackers exploit. [...]BLEEPINGCOMPUTER.COM
7 Nov KEVCisco: Actively exploited firewall flaws now abused for DoS attacksCisco warned this week that two vulnerabilities, which have been exploited in zero-day attacks, are now being abused to force ASA and FTD firewalls into reboot loops. [...]BLEEPINGCOMPUTER.COM
7 NovKubevirt security auditThe Open Source Technology Improvement Fund, Inc. , thanks to funding provided by Sovereign Tech Fund (STF), engaged with Quarkslab to perform a security audit of KubeVirt .QUARKSLAB.COM
7 NovPhishing Emails Use Invisible Hyphens to Avoid DetectionA phishing campaign is using invisible characters to evade security filters, according to Jan Kopriva at the SANS Internet Storm Center.KNOWBE4.COM
7 NovQNAP fixes seven NAS zero-day flaws exploited at Pwn2OwnQNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition. [...]BLEEPINGCOMPUTER.COM
7 NovNew LandFall spyware exploited Samsung zero-day via WhatsApp messagesA threat actor exploited a zero-day vulnerability in Samsung's Android image processing library to deploy a previously unknown spyware called 'LandFall' using malicious images sent over WhatsApp. [...]BLEEPINGCOMPUTER.COM
7 NovMultiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. D…CISECURITY.ORG
📢 SECURITY ADVISORIES 7[−]
7 NovOPNsense Firewall Update Addresses Multiple Security Issues and Enhances FeaturesThe OPNsense project has released version 25.7.7, delivering critical security improvements and performance enhancements to strengthen enterprise firewall deployments. This update represents a significant step forward in addressing infrastructure vulnerabilities while introducing…GBHACKERS.COM
7 NovU.S. Congressional Budget Office Hit by Cyberattack, Sensitive Data CompromisedThe Congressional Budget Office (CBO), which serves as Congress’s official financial advisor, has been targeted in a suspected cyberattack by suspected foreign actors. The breach exposed sensitive financial research data that lawmakers rely on to make crucial budgeting deci…GBHACKERS.COM
🔥 INCIDENT REPORTING 16[−]
7 NovCavalry Werewolf Launches Cyberattack on Government Agencies to Deploy Network BackdoorIn July 2025, Doctor Web’s anti-virus laboratory received a critical alert from a government-owned organization within the Russian Federation. The institution suspected a network compromise after discovering spam emails originating from one of their corporate email addresse…GBHACKERS.COM
7 NovVibe-Coded Malicious VS Code Extension Found with Built-In Ransomware CapabilitiesCybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be created with the help of artificial intelligence – in other words, vibe-coded. Secure Annex researcher John Tuckner, who flagged the ext…THEHACKERNEWS.COM
7 NovInfluence of Chinese Hacker Organizations on U.S. Foreign PolicyChinese cyber-espionage groups have once again demonstrated their determination and technical prowess in targeting U.S. organizations with ties to international policy-making, highlighting the persistent and evolving threat posed by state-linked cyber actors. Evidence indicates t…GBHACKERS.COM
7 NovDestructive Russian Cyberattacks on Ukraine Expand to Grain SectorMultiple state-sponsored Russian groups are targeting Ukrainian entities and European countries linked to Ukraine. The post Destructive Russian Cyberattacks on Ukraine Expand to Grain Sector appeared first on SecurityWeek .SECURITYWEEK.COM
7 NovThe Congressional Budget Office Was Hacked. It Says It Has Implemented New Security MeasuresThe Congressional Budget Office confirmed it had been hacked, potentially disclosing important government data to malicious actors. The post The Congressional Budget Office Was Hacked. It Says It Has Implemented New Security Measures appeared first on SecurityWeek .SECURITYWEEK.COM
7 NovU.S. Congressional Budget Office hit by suspected foreign cyberattacksubmitted by kid to cybersecurity 4 points | 0 comments https://www.bleepingcomputer.com/news/security/us-congressional-budget-office-hit-by-suspected-foreign-cyberattack/SH.ITJUST.WORKS
7 NovThreat Actors Use Stolen RDP Credentials to Deploy Cephalus RansomwareA new ransomware group, Cephalus, has emerged in the cybersecurity threat landscape, targeting organizations through compromised Remote Desktop Protocol (RDP) accounts. First detected in mid-June 2025, this group represents a growing threat to businesses that have not implemented…GBHACKERS.COM
7 NovNikkei Suffers Breach Via Slack Compromisesubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/nikkei-suffers-breach-slack-compromiseSH.ITJUST.WORKS
7 NovAI-Slop ransomware test sneaks on to VS Code marketplacesubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/ai-slop-ransomware-test-sneaks-on-to-vs-code-marketplace/SH.ITJUST.WORKS
7 NovIn Other News: Controversial Ransomware Report, Gootloader Returns, More AN0M ArrestsOther noteworthy stories that might have slipped under the radar: rogue ransomware negotiators charged, F5 hack prompts OT security guidance, Germany targets Huawei tech. The post In Other News: Controversial Ransomware Report, Gootloader Returns, More AN0M Arrests appeared first…SECURITYWEEK.COM
7 NovFrom Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage ToolsA China-linked threat actor has been attributed to a cyber attack targeting an U.S. non-profit organization with an aim to establish long-term persistence, as part of broader activity aimed at U.S. entities that are linked to or involved in policy issues. The organization, accord…THEHACKERNEWS.COM
7 NovCongressional Budget Office confirms it was hackedThe congressional research office confirmed a breach, but did not comment on the cause. A security researcher suggested the hack may have originated because CBO failed to patch a firewall for more than a year.TECHCRUNCH.COM
7 NovCavalry Werewolf Launches Cyberattack on Government Agencies to Deploy Network Backdoorsubmitted by kid to cybersecurity 2 points | 0 comments https://gbhackers.com/cavalry-werewolf/SH.ITJUST.WORKS
7 NovWhisper Leak: A novel side-channel attack on remote language modelsMicrosoft has discovered a side-channel attack on language models which allows adversaries to conclude model conversation topics, despite being encrypted. The post Whisper Leak: A novel side-channel attack on remote language models appeared first on Microsoft Security Blog .MICROSOFT.COM
7 NovAfrica is Being Targeted by a Surge in AI-Fueled Phishing AttacksAI-fueled cyberattacks are increasingly targeting entities across Africa, according to Robert Lemos at Dark Reading. Lemos cites two recent reports from Microsoft and Group-IB that warned of a rise in attacks targeting African organizations, with threat actors using AI to assist …KNOWBE4.COM
7 NovWashington Post confirms data breach linked to Oracle hacksThe Washington Post is the latest victim of a hacking campaign by the notorious Clop ransomware gang, which relied on vulnerabilities in Oracle software used by many corporations.TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 24[−]
7 NovISC Stormcast For Friday, November 7th, 2025 https://isc.sans.edu/podcastdetail/9690, (Fri, Nov 7th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
7 NovSandworm Hackers Target Ukrainian Organizations With Data-Wiping MalwareRussia-aligned threat actor Sandworm has intensified its destructive cyber operations against Ukrainian organizations, deploying data wiper malware to cripple critical infrastructure and weaken the nation’s economy. Unlike other Russia-aligned advanced persistent threat gro…GBHACKERS.COM
7 NovAttackers Deploy LeakyInjector and LeakyStealer to Hijack Crypto Wallets and Browser InfoCybersecurity researchers at Hybrid Analysis have uncovered a sophisticated two-stage malware campaign targeting cryptocurrency wallet users and browser data. The newly identified malware duo, dubbed LeakyInjector and LeakyStealer, represents a significant threat to digital asset…GBHACKERS.COM
7 Nov18 Arrested in Crackdown on Credit Card Fraud RingsBetween 2016 and 2021, the suspects defrauded 4.3 million cardholders in 193 countries of €300 million (~$346 million). The post 18 Arrested in Crackdown on Credit Card Fraud Rings appeared first on SecurityWeek .SECURITYWEEK.COM
7 NovResearchers Bypass Elastic EDR Call-Stack Signatures Using Call GadgetsSecurity researchers have developed a new technique that leverages call gadgets to insert arbitrary modules into the call stack during module loading, successfully bypassing Elastic EDR’s signature-based detection rules. Openness in Elastic EDR Detection Logic Elastic’s policy of…GBHACKERS.COM
7 NovGoogle Launches New Maps Feature to Help Businesses Report Review-Based Extortion AttemptsGoogle on Thursday said it's rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments. The approach is designed to …THEHACKERNEWS.COM
7 NovNew Android Malware ‘Fantasy Hub’ Spies on Users’ Calls, Contacts, and MessagesRussian-based threat actors are actively distributing a sophisticated Android Remote Access Trojan called “Fantasy Hub” via Telegram-based Malware-as-a-Service channels, marking a significant escalation in mobile-focused cybercrime. Fantasy Hub represents a dangerous …GBHACKERS.COM
7 NovDOJ Antitrust Review Clears Google’s $32 Billion Acquisition of WizGoogle’s acquisition of Wiz is expected to close in 2026, but there are other reviews that need to be cleared. The post DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz appeared first on SecurityWeek .SECURITYWEEK.COM
7 NovReport: Nevada State Hackers Evaded Detection for Monthssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bankinfosecurity.in/report-nevada-state-hackers-evaded-detection-for-months-a-29948SH.ITJUST.WORKS
7 NovFaking Receipts with AIOver the past few decades, it’s become easier and easier to create fake receipts. Decades ago, it required special paper and printers—I remember a company in the UK advertising its services to people trying to cover up their affairs. Then, receipts became computerized…SCHNEIER.COM
7 NovHerodotus Android Banking Trojan Takes Over Devices, Outsmarts Security ToolsA new threat has surfaced in the mobile banking landscape Herodotus, a sophisticated Android banking Trojan that has been wreaking havoc in recent weeks. Offered under the notorious Malware-as-a-Service (MaaS) model, Herodotus leverages social engineering and technical deception,…GBHACKERS.COM
7 NovMalicious npm packages contain Vidar infostealer | CSO Onlinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.csoonline.com/article/4086415/malicious-npm-packages-contain-vidar-infostealer-2.htmlSH.ITJUST.WORKS
7 NovClickFix Attacks Against macOS Users EvolvingClickFix prompts typically contain instructions for Windows users, but now they are tailored for macOS and they are getting increasingly convincing. The post ClickFix Attacks Against macOS Users Evolving appeared first on SecurityWeek .SECURITYWEEK.COM
7 NovHacktivist-Driven DDoS Dominates Attacks on Public Sector - Infosecurity Magazinesubmitted by kid to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/hacktivistdriven-ddos-attacks/SH.ITJUST.WORKS
7 NovGerman ISP aurologic GmbH Identified as Key Hub for Malicious Hosting InfrastructureGerman hosting provider aurologic GmbH has emerged as a critical hub within the global malicious infrastructure ecosystem, according to recent intelligence reporting. The Langen-based ISP, which operates AS30823, serves as a primary upstream provider to multiple threat activity e…GBHACKERS.COM
7 NovSandworm hackers use data wipers to disrupt Ukraine's grain sectorsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/sandworm-hackers-use-data-wipers-to-disrupt-ukraines-grain-sector/SH.ITJUST.WORKS
7 NovIntroducing KnowBe4 Studios | Fresh Content Updates from October 2025We’re thrilled to announce KnowBe4 Studios , uniting our world-class creative teams under one powerful brand. Leveraging the latest AI technologies and the expertise of our global content creators, we’re set to produce more engaging cybersecurity training than ever before —includ…KNOWBE4.COM
7 NovRadical Empowerment From Your Leadership: Understood by Few, Essential for AllWhen leaders redefine power as trust instead of control, teams unlock their potential — and organizations find their edge. The post Radical Empowerment From Your Leadership: Understood by Few, Essential for All appeared first on SecurityWeek .SECURITYWEEK.COM
7 NovWarning: Malicious Apps Are Impersonating AI ToolsResearchers at Appknox warn that malicious apps are impersonating popular AI tools like ChatGPT and DALL-E to trick users into installing malware on their mobile devices. Some of these apps simply collect user data to be sold to advertising services, while others act as full-fled…KNOWBE4.COM
7 NovHidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installationsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/11/hidden-logic-bombs-in-malware-laced.htmlSH.ITJUST.WORKS
7 NovMalicious Infrastructure Finds Stability with aurologic GmbHsubmitted by kid to cybersecurity 2 points | 0 comments https://www.recordedfuture.com/research/malicious-infrastructure-finds-stability-with-aurologic-gmbhSH.ITJUST.WORKS
7 NovFriday Squid Blogging: Squid Game: The Challenge, Season TwoThe second season of the Netflix reality competition show Squid Game: The Challenge has dropped. (Too many links to pick a few—search for it.) As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog modera…SCHNEIER.COM
7 NovAI-Obfuscating Malware, China Influence Ops, and Meta’s Fraud Fortune and Jason Wood - SWN #527This week we have AI-Obfuscating Malware, China Influence Ops, and Meta’s Fraud Fortune, Jason Wood, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-527YOUTUBE.COM
7 NovThe who, where, and how of APT attacks in Q2 2025–Q3 2025ESET Chief Security Evangelist Tony Anscombe highlights some of the key findings from the latest issue of the ESET APT Activity ReportWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
7 NovHidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After InstallationA set of nine malicious NuGet packages has been identified as capable of dropping time-delayed payloads to sabotage database operations and corrupt industrial control systems. According to software supply chain security company Socket, the packages were published in 2023 and 2024…THEHACKERNEWS.COM
7 NovMalicious NuGet packages drop disruptive 'time bombs'Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 5[−]
7 NovEnterprise Credentials at Risk – Same Old, Same Old?Imagine this: Sarah from accounting gets what looks like a routine password reset email from your organization’s cloud provider. She clicks the link, types in her credentials, and goes back to her spreadsheet. But unknown to her, she’s just made a big mistake. Sarah j…THEHACKERNEWS.COM
7 NovLeak confirms Google Gemini 3 Pro and Nano Banana 2 could launch soonGoogle is planning to ship two new models. One is Gemini 3, which is optimised for coding and regular use, and the second is Nano Banano 2 for generating realistic images. [...]BLEEPINGCOMPUTER.COM
7 NovHow scammers use email for blackmail and extortion | Kaspersky official blogWhat to do and how to react if you receive a threatening email.KASPERSKY.COM
7 NovMicrosoft testing faster Quick Machine Recovery in Windows 11Microsoft is testing a faster version of Quick Machine Recovery (QMR) and updated Smart App Control (SAC), allowing users to toggle it without requiring a Windows clean install. [...]BLEEPINGCOMPUTER.COM
7 NovIn memoriam: David HarleyFormer colleagues and friends remember the cybersecurity researcher, author, and mentor whose work bridged the human and technical sides of securityWELIVESECURITY.COM