🚨 CISA KEV 1[−]
10 Nov KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-21042 Samsung Mobile Devices Out-of-Bounds Write Vulnerability This type of vulnerability is a frequent attack vector f…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
10 Nov KEVMonsta FTP Remote Code Execution Flaw Being Exploited in the WildSecurity researchers have discovered an actively exploited remote code execution vulnerability in Monsta FTP, a web-based FTP client used by financial institutions, enterprises, and individual users worldwide. The flaw, now tracked as CVE-2025-34299, affects versions up to 2.11.2…GBHACKERS.COM
10 NovHackers Abuse runc Tool to Escape Containers and Compromise HostsThree critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation and gain root access to host systems. The flaws, identified as CVE-2025-31133, CVE-2025-52565, …GBHACKERS.COM
10 NovElastic Defend for Windows Vulnerability Allows Threat Actors to Gain Elevated AccessElastic has released a security advisory addressing a significant vulnerability in Elastic Defend that could allow attackers to escalate their privileges on Windows systems. The vulnerability, tracked as CVE-2025-37735, stems from improper preservation of file permissions in the …GBHACKERS.COM
10 NovLangGraph Deserialization Flaw Enables Execution of Malicious Python CodeA critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization library, affecting versions before 3.0. The flaw resides in the JsonPlusSerializer component, which is the default serialization protocol used for all checkpointing op…GBHACKERS.COM
10 NovRuntime bugs break container walls, enabling root on Docker hostsThree newly disclosed high-severity bugs in the “runc” container runtime let attackers break out of containers despite standard hardening and isolation controls. According to Aleksa Sarai, a senior software engineer at SUSE and an OCI board member, the bugs stem from logic flaws …CSOONLINE.COM
10 NovPopular npm Library Used in AI and NLP Projects Exposes Systems to RCEA critical remote code execution vulnerability has been discovered in the widely used JavaScript library expr-eval, affecting thousands of projects that rely on it for mathematical expression evaluation and natural language processing. The vulnerability, tracked as CVE-2025-12735…GBHACKERS.COM
10 NovJust a moment...submitted by kid to cybersecurity 2 points | 0 comments https://securityboulevard.com/2025/11/jumpserver-connection-token-improper-authentication-vulnerability-cve-2025-62712-notice/SH.ITJUST.WORKS
10 NovRunc Vulnerabilities Can Be Exploited to Escape ContainersThe flaws tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881 have been patched. The post Runc Vulnerabilities Can Be Exploited to Escape Containers appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovChromium: CVE-2025-12729 Inappropriate implementation in OmniboxThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.MSRC.MICROSOFT.COM
10 NovChromium: CVE-2025-12728 Inappropriate implementation in OmniboxThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 21[−]
10 NovUS Congressional Budget Office Breach, AI in Cyber Attacks & Veterans Defend CanadaCybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst In today's …CYBERSECURITYTODAY.LIBSYN.COM
10 NovNew Whisper-Based Attack Reveals User Prompts Hidden Inside Encrypted AI TrafficMicrosoft researchers have unveiled a sophisticated side-channel attack targeting remote language models that could allow adversaries to infer conversation topics from encrypted network traffic. Despite end-to-end encryption via Transport Layer Security (TLS), the attack exploits…GBHACKERS.COM
10 NovEx-Intel Employee Hid 18,000 Sensitive Documents Prior to Leaving the CompanyIntel is pursuing legal action against a former software engineer who the company claims downloaded thousands of confidential files shortly after being fired in July. The incident highlights growing concerns about data security during workforce reductions and employee departures.…GBHACKERS.COM
10 NovCISOs must prove the business value of cyber — the right metrics can helpFor most organizations, cybersecurity has always been seen as a cost center rather than a business enabler or revenue driver. Executives perceive cybersecurity as a necessary evil that pulls funds away from more important, income-generating functions like marketing and product de…CSOONLINE.COM
10 NovWhy you should purple team your SOCIn my previous article — Your SOC is the parachute — I wrote about how many security operations centers (SOCs) would fail the moment we pull the ripcord. They’re overloaded, reactive, and often disconnected from how breaches actually happen. I want to move the discussion forward.…CSOONLINE.COM
10 NovHackers Exploit Websites to Inject Malicious Links for SEO ManipulationA surge in online casino spam is reshaping the dark corners of the internet, with threat actors increasingly hacking websites to embed malicious SEO-boosting links. This evolving tactic aims to promote online gambling sites by hijacking the authority of legitimate websites puttin…GBHACKERS.COM
10 NovGlassWorm Malware Discovered in Three VS Code Extensions with Thousands of InstallsCybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code (VS Code) ecosystem. The extensions in question, which are still available for do…THEHACKERNEWS.COM
10 NovResearchers trick ChatGPT into prompt injecting itselfAI chatbots have opened a new frontier of attack vectors against users and their data, and not even industry leaders are immune. Following recent flaws discovered in Google’s Gemini and Anthropic’s Claude , it’s now ChatGPT’s turn. Researchers from security firm Tenable discovere…CSOONLINE.COM
10 NovRansomware Operators Exploit RMM Tools to Deploy Medusa and DragonForceCybersecurity researchers at Zensec have exposed a sophisticated supply-chain attack campaign that weaponised trusted Remote Monitoring and Management (RMM) infrastructure to deploy ransomware across multiple UK organisations throughout early 2025. The investigation reveals how t…GBHACKERS.COM
10 NovQNAP Patches Vulnerabilities Exploited at Pwn2Own IrelandMultiple vulnerabilities across QNAP’s portfolio could lead to remote code execution, information disclosure, and denial-of-service (DoS) conditions. The post QNAP Patches Vulnerabilities Exploited at Pwn2Own Ireland appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovWhisper Leak uses a side channel attack to eavesdrop on encrypted AI conversationsResearchers at Microsoft have revealed a new side channel attack named Whisper Leak that can reveal the topic of encrypted conversations between users and language models, even without access to the underlying text. The discovery highlights a growing blind spot in AI security whe…CSOONLINE.COM
10 NovLANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devicessubmitted by kid to cybersecurity 1 points | 0 comments https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/SH.ITJUST.WORKS
10 Nov⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and MoreCyber threats didn’t slow down last week—and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild. But that’s just the surface. From sleeper logic bombs to a…THEHACKERNEWS.COM
10 NovMAD-CAT “Meow” Tool Sparks Real-World Data Corruption AttacksThe infamous Meow attack, which devastated unsecured databases since 2020, has resurfaced with renewed force through MAD-CAT (Meow Attack Data Corruption Automation Tool). This custom-built adversarial simulation tool demonstrates how easily attackers can corrupt data across mult…GBHACKERS.COM
10 NovNuGet Supply-Chain Exploit Uses Timed Destructive Payloads Against ICSA sophisticated supply chain attack has compromised critical industrial control systems through nine malicious NuGet packages designed to inject time-delayed destructive payloads into database operations and manufacturing environments. Socket’s Threat Research Team identifi…GBHACKERS.COM
10 NovIncident Response Team (ShieldForce) Partners with AccuKnox for Zero Trust CNAPP in Latin AmericaMenlo Park, CA, USA, November 10th, 2025, CyberNewsWire AccuKnox, a leader in Zero Trust Cloud-Native Application Protection Platforms (CNAPP), announced a strategic partnership with Incident Response Team SA DE CV (ShieldForce) and DeepRoot Technologies, a global cybersecur…GBHACKERS.COM
10 NovLayered security: How SMBs can protect against sophisticated cyberthreats during the holiday season.Small and medium-size businesses (SMBs) face a daunting cybersecurity landscape. With 29% of businesses with fewer than 25 employees and nearly one in five midsize SMBs (19%) having experienced ransomware attacks in 2025 , the threat is no longer theoretical; it’s a statistical i…CSOONLINE.COM
10 NovATT&CK → ATLAS: A CISO’s Blueprint for AI Governance - Sandy Dunn - CSP #218CISO Sandy Dunn breaks down her blueprint for AI-ready defense—pairing MITRE ATT&CK v18 with MITRE ATLAS to move from policy to behavior-based detections. We hit practical AI governance, her early focus on defending and understanding AI, and how OWASP GenAI tools turn checkli…YOUTUBE.COM
10 NovPopular JavaScript library expr-eval vulnerable to RCE flawA critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. [...]BLEEPINGCOMPUTER.COM
10 NovCISA orders feds to patch Samsung zero-day used in spyware attacksCISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp. [...]BLEEPINGCOMPUTER.COM
10 NovMultiple Vulnerabilities in Google Android OS Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful …CISECURITY.ORG
📢 SECURITY ADVISORIES 9[−]
10 NovEuropean Commission moves to loosen GDPR for AI and cookie trackingThe European Commission is preparing sweeping revisions to the General Data Protection Regulation (GDPR) that could redefine how enterprises handle personal data — from cookie tracking to AI model training — in what privacy advocates warn could weaken the EU’s privacy framework. …CSOONLINE.COM
10 NovEU's cybersecurity agency reports surge in cyberattacks against public administrations across Europesubmitted by Penguin to cybersecurity 2 points | 0 comments https://industrialcyber.co/reports/enisa-report-reveals-surge-in-ddos-and-data-breaches-against-eu-public-administration cross-posted from: lemmy.kde.social/post/4937011 Archived link A new report from ENISA (European Un…INFOSEC.PUB
10 NovEU's cybersecurity agency reports surge in cyberattacks against public administrations across Europesubmitted by Penguin to cybersecurity 3 points | 0 comments https://industrialcyber.co/reports/enisa-report-reveals-surge-in-ddos-and-data-breaches-against-eu-public-administration Archived link A new report from ENISA (European Union Agency for Cybersecurity) warns that public a…SH.ITJUST.WORKS
10 NovCyber information sharing law would get extension under shutdown deal bill | CyberScoopsubmitted by kid to cybersecurity 2 points | 0 comments https://cyberscoop.com/cisa-2015-shutdown-extension-continuing-resolution/SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 13[−]
10 NovData Leak Exposes Chinese State-Sponsored Cyber Arsenal and Target DatabaseIn early November 2025, a massive data breach at Knownsec, a prominent Chinese cybersecurity firm with government ties, sent shockwaves through the international security community. The incident, reported on November 2, resulted in the theft of over 12,000 classified documents ex…GBHACKERS.COM
10 NovAPT Groups Target Construction Firms to Steal RDP, SSH, and Citrix CredentialsThe construction industry has emerged as a primary target for sophisticated cyber adversaries in 2025, with threat actors including state-sponsored APT groups, ransomware operators, and organized cybercriminal networks actively targeting organizations across the building and cons…GBHACKERS.COM
10 NovLarge-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT MalwareCybersecurity researchers have called attention to a massive phishing campaign targeting the hospitality industry that lures hotel managers to ClickFix-style pages and harvest their credentials by deploying malware like PureRAT. "The attacker's modus operandi involved using a com…THEHACKERNEWS.COM
10 NovHack halts Dutch broadcaster, forcing radio hosts back to LPsA Dutch TV and radio broadcaster has found itself at the mercy of cybercriminals after suffering a cyber attack, and leaving it scrambling to find ways to play music to its listeners. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
10 NovNearly 30 Alleged Victims of Oracle EBS Hack Named on Cl0p Ransomware SiteThe Cl0p website lists major organizations such as Logitech, The Washington Post, Cox Enterprises, Pan American Silver, LKQ Corporation, and Copeland. The post Nearly 30 Alleged Victims of Oracle EBS Hack Named on Cl0p Ransomware Site appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovData breach at Chinese infosec firm reveals weapons arsenal • The Registersubmitted by kid to cybersecurity 2 points | 0 comments https://www.theregister.com/2025/11/09/asia_tech_news_roundup/SH.ITJUST.WORKS
10 NovWhy a lot of people are getting hacked with government spywareGovernment surveillance vendors want us to believe their spyware products are only used in limited and targeted operations against terrorists and serious criminals. That claim is increasingly difficult to justify, given the broad range of victims — journalists, activists, and now…TECHCRUNCH.COM
10 NovAndroid Users Hit by Malware Disguised as Relaxation ProgramsA sophisticated new cyberattack targeting Android devices in South Korea has been uncovered, leveraging Google’s asset-tracking feature, Find Hub, to remotely wipe sensitive user data. Threat actors disguised as psychological counselors and North Korean human rights activis…GBHACKERS.COM
10 NovVibe-codierte Ransomware auf Microsoft Marketplace entdecktForscher haben eine Visual- Studio- Code-Erweiterung mit Ransomware-Funktionen entdeckt. fadfebrian – shutterstock.com Der Sicherheitsspezialist Secure Annex stellte kürzlich fest, dass eine Schadsoftware namens „Ransomvibe” in Erweiterungen für den Quellcode-Editor Visual Studio…CSOONLINE.COM
10 NovYanluowang initial access broker to plead guilty to ransomware attacksA Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between July 2021 and November 2022. [...]BLEEPINGCOMPUTER.COM
10 NovNevada ransomware attack traced back to malware download by employee | Cybersecurity Divesubmitted by kid to cybersecurity 1 points | 0 comments https://www.cybersecuritydive.com/news/nevada-ransomware-attack-traced-back-to-malware-download-by-employee/805011/SH.ITJUST.WORKS
10 NovCyberattacks surge against IoT, mobile devices in critical infrastructure | Cybersecurity Divesubmitted by kid to cybersecurity 1 points | 0 comments https://www.cybersecuritydive.com/news/mobile-iot-attacks-surge-critical-infrastructure-zscaler/805008/SH.ITJUST.WORKS
10 NovYanluowang initial access broker pleaded guilty to ransomware attacksA Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between July 2021 and November 2022. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 19[−]
10 NovISC Stormcast For Monday, November 10th, 2025 https://isc.sans.edu/podcastdetail/9692, (Mon, Nov 10th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
10 NovItalian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance CaseAn extract from “The Enemy Inside, the Paragon Case, Spies and Regime Methods in Giorgia Meloni’s Italy” by Francesco Cancellato, published by Rizzoli on November 11, 2025. This surveillance system continues to expand its reach into opposition figures and politi…GBHACKERS.COM
10 NovToday I learned: binfmt_misc - dfir.ch - shadow suidsubmitted by Kissaki to cybersecurity 2 points | 0 comments https://dfir.ch/posts/today_i_learned_binfmt_misc/ binfmt_misc (short for Binary Format Miscellaneous) is a Linux kernel feature that allows the system to recognize and execute files based on custom binary formats. It’s …INFOSEC.PUB
10 NovHackGPT Launches as AI-Driven Penetration Testing Suite Using GPT-4 and Other ModelsHackGPT Enterprise has officially launched as a production-ready, cloud-native AI-powered penetration testing platform designed specifically for enterprise security teams. Created by Yashab Alam, Founder and CEO of ZehraSec, the platform represents a significant advancement in au…GBHACKERS.COM
10 NovOT Security Doesn't Have to be a Struggle, Spotting Red Flags, Enterprise News - ESW #432Segment 1: OT Security Doesn’t Have to be a Struggle OT/ICS/SCADA systems are often off limits to cybersecurity folks, and exempt from many controls. Attackers don’t care how fragile these systems are, however. For attackers aiming to disrupt operations, fragile but critical syst…YOUTUBE.COM
10 NovAustralia Sanctions Hackers Supporting North Korea’s Weapons ProgramAustralia mirrored the US’s recent sanctions against bankers, financial institutions, and others allegedly involved in laundering funds for North Korea. The post Australia Sanctions Hackers Supporting North Korea’s Weapons Program appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovThreat Actors Attacking Outlook and Google Bypassing Traditional Email DefensesThreat actors are systematically compromising Outlook and Google mailboxes with alarming success, leveraging sophisticated techniques that sidestep traditional email defenses entirely. According to VIPRE’s Q3 2025 Email Threat Report, over 90% of phishing attacks specifical…GBHACKERS.COM
10 NovNew Attacks Against Secure EnclavesEncryption can protect data at rest and data in transit, but does nothing for data in use. What we have are secure enclaves. I’ve written about this before: Almost all cloud services have to perform some computation on our data. Even the simplest storage provider has code t…SCHNEIER.COM
10 NovGlassWorm malware returns on OpenVSX with 3 new VSCode extensionssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/glassworm-malware-returns-on-openvsx-with-3-new-vscode-extensions/SH.ITJUST.WORKS
10 NovGlassWorm Malware Returns to Open VSX, Emerges on GitHubThree more VS Code extensions were infected last week and the malware has emerged in GitHub repositories as well. The post GlassWorm Malware Returns to Open VSX, Emerges on GitHub appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovDangerous runC flaws could allow hackers to escape Docker containerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/dangerous-runc-flaws-could-allow-hackers-to-escape-docker-containers/SH.ITJUST.WORKS
10 NovMicrosoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Trafficsubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2025/11/microsoft-uncovers-whisper-leak-attack.htmlSH.ITJUST.WORKS
10 NovQuantum Route Redirect: Anonymous Tool Streamlining Global Phishing AttackLead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke KnowBe4 Threat Labs has uncovered an emerging advanced phishing campaign targeting Microsoft 365 users globally to steal their credentials. The attackers are wielding a powerful new tool that’s complete…KNOWBE4.COM
10 NovTwo New Web Application Risk Categories Added to OWASP Top 10OWASP has added two new categories to the revised version of its Top 10 list of the most critical risks to web applications. The post Two New Web Application Risk Categories Added to OWASP Top 10 appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovMicrosoft Teams’ New “Chat with Anyone” Feature Exposes Users to Phishing and Malware Attackssubmitted by kid to cybersecurity 4 points | 1 comments https://cybersecuritynews.com/microsoft-teams-chat-with-anyone-feature/SH.ITJUST.WORKS
10 NovStadtverwaltung Ludwigshafen kämpft mit IT-AusfallDie Stadtverwaltung Ludwigshafen wurde vermutlich von Hackern angegriffen. Deemerwha studio In Ludwigshafen sind derzeit weder die Online-Services nutzbar, noch ist die Verwaltung per Telefon oder Mail zu erreichen. Und dies dürfte noch eine Weile so bleiben. Denn erst am Sonntag…CSOONLINE.COM
10 NovMany Forbes AI 50 Companies Leak Secrets on GitHubWiz found the secrets and warned that they can expose training data, organizational structures, and private models. The post Many Forbes AI 50 Companies Leak Secrets on GitHub appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovSecuring our future: November 2025 progress report on Microsoft’s Secure Future Initiative When we launched the Secure Future Initiative, our mission was clear: accelerate innovation, strengthen resilience, and lead the industry toward a safer digital future. Today, we’re sharing our latest progress report that reflects steady progress in every area and engineering pil…MICROSOFT.COM
10 NovAPT37 hackers abuse Google Find Hub in Android data-wiping attacksNorth Korean hackers from the KONNI activity cluster are abusing Google's Find Hub tool to track their targets' GPS positions and trigger remote factory resets of Android devices. [...]BLEEPINGCOMPUTER.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
10 NovNew Browser Security Report Reveals Emerging Threats for EnterprisesAccording to the new Browser Security Report 2025, security leaders are discovering that most identity, SaaS, and AI-related risks converge in a single place, the user’s browser. Yet traditional controls like DLP, EDR, and SSE still operate one layer too low. What’s emerging isn’…THEHACKERNEWS.COM
📡 INFOSEC NEWS 5[−]
10 Nov5 reasons why attackers are phishing over LinkedInAttackers are increasingly phishing over LinkedIn to reach executives and bypass email security tools. Push Security explains how real-time browser protection detects and blocks phishing across apps and channels as users load malicious pages. [...]BLEEPINGCOMPUTER.COM
10 NovIt isn't always defaults: Scans for 3CX usernames, (Mon, Nov 10th)Today, I noticed scans using the username "FTP_3cx" showing up in our logs. 3CX is a well-known maker of business phone system software [1]. My first guess was that this was a default user for one of their systems. But Google came up empty for this particular strin…ISC.SANS.EDU
10 NovWhat is FileFix — a ClickFix variation? | Kaspersky official blogFileFix — the latest variation of the ClickFix attack using social engineering. How this scheme works, and how to protect your company against FileFix.KASPERSKY.COM
10 NovQuantum Route Redirect PhaaS targets Microsoft 365 users worldwideA new phishing automation platform named Quantum Route Redirect is using around 1,000 domains to steal Microsoft 365 users' credentials. [...]BLEEPINGCOMPUTER.COM
10 NovMozilla Firefox gets new anti-fingerprinting defensesMozilla announced a major privacy upgrade in Firefox 145 that reduces even more the number of users vulnerable to digital fingerprinting. [...]BLEEPINGCOMPUTER.COM