🐛 COMMON VULNERABILITIES AND EXPOSURES 72[−]
11 NovHackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus FeatureGoogle's Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet's Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass aut…THEHACKERNEWS.COM
11 Nov KEVHackers Exploit Triofox 0-Day to Deploy Malicious Payloads Using Anti-Virus FeatureCybersecurity researchers from Mandiant Threat Defense have uncovered a critical zero-day vulnerability in Gladinet’s Triofox file-sharing platform that allowed attackers to bypass authentication and execute malicious code with system-level privileges. The vulnerability, tr…GBHACKERS.COM
11 Nov KEVCISA Issues Alert on Samsung 0-Day RCE Flaw Actively Exploited in AttacksThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical remote code execution vulnerability affecting Samsung mobile devices to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. Tracked as CVE-2025-21042, this z…GBHACKERS.COM
11 NovWatchGuard Firebox Flaw Allows Attackers to Gain Unauthorized SSH AccessA security vulnerability has been discovered in WatchGuard Firebox devices that could allow attackers to bypass authentication mechanisms and gain unauthorized SSH access to affected systems. Tracked as CVE-2025-59396, this flaw poses a significant threat to organizations that re…GBHACKERS.COM
11 NovDevolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA CookieDevolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The vulnerability, identified as CVE-2025-12485, carries a critical CVSS score of 9.4 and affects al…GBHACKERS.COM
11 NovWinRAR Vulnerability Exploited by APT-C-08 to Target Government AgenciesThe notorious APT-C-08 hacking group, also known as BITTER, has been observed weaponizing a critical WinRAR directory traversal vulnerability (CVE-2025-6218) to launch sophisticated attacks against government organizations across South Asia. This development marks a concerning ev…GBHACKERS.COM
11 NovZoom Workplace for Windows Flaw Allows Local Privilege EscalationA security vulnerability has been discovered in Zoom Workplace’s VDI Client for Windows that could allow attackers to escalate their privileges on affected systems. The flaw, tracked as CVE-2025-64740 and assigned bulletin ZSB-25042, has been rated as High severity with a C…GBHACKERS.COM
11 NovIvanti Endpoint Manager Vulnerabilities Let Attackers Write Files Anywhere on Target SystemsIvanti has released critical security updates for Ivanti Endpoint Manager to address three high-severity vulnerabilities that could allow authenticated attackers to write arbitrary files to any location on affected systems. The company disclosed the security advisory on November …GBHACKERS.COM
11 NovCVE-2025-59504 Azure Monitor Agent Remote Code Execution VulnerabilityHeap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59505 Windows Smart Card Reader Elevation of Privilege VulnerabilityDouble free in Windows Smart Card allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59506 DirectX Graphics Kernel Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59507 Windows Speech Runtime Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59508 Windows Speech Recognition Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59509 Windows Speech Recognition Information Disclosure VulnerabilityInsertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59510 Windows Routing and Remote Access Service (RRAS) Denial of Service VulnerabilityImproper link resolution before file access ('link following') in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59511 Windows WLAN Service Elevation of Privilege VulnerabilityExternal control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59512 Customer Experience Improvement Program (CEIP) Elevation of Privilege VulnerabilityImproper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59513 Windows Bluetooth RFCOM Protocol Driver Information Disclosure VulnerabilityOut-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60703 Windows Remote Desktop Services Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60704 Windows Kerberos Elevation of Privilege VulnerabilityMissing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-60705 Windows Client-Side Caching Elevation of Privilege VulnerabilityImproper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60706 Windows Hyper-V Information Disclosure VulnerabilityOut-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60707 Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege VulnerabilityUse after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60708 Storvsp.sys Driver Denial of Service VulnerabilityUntrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60709 Windows Common Log File System Driver Elevation of Privilege VulnerabilityOut-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60710 Host Process for Windows Tasks Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60726 Microsoft Excel Information Disclosure VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60727 Microsoft Excel Remote Code Execution VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60728 Microsoft Excel Information Disclosure VulnerabilityUntrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-62199 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62206 Microsoft Dynamics 365 (On-Premises) Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-62210 Dynamics 365 Field Service (online) Spoofing VulnerabilityImproper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-62216 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60719 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60722 Microsoft OneDrive for Android Elevation of Privilege VulnerabilityImproper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-62217 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62218 Microsoft Wireless Provisioning System Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62219 Microsoft Wireless Provisioning System Elevation of Privilege VulnerabilityDouble free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62220 Windows Subsystem for Linux GUI Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-62452 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-59240 Microsoft Excel Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-47179 Configuration Manager Elevation of Privilege VulnerabilityImproper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59514 Microsoft Streaming Service Proxy Elevation of Privilege VulnerabilityImproper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59515 Windows Broadcast DVR User Service Elevation of Privilege VulnerabilityUse after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60713 Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60714 Windows OLE Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60715 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-60716 DirectX Graphics Kernel Elevation of Privilege VulnerabilityUse after free in Windows DirectX allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60717 Windows Broadcast DVR User Service Elevation of Privilege VulnerabilityUse after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60718 Windows Administrator Protection Elevation of Privilege VulnerabilityUntrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60720 Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege VulnerabilityBuffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60723 DirectX Graphics Kernel Denial of Service VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to deny service over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-60724 GDI+ Remote Code Execution VulnerabilityHeap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-62200 Microsoft Excel Remote Code Execution VulnerabilityUntrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62201 Microsoft Excel Remote Code Execution VulnerabilityHeap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62202 Microsoft Excel Information Disclosure VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62203 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62204 Microsoft SharePoint Remote Code Execution VulnerabilityDeserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-62205 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62208 Windows License Manager Information Disclosure VulnerabilityInsertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62209 Windows License Manager Information Disclosure VulnerabilityInsertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-59499 Microsoft SQL Server Elevation of Privilege VulnerabilityImproper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-62211 Dynamics 365 Field Service (online) Spoofing VulnerabilityImproper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-62214 Visual Studio Remote Code Execution VulnerabilityImproper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62215 Windows Kernel Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62213 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityUse after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62222 Agentic AI and Visual Studio Code Remote Code Execution VulnerabilityImproper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 NovCVE-2025-62449 Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass VulnerabilityImproper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-60721 Windows Administrator Protection Elevation of Privilege VulnerabilityPrivilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-62453 GitHub Copilot and Visual Studio Code Security Feature Bypass VulnerabilityImproper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
11 NovCVE-2025-30398 Nuance PowerScribe 360 Information Disclosure VulnerabilityMissing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
11 Nov KEVMicrosoft Patch Tuesday for November 2025 – Fix for 0-day and Other 62 VulnerabilitiesMicrosoft has released its November 2025 Patch Tuesday update, addressing 63 security vulnerabilities across its software lineup. The update includes a critical fix for a zero-day vulnerability in the Windows Kernel that is confirmed to be actively exploited in the wild. The most…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 33[−]
11 NovHow GlassWorm wormed its way back into developers’ code — and what it says about open source securityPervasive, evasive malware thought to have been eliminated has wormed its way back into development environments. Just a little over two weeks after GlassWorm was declared “fully contained and closed” by the open source OpenVSX project, the self-propagating worm is once again tar…CSOONLINE.COM
11 NovEU Eyes Huawei and ZTE Ban in Mobile Networks of Member Countriessubmitted by randomname to cybersecurity 1 points | 0 comments https://www.bloomberg.com/news/articles/2025-11-10/eu-eyes-banning-huawei-from-mobile-networks-of-member-countries cross-posted from: scribe.disroot.org/post/5554392 Archived version The European Commission is explori…INFOSEC.PUB
11 NovEU Eyes Huawei and ZTE Ban in Mobile Networks of Member Countriessubmitted by randomname to cybersecurity 1 points | 0 comments https://www.bloomberg.com/news/articles/2025-11-10/eu-eyes-banning-huawei-from-mobile-networks-of-member-countries cross-posted from: scribe.disroot.org/post/5554392 Archived version The European Commission is explori…SH.ITJUST.WORKS
11 NovDanabot Malware Reemerges with Version 669 After Operation EndgameThe notorious Danabot banking malware has made a comeback with the release of version 669, marking a significant return after nearly six months of silence following the coordinated law enforcement takedown known as Operation Endgame in May 2025. The resurgence signals that cyberc…GBHACKERS.COM
11 NovYour passwordless future may never fully arriveEnterprise CISOs have been trying to move beyond passwords for more than a decade, but have run into technical roadblocks, as many legacy systems were never designed for anything other thanpasswords. As a result, the passwordless revolution, despite its promise and the enticing p…CSOONLINE.COM
11 NovRansomware, Defaults, and Proactive Defenses - Rob Allen - ASW #356Just how bad can things get if someone clicks on a link? Rob Allen joins us again to talk about ransomware, why putting too much attention on clicking links misses the larger picture of effective defenses, and what orgs can do to prepare for an influx of holiday-infused ransomwar…YOUTUBE.COM
11 NovBeyond silos: How DDI-AI integration is redefining cyber resilienceAs organizations migrate toward hybrid and multi-cloud architectures, the boundaries between network and security operations have eroded, revealing critical visibility gaps. This issue is forcing a strategic shift for enterprise security leaders: the integration of DDI (DNS, DHCP…CSOONLINE.COM
11 NovÖffentliche Verwaltung im Visier von CyberspionenLaut BSI haben es Cyberspione aktuell besonders auf die öffentliche Verwaltung abgesehen. Skorzewiak – shutterstock.com Cyberspione haben es in Deutschland derzeit besonders auf die öffentliche Verwaltung abgesehen. Das geht aus dem aktuellen L agebericht des Bundesamtes für Sich…CSOONLINE.COM
11 Nov KEVSenate moves to restore lapsed cybersecurity laws after shutdownTwo cybersecurity laws that lapsed during the government shutdown moved closer to restoration on Monday after the Senate voted 60-40 to advance legislation extending them through January 2026. The continuing resolution would restore the Cybersecurity Information Sharing Act of 20…CSOONLINE.COM
11 NovNew Phishing Campaign Targets Meta Business Suite UsersWith more than 5.4 billion social media users worldwide, Facebook remains a critical marketing channel for businesses of all sizes. This massive reach and trusted brand status, however, make it an increasingly attractive target for sophisticated threat actors seeking to exploit u…GBHACKERS.COM
11 NovPrompt Injection in AI BrowsersThis is why AIs are not ready to be personal assistants: A new attack called ‘CometJacking’ exploits URL parameters to pass to Perplexity’s Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and calendar.…SCHNEIER.COM
11 Nov‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt TopicsAttackers intercepting network traffic can determine the conversation topic with a chatbot despite end-to-end encrypted communication. The post ‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics appeared first on SecurityWeek .SECURITYWEEK.COM
11 NovCISO's Expert Guide To AI Supply Chain AttacksAI-enabled supply chain attacks jumped 156% last year. Discover why traditional defenses are failing and what CISOs must do now to protect their organizations. Download the full CISO’s expert guide to AI Supply chain attacks here. TL;DR AI-enabled supply chain attacks…THEHACKERNEWS.COM
11 NovAndroid Trojan 'Fantasy Hub' Malware Service Turns Telegram Into a Hub for HackersCybersecurity researchers have disclosed details of a new Android remote access trojan (RAT) called Fantasy Hub that's sold on Russian-speaking Telegram channels under a Malware-as-a-Service (MaaS) model. According to its seller, the malware enables device control and espionage, …THEHACKERNEWS.COM
11 NovNorth Korean hackers exploit Google’s safety tools for remote wipeNorth Korea-linked threat actors have found a novel way to weaponize Google’s own security ecosystem, using it to wipe espionage data from victim phones remotely. According to findings by Genians Security Center (GSC), the attackers leveraged the Android device-tracing and manage…CSOONLINE.COM
11 NovPhishing Scam Uses Big-Name Brands to Steal LoginsA recent investigation by Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated phishing campaign exploiting globally recognized and regional brands to steal user credentials, marking an escalation in adversary tradecraft and reach. Unlike conventional phishin…GBHACKERS.COM
11 NovCISA orders feds to patch Samsung zero-day used in spyware attackssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-samsung-zero-day-used-in-spyware-attacks/SH.ITJUST.WORKS
11 NovCMMC Live: Pentagon Demands Verified Cybersecurity From ContractorsEnforcement of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) requirements started on November 10, 2025. The post CMMC Live: Pentagon Demands Verified Cybersecurity From Contractors appeared first on SecurityWeek .SECURITYWEEK.COM
11 NovMonsta FTP Vulnerability Exposed Thousands of Servers to Full Takeover – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and Moresubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/monsta-ftp-flaw-web-servers-open-server-takeover/SH.ITJUST.WORKS
11 NovHackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Featuresubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/11/hackers-exploiting-triofox-flaw-to.htmlSH.ITJUST.WORKS
11 NovPopular JavaScript library expr-eval vulnerable to RCE flawsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/popular-javascript-library-expr-eval-vulnerable-to-rce-flaw/SH.ITJUST.WORKS
11 Nov KEVCritical Triofox Vulnerability Exploited in the WildA threat actor has exploited the issue to create a new administrator account and then used the account to execute remote access tools. The post Critical Triofox Vulnerability Exploited in the Wild appeared first on SecurityWeek .SECURITYWEEK.COM
11 NovWhat is the Pixnapping vulnerability, and how to protect your Android smartphone? | Kaspersky official blogThe Android vulnerability CVE-2025-48561 (Pixnapping) enables the theft of any data displayed on a smartphone's screen. We explain how Pixnapping works and provide advice on mitigating the risk.KASPERSKY.COM
11 Nov KEVMicrosoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flawsToday is Microsoft's November 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited zero-day vulnerability. [...]BLEEPINGCOMPUTER.COM
11 NovThreat Actors Leverage RMM Tools to Deploy Medusa & DragonForce Ransomwaresubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/threat-actors-leverage-rmm-tools-deploy-medusa/SH.ITJUST.WORKS
11 NovMicrosoft Patch Tuesday for November 2025, (Tue, Nov 11th)Today&#;x26;#;39;s Microsoft Patch Tuesday offers fixes for 80 different vulnerabilities. One of the vulnerabilities is already being exploited, and five are rated as critical.
ISC.SANS.EDU
11 NovHackers abuse Triofox antivirus feature to deploy remote access toolsHackers exploited a critical vulnerability and the built-in antivirus feature in Gladinet's Triofox file-sharing and remote-access platform to achieve remote code execution with SYSTEM privileges. [...]BLEEPINGCOMPUTER.COM
11 Nov KEVMicrosoft Patches Actively Exploited Windows Kernel Zero-DayMicrosoft’s latest Patch Tuesday updates address more than 60 vulnerabilities in Windows and other products. The post Microsoft Patches Actively Exploited Windows Kernel Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
11 NovSynology fixes BeeStation zero-days demoed at Pwn2Own IrelandSynology has addressed a critical-severity remote code execution (RCE) vulnerability in BeeStation products that was demonstrated at the recent Pwn2Own hacking competition. [...]BLEEPINGCOMPUTER.COM
11 NovMiles, 10/8 time, Lost Phones, Whisper Leak, Quantum Route, AI Galore, Rob Allen - SWN #528Miles Davis, Jimmy Buffet, 10/8 time, Lost Phones, Phishing, Whisper Leak, Quantum Route Redirect, AI Galore, Rob Allen, and more on the Security Weekly News. Segment Resources: https://www.bleepingcomputer.com/news/security/how-a-ransomware-gang-encrypted-nevada-governments-syst…YOUTUBE.COM
11 NovMultiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large…CISECURITY.ORG
11 NovCritical Patches Issued for Microsoft Products, November 11, 2025Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. …CISECURITY.ORG
11 NovMultiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe InDesign is a professional page layout and desktop publishing software used for designing and publishing content for both print and digital me…CISECURITY.ORG
📋 SECURITY BULLETINS 6[−]
11 NovSAP Releases Security Update to Fix Critical Code Execution and Injection FlawsSAP has released a significant security update addressing 18 new vulnerabilities across its enterprise software portfolio, including several critical flaws related to code execution and data injection. This monthly security patch day features four high-severity vulnerabilities th…GBHACKERS.COM
11 NovSAP fixes hardcoded credentials flaw in SQL Anywhere MonitorSAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code injection issue in the Solution Manager platform. [...]BLEEPINGCOMPUTER.COM
11 NovMicrosoft: Emergency Windows 10 update fixes ESU enrollment bugMicrosoft has released an emergency out-of-band update to address a known issue preventing Windows 10 users from enrolling in the Extended Security Updates (ESU) program. [...]BLEEPINGCOMPUTER.COM
11 NovSAP Security Update - Patch for Critical Vulnerabilities Allowing Code Execution and Injection Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/sap-security-patch-day-november-2025/SH.ITJUST.WORKS
11 NovMicrosoft: Windows 11 23H2 Home and Pro reach end of supportMicrosoft has reminded customers today that systems running Home and Pro editions of Windows 11 23H2 have stopped receiving security updates. [...]BLEEPINGCOMPUTER.COM
11 NovMicrosoft releases KB5068781 — The first Windows 10 extended security updateMicrosoft has released the KB5068781 update, the first Windows 10 extended security update since the operating system reached end of support last month. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 2[−]
11 NovAI startups leak sensitive credentials on GitHub, exposing models and training dataNearly two-thirds of the world’s top private AI companies have exposed API keys and access tokens on GitHub, according to new research from cloud security firm Wiz, raising concerns that rapid growth is outpacing security discipline. Wiz found verified secret leaks in 65% of the …CSOONLINE.COM
11 NovEU-Kommission will DSGVO für KI und Cookie-Tracking lockernsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2645792213.jpg?quality=50&strip=all 4032w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2645792213.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
🔥 INCIDENT REPORTING 9[−]
11 NovResearchers Expose Deep Connections Between Maverick and Coyote Banking MalwareSecurity researchers at CyberProof have uncovered critical connections between two sophisticated banking trojans Maverick and Coyote that are actively targeting Brazilian users through WhatsApp. The discovery came after investigating a suspicious file download incident flagged th…GBHACKERS.COM
11 NovNew VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXiA sophisticated new ransomware operation dubbed VanHelsing has emerged as a rapidly expanding threat in the cybercriminal landscape. First observed on March 7, 2025, this operation functions as a Ransomware-as-a-Service (RaaS) platform, licensing its destructive capabilities to a…GBHACKERS.COM
11 NovResearchers Detect Malicious npm Package Targeting GitHub-Owned RepositoriesCybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate "@actions/artifact" package with the intent to target GitHub-owned repositories. "We think the intent was to have this script execute during a build of a Git…THEHACKERNEWS.COM
11 NovYanluowang initial access broker pleaded guilty to ransomware attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/yanluowang-initial-access-broker-pleaded-guilty-to-ransomware-attacks/SH.ITJUST.WORKS
11 NovWebinar: Modern Patch Management – Strategies to patch faster with less riskMany organizations still struggle to patch fast enough to prevent breaches. Join us December 2 at 2PM ET to learn how modern patch management strategies can reduce risk and close the remediation gap. [...]BLEEPINGCOMPUTER.COM
11 NovGlobalLogic warns 10,000 employees of data theft after Oracle breachGlobalLogic, a provider of digital engineering services part of the Hitachi group, is notifying over 10,000 current and former employees that their data was stolen in an Oracle E-Business Suite (EBS) data breach. [...]BLEEPINGCOMPUTER.COM
11 NovHow a CPU spike led to uncovering a RansomHub ransomware attackA sudden CPU spike turned out to be the first clue of an in-progress RansomHub ransomware attack. Varonis breaks down how their team traced the attack from fake browser updates to domain-admin takeover, ultimately stopping the attack before files were encrypted. [...]BLEEPINGCOMPUTER.COM
11 NovHow a CPU spike led to uncovering a RansomHub ransomware attacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/how-a-cpu-spike-led-to-uncovering-a-ransomhub-ransomware-attack/SH.ITJUST.WORKS
11 NovGlobalLogic warns 10,000 employees of data theft after Oracle breachsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/globallogic-warns-10-000-employees-of-data-theft-after-oracle-breach/SH.ITJUST.WORKS
🕵️ THREAT INTELLIGENCE 20[−]
11 NovKonni Hackers Turn Google’s Find Hub into a Remote Data-Wiping WeaponThe North Korea-affiliated threat actor known as Konni (aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia) has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control. "Attackers impersonated psychological counselor…THEHACKERNEWS.COM
11 NovISC Stormcast For Tuesday, November 11th, 2025 https://isc.sans.edu/podcastdetail/9694, (Tue, Nov 11th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
11 NovOWASP Top 10 2025 Released: Major Revisions and Two New Security Classes AddedThe Open Web Application Security Project (OWASP) has officially unveiled the eighth edition of its influential Top 10 security risks list for 2025, introducing significant changes that reflect the evolving landscape of application security threats. The update features two new se…GBHACKERS.COM
11 NovThreat Report: xHunt Targets Microsoft Exchange and IIS with Custom BackdoorsThe xHunt advanced persistent threat group continues to pose a significant cybersecurity risk through sophisticated attacks targeting Microsoft Exchange and IIS web servers with custom-built backdoors. This highly focused cyber-espionage operation has maintained persistent, multi…GBHACKERS.COM
11 NovLazarus Group Deploys Weaponized Documents Against Aerospace & DefenseSecurity researchers at ENKI have uncovered a sophisticated espionage campaign targeting aerospace and defense organizations, in which the Lazarus Group is weaponizing a new variant of the Comebacker backdoor to infiltrate high-value targets. The threat actor has been actively co…GBHACKERS.COM
11 Nov65% of Top AI Firms Found Exposing Verified API Keys and Tokens on GitHubA comprehensive security analysis has uncovered a troubling reality: 65% of leading AI companies have leaked verified secrets on GitHub, exposing critical API keys, authentication tokens, and sensitive credentials that could compromise their entire organizations. Researchers exam…GBHACKERS.COM
11 NovBeware of Security Alert-Themed Malicious Emails that Steal Your Email LoginsA sophisticated phishing campaign is currently targeting email users with deceptive security alert notifications that appear to originate from their own organization’s domain. The phishing emails are crafted to resemble legitimate security notifications from email delivery …GBHACKERS.COM
11 NovAttackers Use Quantum Route Redirect to Launch Instant Phishing on M365KnowBe4 Threat Labs has uncovered a sophisticated phishing campaign that marks a turning point in cybercriminal capabilities. The threat landscape is shifting dramatically with the emergence of Quantum Route Redirect. This powerful automation tool transforms complex phishing oper…GBHACKERS.COM
11 NovFerocious Kitten APT Uses MarkiRAT for Keystroke and Clipboard SurveillanceFerocious Kitten, a covert cyber-espionage group active since at least 2015, has emerged as a persistent threat to Persian-speaking dissidents and activists within Iran. The group, known for its careful targeting and evolving tactics, deploys its custom implant “MarkiRAT…GBHACKERS.COM
11 NovNew “KomeX” Android RAT Hits Hacker Forums with Tiered SubscriptionsA sophisticated Android remote-access trojan named KomeX RAT has emerged on underground hacking forums, with the threat actor Gendirector actively marketing the malware through tiered subscription models. The malware, built on the foundation of previously documented BTMOB, poses …GBHACKERS.COM
11 NovAPT37 hackers abuse Google Find Hub in Android data-wiping attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/apt37-hackers-abuse-google-find-hub-in-android-data-wiping-attacks/SH.ITJUST.WORKS
11 NovHonoring Our Veteran Readers: Thank You for Your ServiceYour dedication to service, teamwork, and resilience is woven into the very fabric of cybersecurity. The post Honoring Our Veteran Readers: Thank You for Your Service appeared first on SecurityWeek .SECURITYWEEK.COM
11 NovAllianz UK confirms Oracle EBS compromise • The Registersubmitted by kid to cybersecurity 1 points | 0 comments https://www.theregister.com/2025/11/10/allianz_uk_joins_growing_list/SH.ITJUST.WORKS
11 NovSAP Patches Critical Flaws in SQL Anywhere Monitor, Solution ManagerHardcoded credentials in SQL Anywhere Monitor could allow attackers to execute arbitrary code on vulnerable deployments. The post SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager appeared first on SecurityWeek .SECURITYWEEK.COM
11 NovNew Firefox Protections Halve the Number of Trackable UsersMozilla has implemented fresh fingerprinting protections to prevent hidden trackers from identifying Firefox users. The post New Firefox Protections Halve the Number of Trackable Users appeared first on SecurityWeek .SECURITYWEEK.COM
11 NovOWASP Highlights Supply Chain Risks in New Top 10submitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/application-security/owasp-highlights-supply-chain-risks-new-top-10SH.ITJUST.WORKS
11 NovMany Forbes AI 50 Companies Leak Secrets on GitHub - SecurityWeeksubmitted by kid to cybersecurity 2 points | 0 comments https://www.securityweek.com/many-forbes-ai-50-companies-leak-secrets-on-github/SH.ITJUST.WORKS
11 NovCyberheistNews Vol 15 #45 [Under the Radar] Scammers Use Real Bodies, Fake Faces in Extortion ScamsKNOWBE4.COM
11 NovTenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting PlatformTel Aviv, Israel based Tenzai has developed an AI-driven platform for penetration testing, which it says can continuously identify and address vulnerabilities. The post Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform appeared first on SecurityWee…SECURITYWEEK.COM
11 NovAdobe Patches 29 VulnerabilitiesAdobe has fixed InDesign, InCopy, Photoshop, Illustrator, Pass, Substance 3D Stager, and Format Plugins vulnerabilities. The post Adobe Patches 29 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
11 NovGootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress SitesThe malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress. The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-…THEHACKERNEWS.COM
11 NovRhadamanthys infostealer disrupted as cybercriminals lose server accessThe Rhadamanthys infostealer operation has been disrupted, with numerous "customers" of the malware-as-a-service reporting that they no longer have access to their servers. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
11 NovThe AI Fix #76: AI self-awareness, and the death of comedyIn episode 76 of The AI Fix, two US federal judges blame AI for imaginary case law, a Chinese "humanoid" dramatically sheds its skin onstage, Toyota unveils a crabby walking chair creeps us out, Google plans AI chips in orbit, robot dogs get jobs at Sellafield, and AI writes crui…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 3[−]
11 Nov“Bitcoin Queen” gets 11 years in prison for $7.3 billion Bitcoin scamA Chinese woman known as the "Bitcoin Queen" was sentenced in London to 11 years and eight months in jail for laundering Bitcoin from a £5.5 billion ($7.3 billion) cryptocurrency investment scheme. [...]BLEEPINGCOMPUTER.COM
11 NovWindows 11 KB5068861 & KB5068865 cumulative updates releasedMicrosoft has released Windows 11 KB5068861 and KB5068865 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]BLEEPINGCOMPUTER.COM
11 NovWhy shadow AI could be your biggest security blind spotFrom unintentional data leakage to buggy code, here’s why you should care about unsanctioned AI use in your companyWELIVESECURITY.COM