matlock.ca // THREAT INTELLIGENCE

103Articles

10Categories

2025-11-12Date

🚨

CISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-9242 WatchGuard Firebox Out-of-Bounds Write Vulnerability CVE-2025-12480 Gladinet Triofox Improper Access Control Vulnerability CVE-2…

KEVCISA.GOV — Wed, 12 Nov 25 1

🐛

November Patch Tuesday: Zero day Windows kernel flaw in servers, controllers, and PCs

KEVCSOONLINE.COM — 12 Nov 2025

🐛

Mozilla Issues Urgent Firefox Update to Patch Critical Code Execution Flaws

GBHACKERS.COM — 12 Nov 2025

🐛

Windows Kernel 0-Day Under Active Exploitation for Privilege Escalation

GBHACKERS.COM — 12 Nov 2025

🐛

Chrome Security Update Fixes Improper Implementation in V8 JavaScript Engine

GBHACKERS.COM — 12 Nov 2025

🐛

Microsoft SQL Server Vulnerability Allows Privilege Escalation

GBHACKERS.COM — 12 Nov 2025

🐛

Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks

BLEEPINGCOMPUTER.COM — 12 Nov 2025

🐛

CVE-2024-12649: vulnerability in the Canon TTF interpreter

KASPERSKY.COM — 12 Nov 2025

🐛

Update: Implementation Guidance for Emergency Directive on Cisco ASA and Firepower Device Vulnerabilities

CISA.GOV — Wed, 12 Nov 25 1

⚠️

WhatsApp Malware 'Maverick' Hijacks Browser Sessions to Target Brazil's Biggest Banks

THEHACKERNEWS.COM — 12 Nov 2025

⚠️

Lite XL Vulnerability Allows Attackers to Execute Arbitrary Code

GBHACKERS.COM — 12 Nov 2025

⚠️

New Phishing Scam Targets iPhone Owners After Device Loss

GBHACKERS.COM — 12 Nov 2025

⚠️

The security leaders who turned their frustrations into companies

CSOONLINE.COM — 12 Nov 2025

⚠️

Enterprise network security blighted by legacy and unpatched systems

CSOONLINE.COM — 12 Nov 2025

⚠️

ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Rockwell, Aveva, Schneider

SECURITYWEEK.COM — 12 Nov 2025

⚠️

GitHub Copilot and Visual Studio Flaws Let Attackers Bypass Security Protections

GBHACKERS.COM — 12 Nov 2025

⚠️

Authentication Coercion: How Windows Machines Are Tricked into Leaking Credentials

GBHACKERS.COM — 12 Nov 2025

⚠️

Beyond the checklist: Shifting from compliance frameworks to real-time risk assessments

CSOONLINE.COM — 12 Nov 2025

⚠️

Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack

THEHACKERNEWS.COM — 12 Nov 2025

⚠️

Rhadamanthys Stealer Servers Reportedly Seized; Admin Urges Immediate Reinstallation

GBHACKERS.COM — 12 Nov 2025

⚠️

Hackers Exploit SSRF Flaw in Custom GPTs to Steal ChatGPT Secrets

GBHACKERS.COM — 12 Nov 2025

⚠️

Malicious npm package sneaks into GitHub Actions builds

CSOONLINE.COM — 12 Nov 2025

⚠️

North Korean hackers exploit Google’s safety tools for remote wipe | CSO Online

SH.ITJUST.WORKS — 12 Nov 2025

⚠️

MastaStealer Exploits Windows LNK to Launch PowerShell and Bypass Defender

GBHACKERS.COM — 12 Nov 2025

⚠️

UK cybersecurity bill brings tougher rules for critical infrastructure

CSOONLINE.COM — 12 Nov 2025

⚠️

Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws

SH.ITJUST.WORKS — 12 Nov 2025

⚠️

SecureVibes Introduces Multi-Language Vulnerability Scanner Powered by Claude AI

GBHACKERS.COM — 12 Nov 2025

⚠️

Weekly Update 477

TROYHUNT.COM — 12 Nov 2025

⚠️

Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws

THEHACKERNEWS.COM — 12 Nov 2025

⚠️

How TTP-based Defenses Outperform Traditional IoC Hunting

SECURITYWEEK.COM — 12 Nov 2025

⚠️

DanaBot malware is back to infecting Windows after 6-month break

BLEEPINGCOMPUTER.COM — 12 Nov 2025

⚠️

Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform

THEHACKERNEWS.COM — 12 Nov 2025

⚠️

Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks

SH.ITJUST.WORKS — 12 Nov 2025

📋

Chipmaker Patch Tuesday: Over 60 Vulnerabilities Patched by Intel

SECURITYWEEK.COM — 12 Nov 2025

📋

Microsoft releases KB5068781 — The first Windows 10 extended security update

SH.ITJUST.WORKS — 12 Nov 2025

📋

AppleScript Used to Deliver macOS Malware Disguised as Zoom & Teams Updates

GBHACKERS.COM — 12 Nov 2025

📋

November Patch Tuesday does its chores

SOPHOS.COM — 12 Nov 2025

📢

IBM Infrastructure: Continuous Risk & Compliance

TRENDMICRO.COM — 12 Nov 2025

📢

Securing Model Context Protocol as Companies Plan to Replace Entry Roles with AI - BSW #421

YOUTUBE.COM — 2025-11-12

📢

New UK laws to strengthen critical infrastructure cyber defenses

BLEEPINGCOMPUTER.COM — 12 Nov 2025

📢

GitHub security advisory (AV25-737)

CYBER.GC.CA — 2025-11-12

📢

SAP security advisory – November 2025 monthly rollup (AV25-738)

CYBER.GC.CA — 2025-11-12

📢

Microsoft security advisory – November 2025 monthly rollup (AV25-739)

CYBER.GC.CA — 2025-11-12

📢

Adobe security advisory (AV25-741)

CYBER.GC.CA — 2025-11-12

📢

Citrix security advisory (AV25-740)

CYBER.GC.CA — 2025-11-12

📢

Google Chrome security advisory (AV25-742)

CYBER.GC.CA — 2025-11-12

📢

HPE security advisory (AV25-743)

CYBER.GC.CA — 2025-11-12

📢

Intel security advisory (AV25-744)

CYBER.GC.CA — 2025-11-12

📢

Microsoft Edge security advisory (AV25-745)

CYBER.GC.CA — 2025-11-12

📢

Ivanti security advisory (AV25-746)

CYBER.GC.CA — 2025-11-12

📢

CISA Identifies Ongoing Cyber Threats to Cisco ASA and Firepower Devices

CISA.GOV — Wed, 12 Nov 25 1

📢

Mozilla security advisory (AV25-747)

CYBER.GC.CA — 2025-11-12

📢

Palo Alto Networks security advisory (AV25-748)

CYBER.GC.CA — 2025-11-12

📢

[Control systems] Siemens security advisory (AV25-749)

CYBER.GC.CA — 2025-11-12

🔥

Industrial Phishing Kit QRR Discovered: New Cyber Threats Unveiled | Cybersecurity Today

CYBERSECURITYTODAY.LIBSYN.COM — 12 Nov 2025

🔥

Tor Browser 15.0.1 Update Patches Several High-Risk Security Flaws

GBHACKERS.COM — 12 Nov 2025

🔥

English-Speaking Cybercriminal Network ‘The COM’ Drives Global Cyberattacks

GBHACKERS.COM — 12 Nov 2025

🔥

Russian hacker admits helping Yanluowang ransomware infect companies

BITDEFENDER.COM — 12 Nov 2025

🔥

Synnovis notifies of data breach after 2024 ransomware attack

BLEEPINGCOMPUTER.COM — 12 Nov 2025

🔥

Cl0p Ransomware Lists NHS UK as Victim, Days After Washington Post Breach – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More

SH.ITJUST.WORKS — 12 Nov 2025

🔥

Have I Been Pwned Adds 1.96B Accounts From Synthient Credential Data – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More

SH.ITJUST.WORKS — 12 Nov 2025

🔥

Qilin Ransomware Activity Surges as Attacks Target Small Businesses - Infosecurity Magazine

SH.ITJUST.WORKS — 12 Nov 2025

🔥

Wie ChatGPT sich selbst eine Prompt Injection zufügt

CSOONLINE.COM — 12 Nov 2025

🔥

Synnovis notifies of data breach after 2024 ransomware attack

SH.ITJUST.WORKS — 12 Nov 2025

🕵️

ISC Stormcast For Wednesday, November 12th, 2025 https://isc.sans.edu/podcastdetail/9696, (Wed, Nov 12th)

ISC.SANS.EDU — 12 Nov 2025

🕵️

Chinese National Sentenced for Laundering Over £5 Billion from 128,000 Victims

GBHACKERS.COM — 12 Nov 2025

🕵️

Phishing Attack Impersonates Travel Brands Using 4,300 Malicious Domains

GBHACKERS.COM — 12 Nov 2025

🕵️

Google Paid Out $458,000 at Live Hacking Event

SECURITYWEEK.COM — 12 Nov 2025

🕵️

Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case

SH.ITJUST.WORKS — 12 Nov 2025

🕵️

On Hacking Back

SCHNEIER.COM — 2025-11-12

🕵️

High-Severity Vulnerabilities Patched by Ivanti and Zoom

SECURITYWEEK.COM — 12 Nov 2025

🕵️

Phishers target 5K Facebook advertisers with fake biz pages • The Register

SH.ITJUST.WORKS — 12 Nov 2025

🕵️

Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit

SECURITYWEEK.COM — 12 Nov 2025

🕵️

Australian spy chief warns Chinese hackers are ‘probing’ critical networks for espionage and sabotage

TECHCRUNCH.COM — 12 Nov 2025

🕵️

A Policy Roadmap for Secure AI by Design

PALOALTONETWORKS.COM — 12 Nov 2025

🕵️

Sweet Security Raises $75 Million for Cloud and AI Security

SECURITYWEEK.COM — 12 Nov 2025

🕵️

Npm Package Targeting GitHub-Owned Repositories Flagged as Red Team Exercise

SH.ITJUST.WORKS — 12 Nov 2025

🕵️

Miniatur Wunderland Hamburg warnt vor Datendiebstahl

CSOONLINE.COM — 12 Nov 2025

🕵️

Hackers abuse Triofox antivirus feature to deploy remote access tools

SH.ITJUST.WORKS — 12 Nov 2025

🕵️

Virtual Event Today: CISO Forum 2025 Virtual Summit

SECURITYWEEK.COM — 12 Nov 2025

🕵️

China’s Cyber Silence is More Worrying Than Russia’s Noise, Chief Cybersecurity Strategist Says

SECURITYWEEK.COM — 12 Nov 2025

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 12 Nov 2025

🕵️

DanaBot malware is back to infecting Windows after 6-month break

SH.ITJUST.WORKS — 12 Nov 2025

🕵️

Warning: ClickFix Attacks are Growing More Sophisticated

KNOWBE4.COM — 12 Nov 2025

🌐

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security

THEHACKERNEWS.COM — 12 Nov 2025

🎙️

Risky Business #814 -- It's a bad time to be a scam compound operator

RISKY.BIZ — 12 Nov 2025

📡

Red Bull Racing’s secret weapon? An engineer who treats workflows like lap times

TECHCRUNCH.COM — 12 Nov 2025

📡

Google Launches 'Private AI Compute' — Secure AI Processing with On-Device-Level Privacy

THEHACKERNEWS.COM — 12 Nov 2025

📡

Microsoft fixes Windows Task Manager bug affecting performance

BLEEPINGCOMPUTER.COM — 12 Nov 2025

📡

[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR

THEHACKERNEWS.COM — 12 Nov 2025

📡

Sophos Firewall v22: Your top-requested features

SOPHOS.COM — 12 Nov 2025

📡

Defending the future: Our commitment to responsible AI in cybersecurity

SOPHOS.COM — 12 Nov 2025

📡

Microsoft fixes bug causing false Windows 10 end-of-support alerts

BLEEPINGCOMPUTER.COM — 12 Nov 2025

📡

Extending Zero Trust to AI Agents: “Never Trust, Always Verify” Goes Autonomous

BLEEPINGCOMPUTER.COM — 12 Nov 2025

📡

Leading AI companies accidentally leak their passwords and digital keys on GitHub – what you need to know

FORTRA.COM — 12 Nov 2025

📡

Lawmakers warn Democratic governors that states are sharing drivers’ data with ICE

TECHCRUNCH.COM — 12 Nov 2025

📡

Windows 11 now supports 3rd-party apps for native passkey management

BLEEPINGCOMPUTER.COM — 12 Nov 2025

📡

From Data Loss Prevention (DLP) to Modern Data Security

TRENDMICRO.COM — 12 Nov 2025

📡

Elon Musk’s X botched its security key switchover, locking users out

TECHCRUNCH.COM — 12 Nov 2025

📡

Cybersecurity firm Deepwatch lays off dozens, citing move to “accelerate” AI investment

TECHCRUNCH.COM — 12 Nov 2025

📡

Google sues to dismantle Chinese platform behind global toll scams

BLEEPINGCOMPUTER.COM — 12 Nov 2025

📡

Google sues to dismantle Chinese phishing platform behind US toll scams

BLEEPINGCOMPUTER.COM — 12 Nov 2025

📡

SmartApeSG campaign uses ClickFix page to push NetSupport RAT, (Wed, Nov 12th)

ISC.SANS.EDU — 12 Nov 2025