96Articles
7Categories
2025-11-14Date
🚨 CISA KEV 3[−]
14 Nov KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-64446 Fortinet FortiWeb Path Traversal Vulnerability  This type of vulnerability is a frequent attack vector for malicious cyber act…CISA.GOV
14 Nov KEVFortinet Confirms Active Exploitation of Critical FortiWeb VulnerabilitySecurity firms say the flaw has been actively exploited for weeks, even as Fortinet quietly shipped fixes and CISA added the bug to its KEV catalog. The post Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
14 Nov KEVFortinet Releases Security Advisory for Relative Path Traversal Vulnerability Affecting FortiWeb ProductsCISA is aware of exploitation of a newly disclosed vulnerability, CVE-2025-64446 , in Fortinet FortiWeb, a web application firewall. This vulnerability affects the following FortiWeb versions: 1 8.0.0 through 8.0.1 7.6.0 through 7.6.4 7.4.0 through 7.4.9 7.2.0 through 7.2.11 7.0.…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
14 NovPalo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious PacketsPalo Alto Networks has disclosed a denial-of-service vulnerability in its PAN-OS software that allows attackers to force firewalls into unexpected reboots using specially crafted network packets. The flaw, tracked as CVE-2025-4619, affects multiple versions of PAN-OS running on P…GBHACKERS.COM
14 NovCritical Zoho Analytics Plus Flaw Allows Attackers to Run Arbitrary SQL QueriesA critical unauthenticated SQL injection vulnerability has been discovered in Zoho Analytics Plus on-premise, posing a severe risk to organizations running affected versions. Tracked as CVE-2025-8324, this flaw enables attackers to execute arbitrary SQL queries without authentica…GBHACKERS.COM
14 NovCopy-paste vulnerability hit AI inference frameworks at Meta, Nvidia, and MicrosoftCybersecurity researchers have uncovered a chain of critical remote code execution (RCE) vulnerabilities in major AI inference server frameworks, including those from Meta, Nvidia, Microsoft, and open-source projects such as vLLM and SGLang. According to Oligo Security, these vul…CSOONLINE.COM
14 NovNVIDIA NeMo Flaw Enables Code Injection and Privilege Escalation AttacksNVIDIA has released critical security patches addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute arbitrary code and escalate privileges on affected systems. The vulnerabilities affect all versions of the framework before 2.5.0…GBHACKERS.COM
14 NovCisco Catalyst Center Vulnerability Allows Attackers to Escalate PrivilegesA critical security vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance that could enable authenticated, remote attackers to escalate their privileges to Administrator on affected systems. This vulnerability CVE-2025-20341 caused by insufficient valid…GBHACKERS.COM
14 Nov"Patched" but still exposed: US federal agencies must remediate Cisco flaws (again) - Help Net Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2025/11/13/cisa-directive-cve-2025-20333-cve-2025-20362/SH.ITJUST.WORKS
14 NovVulnerability-Lookup 2.18.0 - Integration with Rulezetsubmitted by cm0002 to cybersecurity 1 points | 0 comments We’re delighted to announce the release of Vulnerability-Lookup 2.18.0 — packed with exciting new features! What’s New Integration with Rulezet Rulezet is an open-source platform for sharing, evaluating, improving, and ma…INFOSEC.PUB
⚠️ VULNERABILITY DISCLOSURE 27[−]
14 NovAgentic AI opens door to new ID challenges: ReportNew research released Thursday by Rubrik Zero Labs finds that the AI wave, and in particular agentic AI, has created a “troubling gap between the expanding identity attack surface and organizations’ ability to recover from resulting compromises.” According to the report, Identity…CSOONLINE.COM
14 Nov KEVFortinet FortiWeb Zero-Day Exploited to Gain Full Admin AccessA critical zero-day vulnerability in Fortinet FortiWeb has been actively exploited in the wild, allowing attackers to gain complete administrator access without any prior authentication. The flaw affects Fortinet’s Web Application Firewall, which is designed to protect web …GBHACKERS.COM
14 NovCybersecurity Today: Oracle Breach, CrowdStrike Report, and New iPhone ScamIn this episode, host Jim Love discusses several significant cybersecurity events and updates. The Washington Post confirmed a security breach affecting nearly 10,000 individuals due to an exploited Oracle E-Business Suite vulnerability. CrowdStrike's 2025 Global Threat Report hi…CYBERSECURITYTODAY.LIBSYN.COM
14 NovCritical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE AttacksA critical Remote Code Execution vulnerability has been patched in Imunify360 AV, a security product protecting approximately 56 million websites worldwide. Hosting companies must apply the patch immediately to prevent potential server compromises. The vulnerability details began…GBHACKERS.COM
14 NovWashington Post Oracle E-Suite Breach Exposes Data of Over 9,000 Staff and ContractorsThe Washington Post disclosed a significant data breach affecting more than 9,700 employees and contractors following an external system compromise targeting its Oracle E-Suite infrastructure. The breach, which occurred on July 10, 2025, went undetected for nearly 3.5 months befo…GBHACKERS.COM
14 Nov KEVFortinet FortiWeb Flaw Actively Exploited in the Wild Before Company's Silent PatchCybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet Fortiweb WAF that could allow an attacker to take over admin accounts and completely compromise a device. "The watchTowr team is seeing active, indiscriminate in-the-wild exp…THEHACKERNEWS.COM
14 NovImunify360 Vulnerability Could Expose Millions of Sites to HackingA vulnerability in ImunifyAV can be exploited for arbitrary code execution by uploading a malicious file to shared servers. The post Imunify360 Vulnerability Could Expose Millions of Sites to Hacking appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovFighting AI with AI: Adversarial bots vs. autonomous threat huntersI recently gave a presentation at SecTor on proactive threat hunting , which sparked some meaty conversations afterward on the show floor. On the expo floor, surrounded by “AI-first” security vendors, the CISOs and threat hunters I spoke with were worried. They’re worried because…CSOONLINE.COM
14 NovRansomware's Fragmentation Reaches a Breaking Point While LockBit ReturnsKey Takeaways: 85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date. 1,590 victims disclosed across 85 leak sites, showing high, sustained activity despite law-enforcement pressure. 14 new ransomware brands …THEHACKERNEWS.COM
14 NovAkira Ransomware Group Made $244 Million in Ransom ProceedsAkira was seen exploiting SonicWall vulnerabilities and encrypting Nutanix Acropolis Hypervisor (AHV) VM disk files this year. The post Akira Ransomware Group Made $244 Million in Ransom Proceeds appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovVulnerability Management: Tackling the Wrong ProblemJoin Francesco Cipollone as he reveals a groundbreaking insight in vulnerability management: Are we solving the wrong problem? Discover the hidden complexities beyond prioritization and why the industry's approach needs a radical shift. Don't miss this eye-opening discussion! #Vu…YOUTUBE.COM
14 NovHackers Exploit Rogue MCP Server to Inject Malicious Code into Cursor’s Built-In BrowserSecurity researchers have uncovered a critical vulnerability in Cursor, the AI-powered code editor, that allows attackers to inject malicious code through rogue Model Context Protocol (MCP) servers. Unlike VS Code, Cursor lacks integrity checks on its runtime components, making i…GBHACKERS.COM
14 NovMultiple Cisco Unified CCX Vulnerabilities Enable Arbitrary Command Execution by AttackersCisco has disclosed critical security vulnerabilities affecting Cisco Unified Contact Center Express (Unified CCX) that could enable unauthenticated, remote attackers to execute arbitrary commands, escalate privileges to root, and bypass authentication mechanisms. The vulnerabili…GBHACKERS.COM
14 NovUS announces new strike force targeting Chinese crypto scammersU.S. federal authorities have established a new task force to disrupt Chinese cryptocurrency scam networks that defraud Americans of nearly $10 billion annually. [...]BLEEPINGCOMPUTER.COM
14 NovFortinet FortiWeb flaw with public PoC exploited to create admin userssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/fortiweb-flaw-with-public-poc-actively-exploited-to-create-admin-users/SH.ITJUST.WORKS
14 NovIn Other News: Deepwatch Layoffs, macOS Vulnerability, Amazon AI Bug BountyOther noteworthy stories that might have slipped under the radar: EchoGram attack undermines AI guardrails, Asahi brewer still crippled after ransomware attack, Sora 2 system prompt uncovered. The post In Other News: Deepwatch Layoffs, macOS Vulnerability, Amazon AI Bug Bounty ap…SECURITYWEEK.COM
14 NovArista, Palo Alto bolster AI data center securityArista Networks and Palo Alto Networks have extended their partnership to offer customers a framework for implementing zero-trust security inside the data center. The new framework is intended to offer customers a way to blend networking control and management activities with sec…CSOONLINE.COM
14 NovResearchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference FrameworksCybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. "These vulnerabilities a…THEHACKERNEWS.COM
14 NovRCE flaw in ImunifyAV puts millions of Linux-hosted sites at risksubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/rce-flaw-in-imunifyav-puts-millions-of-linux-hosted-sites-at-risk/SH.ITJUST.WORKS
14 NovFortinet confirms silent patch for FortiWeb zero-day exploited in attacksFortinet has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now being widely exploited. [...]BLEEPINGCOMPUTER.COM
14 NovCYBERCOM 2.0: Pentagon Unveils Plan to Fix Cyber Talent ShortfallsThe goal is to produce a cyber force capable of defeating threats posed by major adversaries such as China. The post CYBERCOM 2.0: Pentagon Unveils Plan to Fix Cyber Talent Shortfalls appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovFrom detection to response: Why confidence is the real game changerCybersecurity often feels like a race where you don’t know when the starting gun will fire. The moment a threat slips past the perimeter, the countdown begins. Every minute between “we detected something” and “we know what to do about it” is time the attacker spends with free rei…CSOONLINE.COM
14 NovWhy network visibility is the thread that holds cybersecurity togetherEvery organization is chasing the same thing in security: speed, clarity, and confidence. But in reality, most are bogged down by complexity, siloed tools, and an overwhelming flood of alerts. The latest research from Enterprise Strategy Group (ESG) illustrates this tension clear…CSOONLINE.COM
14 NovHow shadow IT leaves every industry in the darkShadow IT is everywhere. What began with employees or departments bringing familiar tools such as personal email or file-sharing apps into the workplace has grown into unauthorized software-as-a-service (SaaS) platforms, mobile apps, and artificial intelligence (AI). With just a …CSOONLINE.COM
14 NovWhy SOC efficiency is the most valuable currency in cybersecurityIn cybersecurity, time is scarce, talent is scarce, and certainty is scarce. That’s why efficiency has quietly become the most valuable currency inside the security operations center (SOC) . Enterprise Strategy Group (ESG) research found that 53% of organizations say network dete…CSOONLINE.COM
14 NovFriday Squid Blogging: Pilot Whales Eat a Lot of SquidShort-finned pilot wales ( Globicephala macrorhynchus ) eat at lot of squid: To figure out a short-finned pilot whale’s caloric intake, Gough says, the team had to combine data from a variety of sources, including movement data from short-lasting tags, daily feeding rates f…SCHNEIER.COM
14 NovA Vulnerability in FortiWeb Could Allow for Remote Code ExecutionA vulnerability has been discovered FortiWeb, which could allow for remote code execution. FortiWeb is a web application firewall (WAF) developed by Fortinet. It's designed to protect web applications and APIs from a wide range of attacks, including those targeting known vulnerab…CISECURITY.ORG
📢 SECURITY ADVISORIES 13[−]
14 NovCISA Warns: Akira Ransomware Has Extracted $42M After Targeting HundredsA newly updated cybersecurity advisory from federal agencies reveals that the Akira ransomware operation has significantly escalated its campaign, compromising organizations worldwide and accumulating massive ransom proceeds through sophisticated attack methods. According to the …GBHACKERS.COM
14 NovBundestag beschließt NIS2-Umsetzungsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2692248471.jpg?quality=50&strip=all 7000w, https://b2b-contenthub.com/wp-content/uploads/2025/11/shutterstock_2692248471.jpg?resize=300%2C193&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
14 NovYour KnowBe4 Compliance Plus Fresh Content Updates from October 2025We’re thrilled to announce KnowBe4 Studios , uniting our world-class creative teams under one powerful brand for our Compliance Plus library. Leveraging the latest AI technologies and the expertise of our global content creators, we’re set to produce more engaging compliance trai…KNOWBE4.COM
14 NovCISA warns of Akira ransomware Linux encryptor targeting Nutanix VMssubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/cisa-warns-of-akira-ransomware-linux-encryptor-targeting-nutanix-vms/SH.ITJUST.WORKS
14 NovCISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/11/cisa-flags-critical-watchguard-fireware.htmlSH.ITJUST.WORKS
14 NovFBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses | CyberScoopsubmitted by kid to cybersecurity 1 points | 0 comments https://cyberscoop.com/akira-ransomware-fbi-cisa-joint-advisory/SH.ITJUST.WORKS
14 Nov2025 Cybersecurity Awareness Month by the NumbersOrganizations rely on KnowBe4 to educate millions of people each month on security awareness and compliance topics, and every October, during Cybersecurity Awareness Month, engagement with our training content sets new records. 2025 was no exception.KNOWBE4.COM
🔥 INCIDENT REPORTING 20[−]
14 NovCheckout.com Suffers Data Breach as ShinyHunters Attack Cloud StoragePayment processor Checkout.com recently experienced a data breach after being targeted by the cybercrime group “ShinyHunters.” The attackers accessed old data stored in a third-party cloud system. Luckily, Checkout.com’s live payment processing environment was not affected, and n…GBHACKERS.COM
14 NovAnthropic Says Claude AI Powered 90% of Chinese Espionage CampaignA state-sponsored threat actor manipulated Claude Code to execute cyberattacks on roughly 30 organizations worldwide. The post Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovChinese Hackers Use Anthropic's AI to Launch Automated Cyber Espionage CampaignState-sponsored threat actors from China used artificial intelligence (AI) technology developed by Anthropic to orchestrate automated cyber attacks as part of a "highly sophisticated espionage campaign" in mid-September 2025. "The attackers used AI's 'agentic' capabilities to an …THEHACKERNEWS.COM
14 NovKraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise EnvironmentsCisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security firm observed the Russian-speaking group conducting big-game hunting and…GBHACKERS.COM
14 NovAnalysis of Multi-Stage Phishing Kits Leveraging Telegram for Credential Theft and Evasion TechniquesResearchers at Group-IB have uncovered a sophisticated phishing framework that demonstrates how cybercriminals are industrializing credential theft through automation, evasion techniques, and Telegram-based data exfiltration. The kit targets explicitly Aruba S.p.A., an Italian IT…GBHACKERS.COM
14 NovCybercriminals Use Fake Invoices to Deploy XWorm and Steal Login CredentialsCybercriminals are deploying sophisticated phishing campaigns that weaponize seemingly legitimate invoice emails to distribute Backdoor.XWorm is a dangerous remote-access trojan (RAT) capable of stealing sensitive credentials, recording keystrokes, and installing ransomware. Secu…GBHACKERS.COM
14 NovInfostealers: The silent doorway to identity attacks — and why proactive defense mattersCredential theft isn’t just an inconvenience. It’s often the first move in a chain reaction that ends in full-scale compromise. Beyond the dreaded password reset process, information stealers, as shown in several recent cyberattacks, can have far more consequential follow-on effe…SOPHOS.COM
14 NovCheckout.com Discloses Data Breach After Extortion AttemptThe information was stolen from a legacy cloud file storage system, not from its payment processing platform. The post Checkout.com Discloses Data Breach After Extortion Attempt appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovAnthropic’s AI used in automated attacksAnthropic reported that a group of what it believes to be Chinese hackers carried out a series of attacks against foreign governments and large corporations in September. What makes the campaign stand out from the crowd is that the hackers automated the attacks using Claude Code …CSOONLINE.COM
14 NovThe State of Ransomware – Q3 2025 - Check Point Researchsubmitted by kid to cybersecurity 2 points | 0 comments https://research.checkpoint.com/2025/the-state-of-ransomware-q3-2025/SH.ITJUST.WORKS
14 NovSynnovis Finally Issues Breach Notification After 2024 Ransomware Atta - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/synnovis-breach-notification-2024/SH.ITJUST.WORKS
14 NovWashington Post data breach impacts nearly 10K employees, contractorssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/washington-post-data-breach-impacts-nearly-10k-employees-contractors/SH.ITJUST.WORKS
14 NovKraken ransomware benchmarks systems for optimal encryption choicesubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/kraken-ransomware-benchmarks-systems-for-optimal-encryption-choice/SH.ITJUST.WORKS
14 NovCheckout.com snubs hackers after data breach, to donate ransom insteadUK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom. [...]BLEEPINGCOMPUTER.COM
14 NovOperation Endgame Hits Rhadamanthys, VenomRAT, Elysium Malware, seize 1025 servers – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and Moresubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/operation-endgame-rhadamanthys-venomrat-elysium-malware/SH.ITJUST.WORKS
14 NovAnthropic claims of Claude AI-automated cyberattacks met with doubtAnthropic reports that a Chinese state-sponsored threat group, tracked as GTG-1002, carried out a cyber-espionage operation that was largely automated through the abuse of the company's Claude Code AI model. [...]BLEEPINGCOMPUTER.COM
14 NovLogitech confirms data breach after Clop extortion attackHardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July. [...]BLEEPINGCOMPUTER.COM
14 NovRansomware: The Double Dipping ThreatJoin Rob Allen as he unravels the complexities of ransomware! 💻🔐 From the false promises of decryption keys to the peril of double-dipping, Rob exposes the harsh realities of trusting criminals with your data. Discover why the odds are stacked against you and how to protect your …YOUTUBE.COM
14 NovAugustus De Morgan, Doordash, Fortiweb, Typosquatting, Vista, Ransomware, AI, More... - SWN #529Augustus De Morgan, Doordash, Fortiweb, Typosquatting, Vista, Ransomware, AI, Josh, Rob, Aaran, Jason, Dr. Scott, Rocky, Uh., and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securitywe…YOUTUBE.COM
14 NovRedefining Enterprise Defense in the Era of AI-Led CyberattacksMore cybercriminals are turning to using autonomous AI tools to upgrade their attacks, as exemplified by the recent utilization of Anthropic’s Claude Code, prompting an urgent need for enterprises to adopt agentic AI-driven security platforms and proactive defenses to counter AI-…TRENDMICRO.COM
🕵️ THREAT INTELLIGENCE 21[−]
14 NovRussian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests' Payment DataA Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year. The activity, per Netcraft security researcher Andrew Brandt, is designed to target customers of the hospitality industry, specifically hot…THEHACKERNEWS.COM
14 NovISC Stormcast For Friday, November 14th, 2025 https://isc.sans.edu/podcastdetail/9700, (Fri, Nov 14th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
14 NovLumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 CommunicationsFollowing the doxxing of Lumma Stealer’s alleged core members last month, the notorious infostealer initially experienced a significant decline in activity as customers migrated to rival platforms like Vidar and StealC. However, recent telemetry data reveals a concerning re…GBHACKERS.COM
14 NovPress Release: CIO100 and CSO30 ASEAN Awards 2025 Celebrate Regional Excellence in Technology LeadershipNovember 14, 2025 : The CIO100 and CSO30 ASEAN and Hong Kong Awards Gala on November 12, 2025, delivered a powerful validation of the region’s technology leadership maturity. CIO ASEAN and CSO ASEAN had the privilege of hosting an evening that brought together the most elite CIO1…CSOONLINE.COM
14 NovGoogle Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following LawsuitThe cybercriminals informed customers that their cloud server was shut down due to complaints. The post Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovMicrosoft Teams Introduces Premium Feature to Prevent Screenshots and Screen RecordingMicrosoft has launched a new security feature in Teams Premium called “Prevent screen capture,” designed to block screenshots and recordings during sensitive meetings. This feature will be available worldwide through late November 2025, addressing growing concerns abo…GBHACKERS.COM
14 NovAndroid Photo Frame App Infects Devices With Malware, Allows Full Remote TakeoverA recent investigation has uncovered alarming security vulnerabilities in Android-powered digital photo frames, turning what should be a simple home or office gadget into a potent tool for cybercriminals. The findings reveal that apps preinstalled on these smart photo frames not …GBHACKERS.COM
14 NovAmazon Detects 150,000 NPM Packages in Worm-Powered CampaignA financially motivated threat actor automated the package publishing process in a coordinated tea.xyz token farming campaign. The post Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovFormbook Malware Campaign Uses Malicious ZIP Files and Layered Scripting TechniquesA new campaign leveraging Formbook malware has emerged, showcasing sophisticated multi-stage infection tactics that underscore the importance of analyzing more than just executable files during malware investigations. When teaching malware reverse-engineering in courses like SANS…GBHACKERS.COM
14 NovWashington Post Says Nearly 10,000 Employees Impacted by Oracle HackThe media company admitted that cybercriminals attempted to extort a payment after stealing personal information. The post Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovAdvanced macOS DigitStealer Uses Multi-Stage Attack Chain to Evade DetectionJamf Threat Labs has identified a new family of malicious stealers tracked as DigitStealer, representing a significant evolution in macOS-targeted malware. Unlike traditional infostealers that follow linear execution paths, DigitStealer introduced sophisticated multi-stage attack…GBHACKERS.COM
14 NovRONINGLOADER Uses Signed Drivers to Disable Microsoft Defender and Bypass EDRElastic Security Labs has uncovered a sophisticated campaign deploying a newly identified loader, dubbed RONINGLOADER, that weaponizes legitimately signed kernel drivers to systematically disable Microsoft Defender and evade endpoint detection and response (EDR) tools. Attributed…GBHACKERS.COM
14 NovPopular Android-based photo frames download malware on bootsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/popular-android-based-photo-frames-download-malware-on-boot/SH.ITJUST.WORKS
14 NovIranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government TargetsThe Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign. The activity, detected in early September 2025 and a…THEHACKERNEWS.COM
14 NovChinese spies used Claude to break into critical orgs • The Registersubmitted by kid to cybersecurity 1 points | 0 comments https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/SH.ITJUST.WORKS
14 NovUpcoming Speaking EngagementsThis is a current list of where and when I am scheduled to speak: My coauthor Nathan E. Sanders and I are speaking at the Rayburn House Office Building in Washington, DC at noon ET on November 17, 2025. The event is hosted by the POPVOX Foundation and the topic is “ AI and Congre…SCHNEIER.COM
14 NovFive people plead guilty to helping North Koreans infiltrate US companies as ‘remote IT workers’The U.S. Department of Justice said five people — including four U.S. nationals — "facilitated" North Korean IT workers to get jobs at American companies, allowing the regime to earn money from their remote labor.TECHCRUNCH.COM
14 NovNorth Korean Hackers Turn JSON Services into Covert Malware Delivery ChannelsThe North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. "The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and n…THEHACKERNEWS.COM
14 NovCISO, CIO, CTO: Business Leaders First🚀 Transforming roles into leadership! Amanda Jack talks about how everyCISO, CIO, and CTO needs to step up and lead the charge. Are you ready to influence the future? Subscribe to our podcasts: https://securityweekly.com/subscribe #TechRevolution #BusinessStrategy #FutureLeaders …YOUTUBE.COM
14 NovNew Android Malware Platform Targets Bank AccountsResearchers at Zimperium are tracking a new malware-as-a-service platform designed to target Android phones with banking Trojans. The platform, dubbed “Fantasy Hub,” allows unskilled threat actors to launch sophisticated malware campaigns that trick victims into granting access t…KNOWBE4.COM
14 NovFive plead guilty to helping North Koreans infiltrate US firmsThe U.S. Department of Justice announced that five individuals pleaded guilty to aiding North Korea's illicit revenue generation schemes, including remote IT worker fraud and cryptocurrency theft. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 4[−]
14 NovASUS warns of critical auth bypass flaw in DSL series routersASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models. [...]BLEEPINGCOMPUTER.COM
14 NovGoogle backpedals on new Android developer registration rulesGoogle is backpedaling on its decision to introduce new identity verification rules for all developers, stating that it will also introduce accounts for limited app distribution and will allow users to install apps from unverified devs. [...]BLEEPINGCOMPUTER.COM
14 NovThe Role of Humans in an AI-Powered WorldAs AI capabilities grow, we must delineate the roles that should remain exclusively human. The line seems to be between fact-based decisions and judgment-based decisions. For example, in a medical context, if an AI was demonstrably better at reading a test result and diagnosing c…SCHNEIER.COM