MATLOCK.CA
96Articles
7Categories
2025-11-14Date
🚨
CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-64446 Fortinet FortiWeb Path Traversal Vulnerability  This type of vulnerability is a frequent attack vector for malicious cyber act…
KEVCISA.GOV — Fri, 14 Nov 25 1
🚨
Fortinet Confirms Active Exploitation of Critical FortiWeb VulnerabilitySecurity firms say the flaw has been actively exploited for weeks, even as Fortinet quietly shipped fixes and CISA added the bug to its KEV catalog. The post Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability appeared first on SecurityWeek .
KEVSECURITYWEEK.COM — 14 Nov 2025
🚨
Fortinet Releases Security Advisory for Relative Path Traversal Vulnerability Affecting FortiWeb ProductsCISA is aware of exploitation of a newly disclosed vulnerability, CVE-2025-64446 , in Fortinet FortiWeb, a web application firewall. This vulnerability affects the following FortiWeb versions: 1 8.0.0 through 8.0.1 7.6.0 through 7.6.4 7.4.0 through 7.4.9 7.2.0 through 7.2.11 7.0.…
KEVCISA.GOV — Fri, 14 Nov 25 1
🐛
Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious Packets
GBHACKERS.COM — 14 Nov 2025
🐛
Critical Zoho Analytics Plus Flaw Allows Attackers to Run Arbitrary SQL Queries
GBHACKERS.COM — 14 Nov 2025
🐛
Copy-paste vulnerability hit AI inference frameworks at Meta, Nvidia, and Microsoft
CSOONLINE.COM — 14 Nov 2025
🐛
NVIDIA NeMo Flaw Enables Code Injection and Privilege Escalation Attacks
GBHACKERS.COM — 14 Nov 2025
🐛
Cisco Catalyst Center Vulnerability Allows Attackers to Escalate Privileges
GBHACKERS.COM — 14 Nov 2025
🐛
"Patched" but still exposed: US federal agencies must remediate Cisco flaws (again) - Help Net Security
SH.ITJUST.WORKS — 14 Nov 2025
🐛
Vulnerability-Lookup 2.18.0 - Integration with Rulezet
INFOSEC.PUB — 14 Nov 2025
🐛
AL25-017 - Vulnerability impacting Fortinet FortiWeb – CVE-2025-64446
CYBER.GC.CA — 2025-11-14
⚠️
Agentic AI opens door to new ID challenges: Report
CSOONLINE.COM — 14 Nov 2025
⚠️
Fortinet FortiWeb Zero-Day Exploited to Gain Full Admin Access
KEVGBHACKERS.COM — 14 Nov 2025
⚠️
Cybersecurity Today: Oracle Breach, CrowdStrike Report, and New iPhone Scam
CYBERSECURITYTODAY.LIBSYN.COM — 14 Nov 2025
⚠️
Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE Attacks
GBHACKERS.COM — 14 Nov 2025
⚠️
Washington Post Oracle E-Suite Breach Exposes Data of Over 9,000 Staff and Contractors
GBHACKERS.COM — 14 Nov 2025
⚠️
Fortinet FortiWeb Flaw Actively Exploited in the Wild Before Company's Silent Patch
KEVTHEHACKERNEWS.COM — 14 Nov 2025
⚠️
Imunify360 Vulnerability Could Expose Millions of Sites to Hacking
SECURITYWEEK.COM — 14 Nov 2025
⚠️
Fighting AI with AI: Adversarial bots vs. autonomous threat hunters
CSOONLINE.COM — 14 Nov 2025
⚠️
Ransomware's Fragmentation Reaches a Breaking Point While LockBit Returns
THEHACKERNEWS.COM — 14 Nov 2025
⚠️
Akira Ransomware Group Made $244 Million in Ransom Proceeds
SECURITYWEEK.COM — 14 Nov 2025
⚠️
Vulnerability Management: Tackling the Wrong Problem
YOUTUBE.COM — 2025-11-14
⚠️
Hackers Exploit Rogue MCP Server to Inject Malicious Code into Cursor’s Built-In Browser
GBHACKERS.COM — 14 Nov 2025
⚠️
Multiple Cisco Unified CCX Vulnerabilities Enable Arbitrary Command Execution by Attackers
GBHACKERS.COM — 14 Nov 2025
⚠️
US announces new strike force targeting Chinese crypto scammers
BLEEPINGCOMPUTER.COM — 14 Nov 2025
⚠️
Fortinet FortiWeb flaw with public PoC exploited to create admin users
SH.ITJUST.WORKS — 14 Nov 2025
⚠️
In Other News: Deepwatch Layoffs, macOS Vulnerability, Amazon AI Bug Bounty
SECURITYWEEK.COM — 14 Nov 2025
⚠️
Arista, Palo Alto bolster AI data center security
CSOONLINE.COM — 14 Nov 2025
⚠️
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
THEHACKERNEWS.COM — 14 Nov 2025
⚠️
RCE flaw in ImunifyAV puts millions of Linux-hosted sites at risk
SH.ITJUST.WORKS — 14 Nov 2025
⚠️
Fortinet confirms silent patch for FortiWeb zero-day exploited in attacks
BLEEPINGCOMPUTER.COM — 14 Nov 2025
⚠️
CYBERCOM 2.0: Pentagon Unveils Plan to Fix Cyber Talent Shortfalls
SECURITYWEEK.COM — 14 Nov 2025
⚠️
From detection to response: Why confidence is the real game changer
CSOONLINE.COM — 14 Nov 2025
⚠️
Why network visibility is the thread that holds cybersecurity together
CSOONLINE.COM — 14 Nov 2025
⚠️
How shadow IT leaves every industry in the dark
CSOONLINE.COM — 14 Nov 2025
⚠️
Why SOC efficiency is the most valuable currency in cybersecurity
CSOONLINE.COM — 14 Nov 2025
⚠️
Friday Squid Blogging: Pilot Whales Eat a Lot of Squid
SCHNEIER.COM — 2025-11-14
⚠️
A Vulnerability in FortiWeb Could Allow for Remote Code Execution
CISECURITY.ORG — 14 Nov 2025
📢
CISA Warns: Akira Ransomware Has Extracted $42M After Targeting Hundreds
GBHACKERS.COM — 14 Nov 2025
📢
Bundestag beschließt NIS2-Umsetzung
CSOONLINE.COM — 14 Nov 2025
📢
Splunk security advisory (AV25-754)
CYBER.GC.CA — 2025-11-14
📢
Microsoft Edge security advisory (AV25-755)
CYBER.GC.CA — 2025-11-14
📢
Your KnowBe4 Compliance Plus Fresh Content Updates from October 2025
KNOWBE4.COM — 14 Nov 2025
📢
CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs
SH.ITJUST.WORKS — 14 Nov 2025
📢
CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks
SH.ITJUST.WORKS — 14 Nov 2025
📢
FBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses | CyberScoop
SH.ITJUST.WORKS — 14 Nov 2025
📢
Samsung mobile security advisory (AV25-757)
CYBER.GC.CA — 2025-11-14
📢
HPE security advisory (AV25-756)
CYBER.GC.CA — 2025-11-14
📢
Fortinet security advisory (AV25-758)
CYBER.GC.CA — 2025-11-14
📢
2025 Cybersecurity Awareness Month by the Numbers
KNOWBE4.COM — 14 Nov 2025
📢
Cisco security advisory (AV25-759)
CYBER.GC.CA — 2025-11-14
🔥
Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud Storage
GBHACKERS.COM — 14 Nov 2025
🔥
Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign
SECURITYWEEK.COM — 14 Nov 2025
🔥
Chinese Hackers Use Anthropic's AI to Launch Automated Cyber Espionage Campaign
THEHACKERNEWS.COM — 14 Nov 2025
🔥
Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments
GBHACKERS.COM — 14 Nov 2025
🔥
Analysis of Multi-Stage Phishing Kits Leveraging Telegram for Credential Theft and Evasion Techniques
GBHACKERS.COM — 14 Nov 2025
🔥
Cybercriminals Use Fake Invoices to Deploy XWorm and Steal Login Credentials
GBHACKERS.COM — 14 Nov 2025
🔥
Infostealers: The silent doorway to identity attacks — and why proactive defense matters
SOPHOS.COM — 14 Nov 2025
🔥
Checkout.com Discloses Data Breach After Extortion Attempt
SECURITYWEEK.COM — 14 Nov 2025
🔥
Anthropic’s AI used in automated attacks
CSOONLINE.COM — 14 Nov 2025
🔥
The State of Ransomware – Q3 2025 - Check Point Research
SH.ITJUST.WORKS — 14 Nov 2025
🔥
Synnovis Finally Issues Breach Notification After 2024 Ransomware Atta - Infosecurity Magazine
SH.ITJUST.WORKS — 14 Nov 2025
🔥
Washington Post data breach impacts nearly 10K employees, contractors
SH.ITJUST.WORKS — 14 Nov 2025
🔥
Kraken ransomware benchmarks systems for optimal encryption choice
SH.ITJUST.WORKS — 14 Nov 2025
🔥
Checkout.com snubs hackers after data breach, to donate ransom instead
BLEEPINGCOMPUTER.COM — 14 Nov 2025
🔥
Operation Endgame Hits Rhadamanthys, VenomRAT, Elysium Malware, seize 1025 servers – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
SH.ITJUST.WORKS — 14 Nov 2025
🔥
Anthropic claims of Claude AI-automated cyberattacks met with doubt
BLEEPINGCOMPUTER.COM — 14 Nov 2025
🔥
Logitech confirms data breach after Clop extortion attack
BLEEPINGCOMPUTER.COM — 14 Nov 2025
🔥
Ransomware: The Double Dipping Threat
YOUTUBE.COM — 2025-11-14
🔥
Augustus De Morgan, Doordash, Fortiweb, Typosquatting, Vista, Ransomware, AI, More... - SWN #529
YOUTUBE.COM — 2025-11-14
🔥
Redefining Enterprise Defense in the Era of AI-Led Cyberattacks
TRENDMICRO.COM — 14 Nov 2025
🕵️
Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests' Payment Data
THEHACKERNEWS.COM — 14 Nov 2025
🕵️
ISC Stormcast For Friday, November 14th, 2025 https://isc.sans.edu/podcastdetail/9700, (Fri, Nov 14th)
ISC.SANS.EDU — 14 Nov 2025
🕵️
Lumma Stealer Leverages Browser Fingerprinting for Data Theft and Stealthy C2 Communications
GBHACKERS.COM — 14 Nov 2025
🕵️
Press Release: CIO100 and CSO30 ASEAN Awards 2025 Celebrate Regional Excellence in Technology Leadership
CSOONLINE.COM — 14 Nov 2025
🕵️
Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit
SECURITYWEEK.COM — 14 Nov 2025
🕵️
Microsoft Teams Introduces Premium Feature to Prevent Screenshots and Screen Recording
GBHACKERS.COM — 14 Nov 2025
🕵️
Android Photo Frame App Infects Devices With Malware, Allows Full Remote Takeover
GBHACKERS.COM — 14 Nov 2025
🕵️
Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign
SECURITYWEEK.COM — 14 Nov 2025
🕵️
Formbook Malware Campaign Uses Malicious ZIP Files and Layered Scripting Techniques
GBHACKERS.COM — 14 Nov 2025
🕵️
Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack
SECURITYWEEK.COM — 14 Nov 2025
🕵️
Advanced macOS DigitStealer Uses Multi-Stage Attack Chain to Evade Detection
GBHACKERS.COM — 14 Nov 2025
🕵️
RONINGLOADER Uses Signed Drivers to Disable Microsoft Defender and Bypass EDR
GBHACKERS.COM — 14 Nov 2025
🕵️
Popular Android-based photo frames download malware on boot
SH.ITJUST.WORKS — 14 Nov 2025
🕵️
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets
THEHACKERNEWS.COM — 14 Nov 2025
🕵️
Chinese spies used Claude to break into critical orgs • The Register
SH.ITJUST.WORKS — 14 Nov 2025
🕵️
Upcoming Speaking Engagements
SCHNEIER.COM — 2025-11-14
🕵️
Five people plead guilty to helping North Koreans infiltrate US companies as ‘remote IT workers’
TECHCRUNCH.COM — 14 Nov 2025
🕵️
North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels
THEHACKERNEWS.COM — 14 Nov 2025
🕵️
CISO, CIO, CTO: Business Leaders First
YOUTUBE.COM — 2025-11-14
🕵️
New Android Malware Platform Targets Bank Accounts
KNOWBE4.COM — 14 Nov 2025
🕵️
Five plead guilty to helping North Koreans infiltrate US firms
BLEEPINGCOMPUTER.COM — 14 Nov 2025
📡
ASUS warns of critical auth bypass flaw in DSL series routers
BLEEPINGCOMPUTER.COM — 14 Nov 2025
📡
Google backpedals on new Android developer registration rules
BLEEPINGCOMPUTER.COM — 14 Nov 2025
📡
The Role of Humans in an AI-Powered World
SCHNEIER.COM — 2025-11-14
📡
Microsoft Office Russian Dolls, (Fri, Nov 14th)
ISC.SANS.EDU — 14 Nov 2025