🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
17 NovAkira ransomware expands to Nutanix AHV, raising stakes for enterprise securityThe Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI and several international partners, has issued a new advisory warning organizations about the growing threat posed by the Akira ransomware group to critical infrastructure. The latest update shows the…CSOONLINE.COM
17 NovIBM AIX Flaw Allows Remote Attackers to Run Arbitrary CommandsIBM has released critical security updates addressing four severe vulnerabilities in AIX and VIOS systems that could allow remote attackers to execute arbitrary commands, steal credentials, and traverse system directories. The vulnerabilities affect multiple AIX versions and requ…GBHACKERS.COM
17 NovHackers Weaponize XWiki Flaw to Build and Rent Out Botnet NetworksCybersecurity researchers have observed a dramatic escalation in attacks exploiting a critical XWiki vulnerability, with multiple threat actors now leveraging CVE-2025-24893 to deploy botnets, cryptocurrency miners, and custom malware toolkits. The vulnerability, initially detec…GBHACKERS.COM
17 NovRondoDox botnet malware now hacks servers using XWiki flawThe RondoDox botnet malware is now exploiting a critical remote code execution (RCE) flaw in XWiki Platform tracked as CVE-2025-24893. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 22[−]
17 Nov KEVFortinet Zero Day In Active Exploitation, North Korean Infiltration Grows And More: .Cybersecurity Today for November 16 2025Critical Cybersecurity Updates: Fortinet Zero Day, North Korean Infiltration & JLR Cyber Attack In this episode of Cybersecurity Today, host David Chipley discusses the latest critical updates in the cybersecurity world. Fortinet faces a massive zero-day vulnerability actively ex…CYBERSECURITYTODAY.LIBSYN.COM
17 NovSilentButDeadly – Network Communication Blocker Tool That Neutralizes EDR/AVsubmitted by cm0002 to cybersecurity 2 points | 0 comments https://cybersecuritynews.com/silentbutdeadly-neutralizes-edr-av/ A new open-source tool called SilentButDeadly has emerged, designed to disrupt Endpoint Detection and Response (EDR) and antivirus (AV) software by severin…INFOSEC.PUB
17 NovISO and ISMS: 9 reasons security certifications go wrongISO certifications, as well as the implementation of an Information Security Management System (ISMS) based on IT baseline protection standards, are seen by many companies as proof of their quality and professional approach to conducting business. While this is an important found…CSOONLINE.COM
17 NovRust Adoption Drives Android Memory Safety Bugs Below 20% for First TimeGoogle has disclosed that the company's continued adoption of the Rust programming language in Android has resulted in the number of memory safety vulnerabilities falling below 20% for the first time. "We adopted Rust for its security and are seeing a 1000x reduction in memory sa…THEHACKERNEWS.COM
17 NovThe rise of the chief trust officer: Where does the CISO fit?CISOs may soon find themselves operating alongside a new colleague, the chief trust officer, as more organizations elevate trust as a business differentiator. With breaches, product safety concerns and uncertainty about AI, trust has taken a battering in the eyes of customers and…CSOONLINE.COM
17 NovYear of the (Clandestine) Linux Desktop, topic, and the news - Rob Allen - ESW #433### Segment 1: Interview with Rob Allen It’s the Year of the (Clandestine) Linux Desktop! As if EDR evasions weren’t enough, attackers are now employing yet another method to hide their presence on enterprise systems: deploying tiny Linux VMs. Attackers are using Hyper-V and/or W…YOUTUBE.COM
17 NovWidespread Exploitation of XWiki Vulnerability ObservedThe exploitation of the recent XWiki vulnerability has expanded to botnets, cryptocurrency miners, scanners, and custom tools. The post Widespread Exploitation of XWiki Vulnerability Observed appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovIndia’s new data privacy rules turn privacy compliance into an engineering challengeIndia has notified its Digital Personal Data Protection (DPDP) Rules, 2025, introducing strict consent and data retention requirements that will force large digital platforms and enterprise IT teams to overhaul how they collect, store, and erase personal data. The rules mandate i…CSOONLINE.COM
17 NovNorth Korea’s ‘Job Test’ trap upgrades to JSON malware dropboxesNorth Korea-linked Contagious Interview campaign is now luring developers with trojanized coding tasks and pulling obfuscated payloads from public JSON-storage services like JSON Keeper, JSONSilo, and npoint.io. An NVISO Labs analysis of the campaign shows threat actors sending f…CSOONLINE.COM
17 NovRondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnetsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/11/rondodox-exploits-unpatched-xwiki.htmlSH.ITJUST.WORKS
17 Nov⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & MoreThis week showed just how fast things can go wrong when no one’s watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms. It’s not just about hacking anymore. Criminals are bui…THEHACKERNEWS.COM
17 NovCritical RCE Flaws in AI Inference Engines Expose Meta, Nvidia, and Microsoft FrameworksSecurity researchers at Oligo Security have uncovered a series of critical Remote Code Execution vulnerabilities affecting widely deployed AI inference servers from major technology companies. The flaws affect frameworks developed by Meta, NVIDIA, Microsoft, and open-source proje…GBHACKERS.COM
17 NovSurveillance tech provider Protei was hacked, its data stolen and its website defacedThe defacement of Protei's website said "another DPI/SORM provider bites the dust," apparently referring to the company selling its web intercept and surveillance products to phone and internet providers.TECHCRUNCH.COM
17 Nov5 key ways attack surface management will evolve in 2026Cyberattack surfaces in the enterprise have been expanding in both extent and complexity for several years and this sprawl is showing no signs of slowing down. The trend can be attributed to several factors, including: The rise of IoT, which has added significantly more devices t…CSOONLINE.COM
17 NovDoorDash email spoofing vulnerability sparks messy disclosure disputeA vulnerability in DoorDash's systems could allow anyone to send "official" DoorDash-themed emails right from company's authorized servers, paving a near-perfect phishing channel. DoorDash has now patched the issue, but a contentious disclosure dispute has erupted, with both side…BLEEPINGCOMPUTER.COM
17 NovShared Intel Q&A: Viewing CMMC as a blueprint for readiness across the defense supply chainSmall and mid-sized contractors play a vital role in the U.S. defense industrial base — but too often, they remain the weakest link in the cybersecurity chain. Related: Pentagon enforcing CMMC RADICL’s 2025 DIB Cybersecurity Maturity Report reveals that 85% … (more…) The po…LASTWATCHDOG.COM
17 NovDoorDash email spoofing vulnerability sparks messy disclosure disputesubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/doordash-email-spoofing-vulnerability-sparks-messy-disclosure-dispute/SH.ITJUST.WORKS
17 Nov70 Million Devices Vulnerable Due to Logic Flaw Exposing Internal NetworksA critical logic flaw discovered in the widely used mPDF PHP library could expose internal networks and sensitive services on approximately 70 million devices worldwide. The vulnerability stems from improper regular expression parsing, which allows attackers to issue unauthorized…GBHACKERS.COM
17 NovSilentButDeadly: New Tool Blocks Network Traffic to Bypass EDR and AntivirusA newly released open-source tool called SilentButDeadly is raising security concerns by demonstrating how attackers can effectively turn off Endpoint Detection and Response systems and antivirus software without terminating any processes. Developed by security researcher Ryan Fr…GBHACKERS.COM
17 NovPre-Installed Spyware Found on Samsung Galaxy Devices and Cannot Be RemovedSamsung users across West Asia and North Africa are raising serious privacy concerns over AppCloud. This pre-installed bloatware application collects sensitive personal data without consent. It cannot be easily removed from Galaxy A and M series smartphones. AppCloud, developed b…GBHACKERS.COM
17 NovMicrosoft Entra Invitations Hijacked in Surge of TOAD Phishing AttacksA newly identified phishing campaign is exploiting Microsoft Entra tenant invitation functionality to orchestrate TOAD (Telephone-Oriented Attack Delivery) attacks against unsuspecting users. Security researchers have uncovered how threat actors are weaponizing legitimate Microso…GBHACKERS.COM
17 NovEurofiber France warns of breach after hacker tries to sell customer dataEurofiber France disclosed a data breach it discovered late last week when hackers gained access to its ticket management system by exploiting a vulnerability and exfiltrated information. [...]BLEEPINGCOMPUTER.COM
📋 SECURITY BULLETINS 1[−]
17 NovMicrosoft: Windows 10 KB5072653 OOB update fixes ESU install errorsMicrosoft has released an emergency Windows 10 KB5072653 out-of-band update to resolve ongoing issues with installing the November extended security updates. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 9[−]
17 NovGipfel in Berlin – Europa strebt digitale Souveränität anAm 18. November 2025 findet der Summit on European Digital Sovereignty in Berlin statt. mr_tigga – shutterstock.com Bundeskanzler Friedrich Merz (CDU) und Frankreichs Präsident, Emmanuel Macron, haben sich angekündigt zum Treffen der Digitalminister und IT-Fachleute in Berlin. Ru…CSOONLINE.COM
17 NovAlice Blue Partners With AccuKnox For Regulatory ComplianceAccuKnox, a global leader in Zero Trust Cloud-Native Application Protection Platforms(CNAPP), today announced its partnership with Alice Blue India, a prominent brokerage andfinancial services firm, to strengthen its security and compliance frameworks across on-premand cloud work…GBHACKERS.COM
17 NovCISA Alerts on Critical Lynx+ Gateway Flaw Leaks Data in CleartextThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding multiple vulnerabilities affecting General Industrial Controls’ Lynx+ Gateway device. Released on November 13, 2025, under alert code ICSA-25-317-08, these flaws pose …GBHACKERS.COM
🔥 INCIDENT REPORTING 12[−]
17 NovLogitech Confirms Data Breach Following Designation as Oracle Hack VictimLogitech was listed on the Cl0p ransomware leak website in early November, but its disclosure does not mention Oracle. The post Logitech Confirms Data Breach Following Designation as Oracle Hack Victim appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovDoorDash Says Personal Information Stolen in Data BreachNames, addresses, email addresses, and phone numbers were compromised after an employee fell for a social engineering attack. The post DoorDash Says Personal Information Stolen in Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovNorth Korean Hackers Breach 136 U.S. Companies, Earning $2.2 MillionThe U.S. Justice Department has announced a significant crackdown on North Korean cybercrime operations, securing five guilty pleas and initiating civil forfeiture actions totaling over $15 million against schemes orchestrated by the Democratic People’s Republic of Korea (D…GBHACKERS.COM
17 NovLogitech confirms data breach after Clop extortion attacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/logitech-confirms-data-breach-after-clop-extortion-attack/SH.ITJUST.WORKS
17 Nov KEVKI-gesteuerter Cyberangriff sorgt für WirbelForscher wollen den ersten großangelegten Cyberangriff entdeckt haben, der von einem KI-Modell ausgeführt wurde. LALAKA – shutterstock.com Das KI-Unternehmen Anthropic gab kürzlich bekannt, dass Unternehmen weltweit von einer KI-gestützten Spionage-Software attackiert wurden. Dab…CSOONLINE.COM
17 NovCheckout.com snubs hackers after data breach, to donate ransom insteadsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/checkoutcom-snubs-shinyhunters-hackers-to-donate-ransom-instead/SH.ITJUST.WORKS
17 NovDoorDash confirms data breach impacting users’ phone numbers and physical addressesThe delivery giant said “no sensitive information” was accessed, and did not specify the number of customers, delivery workers, and merchants who were impacted by the breach.TECHCRUNCH.COM
17 NovPennsylvania AG confirms data breach after INC Ransom attackThe office of Pennsylvania's attorney general has confirmed that the ransomware gang behind an August 2025 cyberattack stole files containing personal and medical information. [...]BLEEPINGCOMPUTER.COM
17 NovPrinceton University discloses data breach affecting donors, alumniA Princeton University database was compromised in a cyberattack on November 10, exposing the personal information of alumni, donors, faculty members, and students. [...]BLEEPINGCOMPUTER.COM
17 NovAkira Ransomware Haul Surpasses $244M in Illicit Proceeds - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/akira-ransomware-244m-in-illicit/SH.ITJUST.WORKS
17 NovYurei Ransomware: Encryption Mechanics, Operational Model, and Data Exfiltration MethodsA newly identified ransomware group, Yurei, has emerged as a significant threat to organizations worldwide, with confirmed attacks targeting entities in Sri Lanka and Nigeria across multiple critical industries. First publicly identified in early September 2025, Yurei operates a …GBHACKERS.COM
17 NovGoogle Launches Public Preview of Its Alert Triage and Investigation Agent for Security OperationsGoogle has taken a significant step toward its vision of an Agentic SOC by announcing the public preview of the Alert Triage and Investigation agent, a purpose-built AI agent natively embedded into Google Security Operations. This advancement brings the promise of intelligent age…GBHACKERS.COM
🕵️ THREAT INTELLIGENCE 25[−]
17 NovISC Stormcast For Monday, November 17th, 2025 https://isc.sans.edu/podcastdetail/9702, (Mon, Nov 17th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
17 NovDecoding Binary Numeric Expressions, (Mon, Nov 17th)In diary entry " Formbook Delivered Through Multiple Scripts ", Xavier mentions that the following line:
ISC.SANS.EDU
17 NovDragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RATThe threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT. The campaign, which is primarily aimed at Chinese-speaking users, employs trojanized NSIS …THEHACKERNEWS.COM
17 NovMore Prompt||GTFOThe next three in this series on online events highlighting interesting uses of AI in cybersecurity are online: #4 , #5 , and #6 . Well worth watching.SCHNEIER.COM
17 NovAI's Dark Side: Creating Malware in Minutes!Discover how AI is revolutionizing cybersecurity with Kieran Human! From creating novel malware in minutes to the essential role of zero trust, this clip dives into the future of digital defense. Subscribe to our podcasts: https://securityweekly.com/subscribe #AI #Cybersecurity #…YOUTUBE.COM
17 NovDecades-old ‘Finger’ protocol abused in ClickFix malware attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/decades-old-finger-protocol-abused-in-clickfix-malware-attacks/SH.ITJUST.WORKS
17 Nov5 Plead Guilty in US to Helping North Korean IT WorkersAudricus Phagnasay, Jason Salazar, Alexander Paul Travis, Erick Ntekereze, and Oleksandr Didenko have pleaded guilty. The post 5 Plead Guilty in US to Helping North Korean IT Workers appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovRONINGLOADER Weaponized Weaponizes Signed Drivers to Disable Defender and Evade EDR Toolssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/roningloader-weaponized-weaponizes-signed-drivers/SH.ITJUST.WORKS
17 NovEVALUATION Campaign Using ClickFix Technique to Deploy Amatera Stealer and NetSupport RATeSentire’s Threat Response Unit (TRU) has uncovered a sophisticated malware campaign leveraging the ClickFix social engineering technique to distribute Amatera Stealer and NetSupport RAT, targeting cryptocurrency wallets, password managers, and sensitive credentials across …GBHACKERS.COM
17 NovIran-Linked SpearSpecter Campaign Leveraging Personalized Social Engineering Against High-Value OfficialsIranian threat actors aligned with the Islamic Revolutionary Guard Corps Intelligence Organization (IRGC-IO) are conducting a sophisticated espionage campaign tracked as SpearSpecter, systematically targeting high-value senior defense and government officials through personalized…GBHACKERS.COM
17 NovNew Detection Methods Uncovered for Outlook NotDoor Backdoor MalwareCybersecurity researchers have unveiled comprehensive detection methodologies for NotDoor, a sophisticated backdoor malware that leverages Microsoft Outlook macros for covert command and control operations. The malware, attributed to the Russian state-sponsored threat group APT28…GBHACKERS.COM
17 NovHackers are Weaponizing Invoices to Deliver XWorm That Steals Login Credentialssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/hackers-are-weaponizing-invoices-to-deliver-xworm/SH.ITJUST.WORKS
17 NovAmazon Detects 150,000 NPM Packages in Worm-Powered Campaign - SecurityWeeksubmitted by kid to cybersecurity 3 points | 0 comments https://www.securityweek.com/amazon-detects-150000-npm-packages-in-worm-powered-campaign/SH.ITJUST.WORKS
17 NovASUS warns of critical auth bypass flaw in DSL series routerssubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/asus-warns-of-critical-auth-bypass-flaw-in-dsl-series-routers/SH.ITJUST.WORKS
17 NovResearchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworkssubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2025/11/researchers-find-serious-ai-bugs.htmlSH.ITJUST.WORKS
17 NovIranian Hackers Target Defense and Government Officials in Ongoing CampaignThe state-sponsored APT has been targeting the victims’ family members to increase pressure on their targets. The post Iranian Hackers Target Defense and Government Officials in Ongoing Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovDocument Tech Firm Hit as New Cyber Gang Expands Reachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.in/document-tech-firm-hit-as-new-cyber-gang-expands-reach-a-30041SH.ITJUST.WORKS
17 NovCollaborative research by Microsoft and NVIDIA on real-time immunityRead about Microsoft and NVIDIA joint research on real-time immunity. The post Collaborative research by Microsoft and NVIDIA on real-time immunity appeared first on Microsoft Security Blog .TECHCOMMUNITY.MICROSOFT.COM
17 NovDefending the cloud: Azure neutralized a record-breaking 15 Tbps DDoS attack | Microsoft Community Hubsubmitted by kid to cybersecurity 1 points | 0 comments https://techcommunity.microsoft.com/blog/azureinfrastructureblog/defending-the-cloud-azure-neutralized-a-record-breaking-15-tbps-ddos-attack/4470422SH.ITJUST.WORKS
17 NovCyber-Attack Costs Carmaker JLR $258m in Q2submitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/jlr-posts-639m-q2-losses/SH.ITJUST.WORKS
17 NovAI: A Horizontal DisciplineAI isn't just a tech buzzword—it's a collaborative revolution! Join Anand Singh as he explains why AI should be a horizontal discipline, involving everyone from legal to data architects. Don't let outdated contracts hold you back. Embrace a new era of collaboration and innovation…YOUTUBE.COM
17 NovFrentree Partners with AccuKnox to Expand Zero Trust CNAPP Security in South KoreaMenlo Park, California, USA, November 17th, 2025, CyberNewsWire AccuKnox, a global leader in Zero Trust Cloud-Native Application Protection Platforms (CNAPP), today announced its distributor partnership with Frentree, a leading cybersecurity solutions provider in South Korea. The…GBHACKERS.COM
17 NovPayroll Pirates: Inside the Criminal Networks Hijacking Payroll SystemsCyber threats don’t always come with warning signs. Sometimes, they arrive as sponsored ads. Since mid-2023, a financially motivated network has been quietly hijacking payroll systems, credit unions, and trading platforms across the United States. Their method? Malvertising…GBHACKERS.COM
17 NovAI-Powered Expansion of Pig Butchering Scam OperationsPig-butchering scams, the sophisticated long-con investment fraud schemes that have plagued millions globally, have reached unprecedented scale through the strategic deployment of artificial intelligence technologies. Once reliant on labor-intensive social engineering, these cybe…GBHACKERS.COM
17 NovLLM Hallucinations: A Double-Edged SwordDiscover the unexpected with Nico Waisman as he explores the intriguing world of hallucinations in tech. Dive into how managing context can turn hallucinations into groundbreaking discoveries. Subscribe to our podcasts: https://securityweekly.com/subscribe #TechInnovation #AI #Di…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
17 NovMicrosoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addressesMicrosoft said today that the Aisuru botnet hit its Azure network with a 15.72 terabits per second (Tbps) DDoS attack, launched from over 500,000 IP addresses. [...]BLEEPINGCOMPUTER.COM
17 NovNew EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RATCybersecurity researchers have discovered malware campaigns using the now-prevalent ClickFix social engineering tactic to deploy Amatera Stealer and NetSupport RAT. The activity, observed this month, is being tracked by eSentire under the moniker EVALUSION. First spotted in June …THEHACKERNEWS.COM
📡 INFOSEC NEWS 8[−]
17 Nov5 Reasons Why Attackers Are Phishing Over LinkedInPhishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps. LinkedIn in particular has become a hotbed for phishing attacks, and for good reason. Attackers…THEHACKERNEWS.COM
17 NovMCP AI agent security startup Runlayer launches with 8 unicorns, $11M from Khosla’s Keith Rabois and FelicisThree-time founder Andrew Berman is back with a startup that helps IT ensure business users' AI agents operate securely.TECHCRUNCH.COM
17 NovMicrosoft: Windows bug blocks Microsoft 365 desktop app installsMicrosoft is working to resolve a known issue preventing users from installing the Microsoft 365 desktop apps on Windows devices. [...]BLEEPINGCOMPUTER.COM
17 NovDutch police seizes 250 servers used by “bulletproof hosting” serviceThe police in the Netherlands have seized around 250 physical servers powering a bulletproof hosting service in the country used exclusively by cybercriminals for providing complete anonymity. [...]BLEEPINGCOMPUTER.COM
17 NovGoogle Gemini 3 spotted on AI Studio ahead of imminent releaseGemini 3, which could be Google's best large language model, could begin rolling out in the next few days or hours, as the model has been spotted on AI Studio. [...]BLEEPINGCOMPUTER.COM
17 NovxAI's Grok 4.1 rolls out with improved quality and speed for freeElon Musk-owned xAI has started rolling out Grok 4.1, which is an upgrade to the existing Grok 4 model, and it delivers some incremental improvements. [...]BLEEPINGCOMPUTER.COM
17 NovMalicious NPM packages abuse Adspect redirects to evade securitySeven packages published on the Node Package Manager (npm) registry use the Adspect cloud-based service to separate researchers from potential victims and lead them to malicious locations. [...]BLEEPINGCOMPUTER.COM
17 NovWhat if your romantic AI chatbot can’t keep a secret?Does your chatbot know too much? Think twice before you tell your AI companion everything.WELIVESECURITY.COM