89Articles
7Categories
2025-11-20Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 13[−]
20 Nov KEV7-Zip RCE Vulnerability Actively Exploited by HackersCybersecurity researchers have reported active exploitation of a critical vulnerability in 7-Zip, the popular file compression software used by millions worldwide. The flaw, tracked as CVE-2025-11001, poses serious risks as attackers are leveraging it to execute malicious code re…GBHACKERS.COM
20 NovOracle Identity Manager Exploit Observation from September (CVE-2025-61757), (Thu, Nov 20th)Searchlight Cyber today released a blog detailing CVE-2025-61757, a vulnerability they reported to Oracle. Oracle released a patch for the vulnerability as part of its October Critical Patch Update, which was released on October 21st. ISC.SANS.EDU
20 NovAndroid Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File SharingPosted by Dave Kleidermacher, VP, Platforms Security & Privacy, Google Technology should bring people closer together, not create walls. Being able to communicate and connect with friends and family should be easy regardless of the phone they use. That’s why Android has been buil…SECURITY.GOOGLEBLOG.COM
20 Nov KEVFortinet criticized for ‘silent’ patching after disclosing second zero-day vulnerability in same equipmentOnly days after Fortinet was criticized by researchers for ‘silently’ patching a zero-day vulnerability without informing its customers, it has emerged that it did the same for a second zero-day that is being used as part of the same attack chain. This is a story of two zero-day …CSOONLINE.COM
20 Nov KEVCISA Alerts Users to Active Attacks on Chrome 0-Day VulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Google Chrome to its Known Exploited Vulnerabilities (KEV) catalog, warning of active exploitation in the wild. The flaw, tracked as CVE-2025-13223, resides in Google Chromium…GBHACKERS.COM
20 NovCVE-2025-64656 Application Gateway Elevation of Privilege VulnerabilityOut-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
20 NovCVE-2025-64655 Dynamics OmniChannel SDK Storage Containers Elevation of Privilege VulnerabilityImproper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
20 NovCVE-2025-49752 Azure Bastion Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
20 NovCVE-2025-62207 Azure Monitor Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
20 NovCVE-2025-64660 GitHub Copilot and Visual Studio Code Security Feature Bypass VulnerabilityImproper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
20 NovCVE-2025-62459 Microsoft Defender Portal Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
20 NovCVE-2025-64657 Azure Application Gateway Elevation of Privilege VulnerabilityStack-based buffer overflow in Software for Open Networking in the Cloud (SONiC) allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 31[−]
20 NovEurofiber - 10,003 breached accountsIn November 2025, Eurofiber France disclosed a data breach of its ticket management platform . Data containing 10k unique email addresses and a smaller number of names and phone numbers was subsequently leaked. A threat actor claiming responsibility for the breach alleges to have…HAVEIBEENPWNED.COM
20 NovVultr - 187,872 breached accountsIn March 2023, the "AI-first global cloud platform" Vultr disclosed a security incident at a third-party vendor . Dating back to the previous year, the incident was attributed to the ActiveCampaign email marketing service provider and resulted in the exposure of 188k unique email…HAVEIBEENPWNED.COM
20 NovAttack Surface Management – ein KaufratgeberMit diesen Attack Surface Management Tools sorgen Sie im Idealfall dafür, dass sich Angreifer gar nicht erst verbeißen. Sergey Zaykov | shutterstock.com Regelmäßige Netzwerk-Scans reichen für eine gehärtete Angriffsfläche nicht mehr aus. Um die Sicherheit von Unternehmensressourc…CSOONLINE.COM
20 NovDer große KI-Risiko-GuideKI-Risiken zu bewerten und zu quantifizieren, ist in der GenAI-Ära unerlässlich. Lerbank-bbk22 | shutterstock.com Wie jede Technologie birgt auch künstliche Intelligenz (KI) nicht nur Vorteile. Insbesondere seit dem Aufkommen von Generative AI ( GenAI ) und der explosionsartigen …CSOONLINE.COM
20 NovSelling to the CISO: An open letter to the cybersecurity industryThe cybersecurity market has lost its mind. It seems like every week a new vendor appears, investors throw money at half-baked ideas, and CISOs get buried in pitches for products that won’t stop the next breach. The noise keeps getting louder while the fundamentals stay ignored. …CSOONLINE.COM
20 NovSolarWinds Patches Three Critical Serv-U VulnerabilitiesSolarWinds Serv-U is affected by vulnerabilities that can be exploited for remote code execution. The post SolarWinds Patches Three Critical Serv-U Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
20 NovBeckett Collectibles - 541,132 breached accountsIn November 2025, Beckett Collectibles experienced a data breach accompanied by website content defacement . The stolen data was later advertised for sale on a prominent hacking forum, with portions subsequently released publicly. The publicly circulating data included more than …HAVEIBEENPWNED.COM
20 NovChinese APT Group Exploits DLL Sideloading to Breach Government and Media TargetsA China-nexus advanced persistent threat (APT) group has been conducting a sustained espionage campaign targeting government and media sectors across Southeast Asia, leveraging sophisticated DLL sideloading techniques as a primary attack vector. The threat actor, tracked as Autum…GBHACKERS.COM
20 NovOllama Flaws Let Hackers Run Any Code Using Malicious Model FilesCritical security vulnerabilities discovered in Ollama, one of GitHub’s most popular open-source projects with over 155,000 stars, could allow attackers to execute arbitrary code on vulnerable systems. The flaws affect Ollama versions before 0.7.0, putting countless AI enth…GBHACKERS.COM
20 NovRecent 7-Zip Vulnerability Exploited in AttacksA proof-of-concept (PoC) exploit targeting the high-severity remote code execution (RCE) bug exists. The post Recent 7-Zip Vulnerability Exploited in Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
20 NovVulnerability Allowed Scraping of 3.5 Billion WhatsApp AccountsResearchers demonstrated a now-patched vulnerability that could have been used to enumerate all WhatsApp accounts. The post Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts appeared first on SecurityWeek .SECURITYWEEK.COM
20 NovNew Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks DevicesCybersecurity researchers have disclosed details of a new Android banking trojan called Sturnus that enables credential theft and full device takeover to conduct financial fraud. "A key differentiator is its ability to bypass encrypted messaging," ThreatFabric said in a report sh…THEHACKERNEWS.COM
20 NovScam USPS and E-Z Pass Texts and WebsitesGoogle has filed a complaint in court that details the scam : In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale phi…SCHNEIER.COM
20 NovChina‑linked PlushDaemon hijacks DNS via ‘EdgeStepper’ to weaponize software updatesPlushDaemon, a China-linked APT group, has been deploying a previously undocumented network implant dubbed EdgeStepper to hijack DNS traffic on compromised network devices. According to findings disclosed by ESET researchers, the hijacked traffic is then redirected to attacker-co…CSOONLINE.COM
20 NovBroadcom's Academic License ShockIn the wake of Broadcom's acquisition of VMware, many are rethinking their tech strategies. With soaring costs, open-source solutions like Proxmox are becoming the go-to choice for enterprises looking to cut expenses and maintain flexibility. Explore the new wave of tech innovati…YOUTUBE.COM
20 Nov3 ways CISOs can win over their boards this budget seasonAs the year comes to a close, CISOs are already deep into building next year’s cybersecurity budget. That’s a difficult task in itself — yet the most challenging part of the process is getting the board’s approval. CISOs know all too well that getting a cybersecurity budget appro…CSOONLINE.COM
20 NovThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware WavesThis week has been crazy in the world of hacking and online security. From Thailand to London to the US, we've seen arrests, spies at work, and big power moves online. Hackers are getting caught. Spies are getting better at their jobs. Even simple things like browser add-ons and …THEHACKERNEWS.COM
20 NovOver 50,000 Asus Routers Hacked in ‘Operation WrtHug’A Chinese threat actor is exploiting known vulnerabilities in discontinued Asus devices in an Operational Relay Box (ORB) facilitation campaign. The post Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’ appeared first on SecurityWeek .SECURITYWEEK.COM
20 NovAPI-Exploit für AI-Browser Comet entdecktSicherheitsforscher haben einen API-Exploit für den KI-Browser Comet offengelegt. Fajri Mulia Hidayat – shutterstock.com Der Security-Anbieter SquareX hat eine bisher nicht dokumentierte API innerhalb des KI-Browsers Comet offengelegt. Damit können beliebige Befehle über eingebet…CSOONLINE.COM
20 NovD-Link warns of new RCE flaws in end-of-life DIR-878 routersD-Link is warning of three remotely exploitable command execution vulnerabilities that affect all models and hardware revisions of its DIR-878 router, which has reached end-of-service but is still available in several markets. [...]BLEEPINGCOMPUTER.COM
20 NovSalesforce investigates customer data theft via Gainsight breachSalesforce says it revoked refresh tokens linked to Gainsight-published applications while investigating a new wave of data theft attacks targeting customers. [...]BLEEPINGCOMPUTER.COM
20 NovCISA Releases Six Industrial Control Systems AdvisoriesCISA released six Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-25-324-01 Automated Logic WebCTRL Premium Server ICSA-25-324-02 ICAM365 CCTV Camera …CISA.GOV
20 NovApple vs Linux: Freedom vs SecurityIn a world where Apple's walled garden meets Linux's open ecosystem, the choice between freedom and security isn't as clear-cut as it seems. Dive into this thought-provoking discussion with Paul as he explorest he complexities of tech choices. Are you ready to work harder for you…YOUTUBE.COM
20 NovShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining BotnetOligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet. The activity, codenamed ShadowRay 2.…THEHACKERNEWS.COM
20 NovSalesforce says some of its customers’ data was accessed after Gainsight breachSalesforce said it’s investigating an incident where hackers compromised some of its customers' data after breaching customer experience company Gainsight.TECHCRUNCH.COM
20 NovEmerging Ransomware Variants Exploit Amazon S3 MisconfigurationsRansomware is shifting from traditional systems to cloud environments, fundamentally redefining its impact on cloud-native data. As organizations increasingly migrate to cloud platforms, threat actors are adapting their tactics moving away from traditional encryption-based malwar…GBHACKERS.COM
20 NovTamperedChef Campaign Exploits Everyday Apps to Deploy Malware and Enable Remote AccessThe Acronis Threat Research Unit has uncovered a sophisticated global malvertising campaign called TamperedChef that disguises malware as legitimate everyday applications to compromise systems worldwide. The operation uses social engineering, search engine optimization tactics, a…GBHACKERS.COM
20 NovMilvus Proxy Flaw Lets Attackers Forge Headers and Skip AuthorizationA critical authentication bypass vulnerability in the Milvus vector database could allow attackers to gain administrative access without credentials. The flaw exists in how the Milvus Proxy component handles HTTP headers, treating user-controlled data as trusted internal credenti…GBHACKERS.COM
20 NovBe Prepared: Mobile Phishing Expected to Surge Fourfold During the Holiday SeasonUsers and organizations should be prepared for a surge in phishing attacks over the next several weeks, as attackers take advantage of the holiday shopping season, according to a new report from Zimperium.KNOWBE4.COM
20 NovGive Me Liberty or Linux, Badge Hacking Interview - Bryce Owen - PSW #901In the security news: -Cloudflare was down, it was not good -Logitech breached -The largest data breach in history? -Fortinet Fortiweb - the saga continues -Hacking Linux through your malware scanner, oh the irony -I never stopped hating systemd -The ASUS exploit that never exist…YOUTUBE.COM
20 NovThe OSINT playbook: Find your weak spots before attackers doHere’s how open-source intelligence helps trace your digital footprint and uncover your weak points, plus a few essential tools to connect the dotsWELIVESECURITY.COM
📢 SECURITY ADVISORIES 5[−]
20 NovCritical Twonky Server Flaws Let Hackers Bypass Login ProtectionTwonky Server version 8.5.2 contains two critical authentication bypass vulnerabilities that allow unauthenticated attackers to steal administrator credentials and take complete control of the media server. Security researchers at Rapid7 discovered that an attacker can leak encry…GBHACKERS.COM
20 NovNSA Issues New Guidance to Help ISPs and Defenders Stop Malicious ActivityThe National Security Agency (NSA), CISA, FBI, and international cybersecurity partners have released groundbreaking guidance to help internet service providers and network defenders combat bulletproof hosting providers. This new framework, published November 19, 2025, represents…GBHACKERS.COM
20 NovUK’s new cybersecurity bill takes aim at ransomware gangs and state-backed hackersAfter years of delays, the UK government has finally introduced landmark cybersecurity legislation that could reshape how British organisations defend against digital attacks. Read more in my article on the Fortra blog.FORTRA.COM
🔥 INCIDENT REPORTING 11[−]
20 NovIran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike AttemptThreat actors with ties to Iran engaged in cyber warfare as part of efforts to facilitate and enhance physical, real-world attacks, a trend that Amazon has called cyber-enabled kinetic targeting. The development is a sign that the lines between state-sponsored cyber attacks and k…THEHACKERNEWS.COM
20 NovHackers Launch 2.3 Million Attacks on Palo Alto GlobalProtect VPN PortalsSecurity researchers at GreyNoise have uncovered a massive spike in cyberattacks targeting Palo Alto Networks GlobalProtect VPN systems. The assault began on November 14, 2025, and quickly escalated into a coordinated campaign striking millions of login portals worldwide. Massive…GBHACKERS.COM
20 NovSmashing Security podcast #444: We’re sorry. Wait, did a company actually say that?Stop the press - a company has actually said "sorry" after a data breach, and hotels are helping hackers phish their own guests. We examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware cam…GRAHAMCLULEY.COM
20 NovWind farm worker sentenced after turning turbines into a secret crypto mineA technical manager at a Dutch wind farm operator has been sentenced after it was discovered he had secretly installed cryptocurrency mining rigs at two wind farm sites - just as the company was recovering from a ransomware attack. Read more in my article on the Hot for Security …BITDEFENDER.COM
20 NovTurn your Windows 11 migration into a security opportunityWindows 11 migration is inevitable as Windows 10 support ends, and unsupported systems create major security and ransomware risks. Acronis explains how to use this migration to review backups, strengthen cybersecurity, and ensure data stays recoverable. [...]BLEEPINGCOMPUTER.COM
20 NovHacker claims to steal 2.3TB data from Italian rail group, AlmaviaData from Italy's national railway operator, the FS Italiane Group, has been exposed after a threat actor breached the organization's IT services provider, Almaviva. [...]BLEEPINGCOMPUTER.COM
20 NovReport: Ransomware Attacks Surged Globally in OctoberRansomware attacks spiked in October 2025, with more than 700 organizations sustaining attacks, according to a new report from Cyfirma.KNOWBE4.COM
20 NovMassive Hacking Operation WrtHug Compromises Thousands of ASUS Routers WorldwideYour home router, the device connecting you to the internet, may have been silently compromised as part of a coordinated global espionage campaign. SecurityScorecard’s STRIKE team has uncovered Operation WrtHug. This massive hacking operation has infiltrated thousands of AS…GBHACKERS.COM
20 NovAuthorities Sanction Russia-Based Bulletproof Hosting Provider for Aiding RansomwareThe United States, Australia, and the United Kingdom have announced coordinated sanctions against Media Land, a Russia-based bulletproof hosting provider, and related entities for supporting ransomware operations and other cybercrimes. The Department of the Treasury’s Offic…GBHACKERS.COM
20 NovInternational Kiteboarding Organization - 340,349 breached accountsIn November 2025, the International Kiteboarding Organization suffered a data breach that exposed 340k user records . The data was subsequently listed for sale on a hacking forum and included email addresses, names, usernames and in many cases, the user's city and country.HAVEIBEENPWNED.COM
20 NovHacker claims to steal 2.3TB data from Italian rail group, AlmavivaData from Italy's national railway operator, the FS Italiane Group, has been exposed after a threat actor breached the organization's IT services provider, Almaviva. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 20[−]
20 NovMoving Beyond the NPM elliptic Packagesubmitted by Soatok to cybersecurity 1 points | 0 comments https://soatok.blog/2025/11/19/moving-beyond-the-npm-elliptic-package/INFOSEC.PUB
20 NovISC Stormcast For Thursday, November 20th, 2025 https://isc.sans.edu/podcastdetail/9708, (Thu, Nov 20th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
20 NovPalo Alto Networks to Acquire Observability Platform Chronosphere in $3.35 Billion DealThe move to acquire Chronosphere is the latest of several acquisitions in recent years and follows a massive $25 billion deal to acquire CyberArk. The post Palo Alto Networks to Acquire Observability Platform Chronosphere in $3.35 Billion Deal appeared first on SecurityWeek .SECURITYWEEK.COM
20 NovTamperedChef Malware Spreads via Fake Software Installers in Ongoing Global CampaignThreat actors are leveraging bogus installers masquerading as popular software to trick users into installing malware as part of a global malvertising campaign dubbed TamperedChef. The end goal of the attacks is to establish persistence and deliver JavaScript malware that facilit…THEHACKERNEWS.COM
20 NovNews alert: Seraphic evolves browser security for the AI era with first-of-its-kind Electron protectionTEL AVIV, Nov. 19, 2025, CyberNewswire — Seraphic , the leader in enterprise browser security (SEB) and AI enablement, today announced native protection for Electron-based applications such as ChatGPT desktop, Teams, Slack, and more, becoming the first and only browser … (m…LASTWATCHDOG.COM
20 NovThe Rise of AI-Enhanced Cyber Scams: How GenAI Empowers CriminalsGenerative artificial intelligence has fundamentally transformed the landscape of cybercriminal operations by eliminating what was once a critical barrier to entry: the quality of the scam itself. Where scammers previously relied on obvious spelling mistakes, grammatically incorr…GBHACKERS.COM
20 NovThe Rise of Hybrid Threat Actors: Digital Meets PhysicalThe distinction between cyber warfare and traditional military operations is disappearing. Recent investigations by Amazon threat intelligence teams have identified a troubling trend: cyber-enabled kinetic targeting, in which nation-state actors systematically leverage cyber oper…GBHACKERS.COM
20 NovResearchers Detail Rhadamanthys Loader’s Advanced Anti-Sandboxing and Anti-AV Emulation TechniquesRhadamanthys, a sophisticated information-stealing malware active since 2022, has drawn renewed attention from security researchers who recently published an in-depth analysis of its native loader component. The loader’s significance lies not in its capabilities but in the …GBHACKERS.COM
20 NovMulti-threat Android malware Sturnus steals Signal, WhatsApp messagesA new Android banking trojan named Sturnus can capture communication from end-to-end encrypted messaging platforms like Signal, WhatsApp, and Telegram, as well as take complete control of the device. [...]BLEEPINGCOMPUTER.COM
20 NovUS and Allies Sanction Russian Bulletproof Hosting Service ProvidersMedia Land, Hypercore, and their leadership and employees are allegedly connected to various cybercriminal activities. The post US and Allies Sanction Russian Bulletproof Hosting Service Providers appeared first on SecurityWeek .SECURITYWEEK.COM
20 NovDoppel Raises $70 Million at $600 Million ValuationThe AI-native social engineering defense (SED) platform will accelerate product innovation and expand its offerings. The post Doppel Raises $70 Million at $600 Million Valuation appeared first on SecurityWeek .SECURITYWEEK.COM
20 Nov3.5 Billion Accounts: Complete WhatsApp Directory Retrieved and Evaluatedsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.heise.de/en/news/3-5-Billion-Accounts-Complete-WhatsApp-Directory-Retrieved-and-Evaluated-11083244.htmlINFOSEC.PUB
20 NovNew Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal MessagesThe Android malware is in development and appears to be mainly aimed at users in Europe. The post New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages appeared first on SecurityWeek .SECURITYWEEK.COM
20 NovTsundere Botnet Targets Windows, Linux & macOS via Node.js PackagesA Russian-speaking threat actor attributed to the username “koneko” has resurfaced with a sophisticated new botnet named Tsundere, discovered by Kaspersky GReAT around mid-2025. This marks a significant evolution from a previous supply chain campaign that targeted Nod…GBHACKERS.COM
20 NovSamourai Wallet Founders Jailed for $237M Crypto LaunderingThe co-founders of Samourai Wallet, a cryptocurrency mixing service that facilitated over $237 million in illegal transactions, have been sentenced to prison following their conviction on money laundering and conspiracy charges. Keonne Rodriguez, 37, the Chief Executive Officer, …GBHACKERS.COM
20 NovSturnus Malware Hijacks Signal and WhatsApp, Taking Full Device ControlMTI Security researchers have uncovered a new, particularly advanced Android banking trojan, dubbed Sturnus, that targets users’ financial and personal data with an unprecedented level of device control and operational stealth. Distinct from conventional mobile malware, Sturnus n…GBHACKERS.COM
20 NovPi GPT Tool Turns Raspberry Pi into a ChatGPT-Powered Smart DevicenoBGP has launched pi GPT, a groundbreaking integration that transforms Raspberry Pi devices into ChatGPT-controlled development and production environments. The new tool eliminates the complexity of traditional networking, allowing developers to write, deploy, and manage code di…GBHACKERS.COM
20 NovGoogle exposes BadAudio malware used in APT24 espionage campaignsChina-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage campaign that recently switched to more sophisticated attack methods. [...]BLEEPINGCOMPUTER.COM
20 NovRussian Hacking Suspect Wanted by the FBI Arrested on Thai Resort IslandThailand’s Cyber Crime Investigation Bureau said an FBI tip that the “world-class hacker” was traveling to Thailand led to his arrest in Phuket. The post Russian Hacking Suspect Wanted by the FBI Arrested on Thai Resort Island appeared first on SecurityWeek .SECURITYWEEK.COM
20 NovNavigating AI: Security Challenges AheadDive into the world of AI with Dave Lewis as he explores the balance between innovation and security. Discover how AI agents can streamline your workflow while navigating the complexities of system-centric security. Are we ready for the AI revolution? Subscribe to our podcasts: h…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
20 NovCTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChatCTM360 has identified a rapidly expanding WhatsApp account-hacking campaign targeting users worldwide via a network of deceptive authentication portals and impersonation pages. The campaign, internally dubbed HackOnChat, abuses WhatsApp’s familiar web interface, using social engi…THEHACKERNEWS.COM
20 NovTsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on WindowsCybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that's targeting Windows users. Active since mid-2025, the threat is designed to execute arbitrary JavaScript code retrieved from a command-and-control (C2) server, Kaspersky researcher Lisandro…THEHACKERNEWS.COM
📡 INFOSEC NEWS 7[−]
20 NovTrend & AWS Partner on Cloud IPS: One-Click ProtectionIn the race to secure cloud infrastructure, intrusion prevention systems (IPS) remain one of the most critical yet complex at the cloud network layer of defense. For many organizations, deploying IPS in the cloud is a balancing act between agility and control.TRENDMICRO.COM
20 NovCrypto mixer founders sent to prison for laundering over $237 millionThe founders of the Samourai Wallet (Samourai) cryptocurrency mixing service have been sent to prison for helping criminals launder over $237 million. [...]BLEEPINGCOMPUTER.COM
20 NovTV streaming piracy service with 26M yearly visits shut downPhotocall, a TV piracy streaming platform with over 26 million users annually, has ceased operations following a joint investigation by the Alliance for Creativity and Entertainment (ACE) and DAZN. [...]BLEEPINGCOMPUTER.COM
20 NovNew SonicWall SonicOS flaw allows hackers to crash firewallsAmerican cybersecurity company SonicWall urged customers today to patch a high-severity SonicOS SSLVPN security flaw that can allow attackers to crash vulnerable firewalls. [...]BLEEPINGCOMPUTER.COM
20 NovGlobalProtect VPN portals probed with 2.3 million scan sessionsA major spike in malicious scanning against Palo Alto Networks GlobalProtect portals has been detected, starting on November 14, 2025. [...]BLEEPINGCOMPUTER.COM
20 NovWhatsApp compromise leads to Astaroth deploymentAnother campaign targeting WhatsApp users in Brazil spreads like a worm and employs multiple payloads for credential theft, session hijacking, and persistenceSOPHOS.COM
20 NovMozilla Says It’s Finally Done With Two-Faced OnerepIn March 2024, Mozilla said it was winding down its collaboration with Onerep -- an identity protection service offered with the Firefox web browser that promises to remove users from hundreds of people-search sites -- after KrebsOnSecurity revealed Onerep's founder had created d…KREBSONSECURITY.COM