MATLOCK.CA
89Articles
7Categories
2025-11-20Date
🐛
7-Zip RCE Vulnerability Actively Exploited by Hackers
KEVGBHACKERS.COM — 20 Nov 2025
🐛
Oracle Identity Manager Exploit Observation from September (CVE-2025-61757), (Thu, Nov 20th)
ISC.SANS.EDU — 20 Nov 2025
🐛
Android Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File Sharing
SECURITY.GOOGLEBLOG.COM — 2025-11-20
🐛
Fortinet criticized for ‘silent’ patching after disclosing second zero-day vulnerability in same equipment
KEVCSOONLINE.COM — 20 Nov 2025
🐛
CISA Alerts Users to Active Attacks on Chrome 0-Day Vulnerability
KEVGBHACKERS.COM — 20 Nov 2025
🐛
CVE-2025-64656 Application Gateway Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 20 Nov 2025
🐛
CVE-2025-64655 Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 20 Nov 2025
🐛
CVE-2025-59245 Microsoft SharePoint Online Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 20 Nov 2025
🐛
CVE-2025-49752 Azure Bastion Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 20 Nov 2025
🐛
CVE-2025-62207 Azure Monitor Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 20 Nov 2025
🐛
CVE-2025-64660 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
MSRC.MICROSOFT.COM — 20 Nov 2025
🐛
CVE-2025-62459 Microsoft Defender Portal Spoofing Vulnerability
MSRC.MICROSOFT.COM — 20 Nov 2025
🐛
CVE-2025-64657 Azure Application Gateway Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 20 Nov 2025
⚠️
Eurofiber - 10,003 breached accounts
HAVEIBEENPWNED.COM — 20 Nov 2025
⚠️
Vultr - 187,872 breached accounts
HAVEIBEENPWNED.COM — 20 Nov 2025
⚠️
Attack Surface Management – ein Kaufratgeber
CSOONLINE.COM — 20 Nov 2025
⚠️
Der große KI-Risiko-Guide
CSOONLINE.COM — 20 Nov 2025
⚠️
Selling to the CISO: An open letter to the cybersecurity industry
CSOONLINE.COM — 20 Nov 2025
⚠️
SolarWinds Patches Three Critical Serv-U Vulnerabilities
SECURITYWEEK.COM — 20 Nov 2025
⚠️
Beckett Collectibles - 541,132 breached accounts
HAVEIBEENPWNED.COM — 20 Nov 2025
⚠️
Chinese APT Group Exploits DLL Sideloading to Breach Government and Media Targets
GBHACKERS.COM — 20 Nov 2025
⚠️
Ollama Flaws Let Hackers Run Any Code Using Malicious Model Files
GBHACKERS.COM — 20 Nov 2025
⚠️
Recent 7-Zip Vulnerability Exploited in Attacks
SECURITYWEEK.COM — 20 Nov 2025
⚠️
Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts
SECURITYWEEK.COM — 20 Nov 2025
⚠️
New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices
THEHACKERNEWS.COM — 20 Nov 2025
⚠️
Scam USPS and E-Z Pass Texts and Websites
SCHNEIER.COM — 2025-11-20
⚠️
China‑linked PlushDaemon hijacks DNS via ‘EdgeStepper’ to weaponize software updates
CSOONLINE.COM — 20 Nov 2025
⚠️
Broadcom's Academic License Shock
YOUTUBE.COM — 2025-11-20
⚠️
3 ways CISOs can win over their boards this budget season
CSOONLINE.COM — 20 Nov 2025
⚠️
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
THEHACKERNEWS.COM — 20 Nov 2025
⚠️
Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’
SECURITYWEEK.COM — 20 Nov 2025
⚠️
API-Exploit für AI-Browser Comet entdeckt
CSOONLINE.COM — 20 Nov 2025
⚠️
D-Link warns of new RCE flaws in end-of-life DIR-878 routers
BLEEPINGCOMPUTER.COM — 20 Nov 2025
⚠️
Salesforce investigates customer data theft via Gainsight breach
BLEEPINGCOMPUTER.COM — 20 Nov 2025
⚠️
CISA Releases Six Industrial Control Systems Advisories
CISA.GOV — Thu, 20 Nov 25 1
⚠️
Apple vs Linux: Freedom vs Security
YOUTUBE.COM — 2025-11-20
⚠️
ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
THEHACKERNEWS.COM — 20 Nov 2025
⚠️
Salesforce says some of its customers’ data was accessed after Gainsight breach
TECHCRUNCH.COM — 20 Nov 2025
⚠️
Emerging Ransomware Variants Exploit Amazon S3 Misconfigurations
GBHACKERS.COM — 20 Nov 2025
⚠️
TamperedChef Campaign Exploits Everyday Apps to Deploy Malware and Enable Remote Access
GBHACKERS.COM — 20 Nov 2025
⚠️
Milvus Proxy Flaw Lets Attackers Forge Headers and Skip Authorization
GBHACKERS.COM — 20 Nov 2025
⚠️
Be Prepared: Mobile Phishing Expected to Surge Fourfold During the Holiday Season
KNOWBE4.COM — 20 Nov 2025
⚠️
Give Me Liberty or Linux, Badge Hacking Interview - Bryce Owen - PSW #901
YOUTUBE.COM — 2025-11-20
⚠️
The OSINT playbook: Find your weak spots before attackers do
WELIVESECURITY.COM — 20 Nov 2025
📢
Critical Twonky Server Flaws Let Hackers Bypass Login Protection
GBHACKERS.COM — 20 Nov 2025
📢
NSA Issues New Guidance to Help ISPs and Defenders Stop Malicious Activity
GBHACKERS.COM — 20 Nov 2025
📢
SonicWall security advisory (AV25-774)
CYBER.GC.CA — 2025-11-20
📢
VMware security advisory (AV25-775)
CYBER.GC.CA — 2025-11-20
📢
UK’s new cybersecurity bill takes aim at ransomware gangs and state-backed hackers
FORTRA.COM — 20 Nov 2025
🔥
Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt
THEHACKERNEWS.COM — 20 Nov 2025
🔥
Hackers Launch 2.3 Million Attacks on Palo Alto GlobalProtect VPN Portals
GBHACKERS.COM — 20 Nov 2025
🔥
Smashing Security podcast #444: We’re sorry. Wait, did a company actually say that?
GRAHAMCLULEY.COM — 20 Nov 2025
🔥
Wind farm worker sentenced after turning turbines into a secret crypto mine
BITDEFENDER.COM — 20 Nov 2025
🔥
Turn your Windows 11 migration into a security opportunity
BLEEPINGCOMPUTER.COM — 20 Nov 2025
🔥
Hacker claims to steal 2.3TB data from Italian rail group, Almavia
BLEEPINGCOMPUTER.COM — 20 Nov 2025
🔥
Report: Ransomware Attacks Surged Globally in October
KNOWBE4.COM — 20 Nov 2025
🔥
Massive Hacking Operation WrtHug Compromises Thousands of ASUS Routers Worldwide
GBHACKERS.COM — 20 Nov 2025
🔥
Authorities Sanction Russia-Based Bulletproof Hosting Provider for Aiding Ransomware
GBHACKERS.COM — 20 Nov 2025
🔥
International Kiteboarding Organization - 340,349 breached accounts
HAVEIBEENPWNED.COM — 20 Nov 2025
🔥
Hacker claims to steal 2.3TB data from Italian rail group, Almaviva
BLEEPINGCOMPUTER.COM — 20 Nov 2025
🕵️
Moving Beyond the NPM elliptic Package
INFOSEC.PUB — 20 Nov 2025
🕵️
ISC Stormcast For Thursday, November 20th, 2025 https://isc.sans.edu/podcastdetail/9708, (Thu, Nov 20th)
ISC.SANS.EDU — 20 Nov 2025
🕵️
Palo Alto Networks to Acquire Observability Platform Chronosphere in $3.35 Billion Deal
SECURITYWEEK.COM — 20 Nov 2025
🕵️
TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign
THEHACKERNEWS.COM — 20 Nov 2025
🕵️
News alert: Seraphic evolves browser security for the AI era with first-of-its-kind Electron protection
LASTWATCHDOG.COM — 20 Nov 2025
🕵️
The Rise of AI-Enhanced Cyber Scams: How GenAI Empowers Criminals
GBHACKERS.COM — 20 Nov 2025
🕵️
The Rise of Hybrid Threat Actors: Digital Meets Physical
GBHACKERS.COM — 20 Nov 2025
🕵️
Researchers Detail Rhadamanthys Loader’s Advanced Anti-Sandboxing and Anti-AV Emulation Techniques
GBHACKERS.COM — 20 Nov 2025
🕵️
Multi-threat Android malware Sturnus steals Signal, WhatsApp messages
BLEEPINGCOMPUTER.COM — 20 Nov 2025
🕵️
US and Allies Sanction Russian Bulletproof Hosting Service Providers
SECURITYWEEK.COM — 20 Nov 2025
🕵️
Doppel Raises $70 Million at $600 Million Valuation
SECURITYWEEK.COM — 20 Nov 2025
🕵️
3.5 Billion Accounts: Complete WhatsApp Directory Retrieved and Evaluated
INFOSEC.PUB — 20 Nov 2025
🕵️
New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages
SECURITYWEEK.COM — 20 Nov 2025
🕵️
Tsundere Botnet Targets Windows, Linux & macOS via Node.js Packages
GBHACKERS.COM — 20 Nov 2025
🕵️
Samourai Wallet Founders Jailed for $237M Crypto Laundering
GBHACKERS.COM — 20 Nov 2025
🕵️
Sturnus Malware Hijacks Signal and WhatsApp, Taking Full Device Control
GBHACKERS.COM — 20 Nov 2025
🕵️
Pi GPT Tool Turns Raspberry Pi into a ChatGPT-Powered Smart Device
GBHACKERS.COM — 20 Nov 2025
🕵️
Google exposes BadAudio malware used in APT24 espionage campaigns
BLEEPINGCOMPUTER.COM — 20 Nov 2025
🕵️
Russian Hacking Suspect Wanted by the FBI Arrested on Thai Resort Island
SECURITYWEEK.COM — 20 Nov 2025
🕵️
Navigating AI: Security Challenges Ahead
YOUTUBE.COM — 2025-11-20
🌐
CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat
THEHACKERNEWS.COM — 20 Nov 2025
🌐
Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows
THEHACKERNEWS.COM — 20 Nov 2025
📡
Trend & AWS Partner on Cloud IPS: One-Click Protection
TRENDMICRO.COM — 20 Nov 2025
📡
Crypto mixer founders sent to prison for laundering over $237 million
BLEEPINGCOMPUTER.COM — 20 Nov 2025
📡
TV streaming piracy service with 26M yearly visits shut down
BLEEPINGCOMPUTER.COM — 20 Nov 2025
📡
New SonicWall SonicOS flaw allows hackers to crash firewalls
BLEEPINGCOMPUTER.COM — 20 Nov 2025
📡
GlobalProtect VPN portals probed with 2.3 million scan sessions
BLEEPINGCOMPUTER.COM — 20 Nov 2025
📡
WhatsApp compromise leads to Astaroth deployment
SOPHOS.COM — 20 Nov 2025
📡
Mozilla Says It’s Finally Done With Two-Faced Onerep
KREBSONSECURITY.COM — 20 Nov 2025