MATLOCK.CA
78Articles
9Categories
2025-11-21Date
🚨
CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-61757 Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability  This type of vulnerability is a frequent …
KEVCISA.GOV — Fri, 21 Nov 25 1
🐛
Critical Grafana Flaw Lets Attackers Escalate Privileges
GBHACKERS.COM — 21 Nov 2025
🐛
Chinese Hackers Exploiting WSUS Remote Code Execution Vulnerability to Deploy ShadowPad Malware
GBHACKERS.COM — 21 Nov 2025
🐛
Windows Graphics Flaw Lets Hackers Take Over with Just One Image
GBHACKERS.COM — 21 Nov 2025
🐛
Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day
SECURITYWEEK.COM — 21 Nov 2025
🐛
Critical Azure Bastion Vulnerability Lets Attackers Bypass Login and Gain Higher Privileges
GBHACKERS.COM — 21 Nov 2025
🐛
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
THEHACKERNEWS.COM — 21 Nov 2025
🐛
Grafana warns of max severity admin spoofing vulnerability
BLEEPINGCOMPUTER.COM — 21 Nov 2025
🐛
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
KEVBLEEPINGCOMPUTER.COM — 21 Nov 2025
⚠️
Sneaky2FA phishing tool adds ability to insert legit-looking URLs
CSOONLINE.COM — 21 Nov 2025
⚠️
Major CloudFlare Outages, Black Friday Phishing Surge, AI Privacy Breach at Ontario Hospital, and Salesforce Data Theft Investigation
CYBERSECURITYTODAY.LIBSYN.COM — 21 Nov 2025
⚠️
Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity
THEHACKERNEWS.COM — 21 Nov 2025
⚠️
Root causes of security breaches remain elusive — jeopardizing resilience
CSOONLINE.COM — 21 Nov 2025
⚠️
Salesforce Confirms Customer Data Was Exposed in Gainsight Breach
GBHACKERS.COM — 21 Nov 2025
⚠️
Clop Ransomware Claims Oracle Breach Using E-Business Suite 0-Day
GBHACKERS.COM — 21 Nov 2025
⚠️
Ransomware Attacks Poised to Hit Retailers Hard This Holiday Season
GBHACKERS.COM — 21 Nov 2025
⚠️
Salesforce Instances Hacked via Gainsight Integrations
SECURITYWEEK.COM — 21 Nov 2025
⚠️
SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability
SECURITYWEEK.COM — 21 Nov 2025
⚠️
Ransomware gangs find a new hostage: Your AWS S3 buckets
CSOONLINE.COM — 21 Nov 2025
⚠️
SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance
SECURITYWEEK.COM — 21 Nov 2025
⚠️
OAuth token compromise hits Salesforce ecosystem again, Gainsight impacted
CSOONLINE.COM — 21 Nov 2025
⚠️
Salesforce flags another third-party security incident • The Register
SH.ITJUST.WORKS — 21 Nov 2025
⚠️
How to turn threat intel into real security wins
KEVCSOONLINE.COM — 21 Nov 2025
⚠️
North Korean Kimsuky and Lazarus Teams Target Critical Sectors with Zero-Day Exploits
GBHACKERS.COM — 21 Nov 2025
⚠️
Hackers Adopt Matrix Push C2 for Browser-Based Malware and Phishing Attacks
GBHACKERS.COM — 21 Nov 2025
⚠️
Clop Ransomware Claims Broadcom Breach Through E-Business Suite 0-Day
GBHACKERS.COM — 21 Nov 2025
⚠️
From code to boardroom: A GenAI GRC approach to supply chain risk
CSOONLINE.COM — 21 Nov 2025
⚠️
Google says hackers stole data from 200 companies following Gainsight breach
TECHCRUNCH.COM — 21 Nov 2025
⚠️
Cloud Security Shock: How Hackers Exploit AWS Features!
YOUTUBE.COM — 2025-11-21
⚠️
Mercedes F1 Team Principal Toto Wolff Sells 15% Stake to CrowdStrike CEO George Kurtz
SECURITYWEEK.COM — 21 Nov 2025
⚠️
Risky Biz Soap Box: Greynoise knows when bad bugs are coming
RISKY.BIZ — 21 Nov 2025
📋
Nvidia confirms October Windows updates cause gaming issues
BLEEPINGCOMPUTER.COM — 21 Nov 2025
📢
Recognizing and responding to cyber threats: What differentiates NDR, EDR and XDR
CSOONLINE.COM — 21 Nov 2025
📢
[Control systems] ABB security advisory (AV25-776)
CYBER.GC.CA — 2025-11-21
📢
Grafana security advisory (AV25-778)
CYBER.GC.CA — 2025-11-21
📢
HPE security advisory (AV25-777)
CYBER.GC.CA — 2025-11-21
📢
In Other News: ATM Jackpotting, WhatsApp-NSO Lawsuit Continues, CISA Hiring
SECURITYWEEK.COM — 21 Nov 2025
🔥
APT24 Deploys New BadAudio Malware, Hijacks Legitimate Public Sites to Launch Attacks
GBHACKERS.COM — 21 Nov 2025
🔥
AI as Cyberattacker
SCHNEIER.COM — 2025-11-21
🔥
APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains
THEHACKERNEWS.COM — 21 Nov 2025
🔥
Layered Defense: Proactive & Reactive
YOUTUBE.COM — 2025-11-21
🔥
'Scattered Spider' teens plead not guilty to UK transport hack
BLEEPINGCOMPUTER.COM — 21 Nov 2025
🔥
CrowdStrike fires ‘suspicious insider’ who passed information to hackers
TECHCRUNCH.COM — 21 Nov 2025
🕵️
ISC Stormcast For Friday, November 21st, 2025 https://isc.sans.edu/podcastdetail/9710, (Fri, Nov 21st)
ISC.SANS.EDU — 21 Nov 2025
🕵️
Schatten-IT: Viele Fachkräfte nutzen KI ohne Erlaubnis
CSOONLINE.COM — 21 Nov 2025
🕵️
Operation DreamJob Attacks on Manufacturing via WhatsApp Web
GBHACKERS.COM — 21 Nov 2025
🕵️
Runlayer Emerges From Stealth Mode With $11 Million in Funding
SECURITYWEEK.COM — 21 Nov 2025
🕵️
Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks
SECURITYWEEK.COM — 21 Nov 2025
🕵️
TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign
SH.ITJUST.WORKS — 21 Nov 2025
🕵️
Hackerangriff auf Music Store
CSOONLINE.COM — 21 Nov 2025
🕵️
New SonicWall SonicOS flaw allows hackers to crash firewalls
SH.ITJUST.WORKS — 21 Nov 2025
🕵️
SolarWinds Patches Three Critical Serv-U Vulnerabilities - SecurityWeek
SH.ITJUST.WORKS — 21 Nov 2025
🕵️
New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices
SH.ITJUST.WORKS — 21 Nov 2025
🕵️
Over 370 Organizations Take Part in GridEx VIII Grid Security Exercise
SECURITYWEEK.COM — 21 Nov 2025
🕵️
Hacker claims to steal 2.3TB data from Italian rail group, Almaviva
SH.ITJUST.WORKS — 21 Nov 2025
🕵️
Report: Deepfake Attacks Are on the Rise
KNOWBE4.COM — 21 Nov 2025
🕵️
Xillen Stealer: Advanced Features Bypass AI Detection and Steal Password Manager Data
GBHACKERS.COM — 21 Nov 2025
🕵️
AI-Driven Obfuscated Malicious Apps Bypassing Antivirus Detection to Deliver Malicious Payloads
GBHACKERS.COM — 21 Nov 2025
🕵️
Dark Web Job Market Evolved – Prioritizes Practical Skills Over Formal Education
GBHACKERS.COM — 21 Nov 2025
🕵️
Windows 11 to Prevent BSOD Error Messages from Showing Publicly
GBHACKERS.COM — 21 Nov 2025
🕵️
UNC2891 Hackers Use Raspberry Pi and Fake Cards to Steal ATM Cash
GBHACKERS.COM — 21 Nov 2025
🕵️
The Tsundere botnet uses the Ethereum blockchain to infect its targets
SH.ITJUST.WORKS — 21 Nov 2025
🕵️
CrowdStrike catches insider feeding information to hackers
BLEEPINGCOMPUTER.COM — 21 Nov 2025
🕵️
AI-Driven Personalized Interventions
YOUTUBE.COM — 2025-11-21
🕵️
Microsoft named a Leader in the Gartner® Magic Quadrant™ for Access Management for the ninth consecutive year
MICROSOFT.COM — 21 Nov 2025
🕵️
More on Rewiring Democracy
SCHNEIER.COM — 2025-11-21
🕵️
Friday Squid Blogging: New “Squid” Sneaker
SCHNEIER.COM — 2025-11-21
🕵️
Emoticons, Sonicwall, Global Protect, Pop ups, WhatsApp, 7Zip, Roblox, Josh Marpet - SWN #531
YOUTUBE.COM — 2025-11-21
🌐
SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny
THEHACKERNEWS.COM — 21 Nov 2025
🌐
Syncro + Lovable: RAT delivery via AI-generated websites | Kaspersky official blog
KASPERSKY.COM — 21 Nov 2025
📡
Use of CSS stuffing as an obfuscation technique?, (Fri, Nov 21st)
ISC.SANS.EDU — 21 Nov 2025
📡
Why IT Admins Choose Samsung for Mobile Security
THEHACKERNEWS.COM — 21 Nov 2025
📡
Google begins showing ads in AI Mode (AI answers)
BLEEPINGCOMPUTER.COM — 21 Nov 2025
📡
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security
THEHACKERNEWS.COM — 21 Nov 2025
📡
Despite Chinese hacks, Trump’s FCC votes to scrap cybersecurity rules for phone and internet companies
TECHCRUNCH.COM — 21 Nov 2025
📡
Avast Makes AI-Driven Scam Defense Available for Free Worldwide
BLEEPINGCOMPUTER.COM — 21 Nov 2025
📡
FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
BLEEPINGCOMPUTER.COM — 21 Nov 2025
📡
Microsoft: Out-of-band update fixes Windows 11 hotpatch install loop
BLEEPINGCOMPUTER.COM — 21 Nov 2025