no alarms and no surprises please..
-
Weekly Update 480
Weekly Update 480 Well, I now have the answer to how Snapchat does age verification for under-16s: they give an underage kid the ability to change their date of birth, then do a facial scan to verify. The facial scan (a third party tells me…) allows someone well under 16 to pass it easily. So,…
-
Tomiris Unleashes ‘Havoc’ With New Tools, Tactics
Tomiris Unleashes ‘Havoc’ With New Tools, Tactics The Russian-speaking group is targeting government and diplomatic entities in CIS member states and Central Asia in its latest cyber-espionage campaign. Jai Vijayan, Contributing Writer Go to gbhackers.com
-
CodeRED Emergency Alert Platform Shut Down Following Cyberattack
CodeRED Emergency Alert Platform Shut Down Following Cyberattack The Inc ransomware gang took responsibility for the attack earlier this month and claimed it stole sensitive subscriber data. Rob Wright Go to gbhackers.com
-
Police Disrupt ‘Cryptomixer,’ Seize Millions in Crypto
Police Disrupt ‘Cryptomixer,’ Seize Millions in Crypto Multiple European law enforcement agencies recently disrupted Cryptomixer, a service allegedly used by cybercriminals to launder ill-gotten gains from ransomware and other cyber activities. Alexander Culafi Go to gbhackers.com
-
Shai-hulud 2.0 Variant Threatens Cloud Ecosystem
Shai-hulud 2.0 Variant Threatens Cloud Ecosystem The latest attack from the self-replicating, npm-package poisoning worm can also steal credentials and secrets from AWS, Google Cloud Platform, and Azure. Elizabeth Montalbano, Contributing Writer Go to gbhackers.com
-
APT36 Deploys Python-Based ELF Malware in Targeted Attacks on Indian Government Agencies
APT36 Deploys Python-Based ELF Malware in Targeted Attacks on Indian Government Agencies Pakistan-linked cyberespionage group APT36 (Transparent Tribe) has escalated its campaign against Indian government institutions with the deployment of sophisticated Python-based ELF malware specifically designed… Go to gbhackers.com
-
PoC Released for Outlook “MonikerLink” RCE Flaw Allowing Remote Code Execution
PoC Released for Outlook “MonikerLink” RCE Flaw Allowing Remote Code Execution Security researchers have released a proof-of-concept (PoC) exploit for CVE-2024-21413, a critical remote code execution vulnerability in Microsoft Outlook dubbed “MonikerLink.” This flaw enables… Go to gbhackers.com
-
Linux 6.18 Rolls Out With Major Hardware Support Upgrades and Driver Enhancements
Linux 6.18 Rolls Out With Major Hardware Support Upgrades and Driver Enhancements Linus Torvalds has officially released Linux 6.18, the latest stable version of the Linux kernel. The announcement came on Sunday, November 30, 2025, marking… Go to gbhackers.com
-
Police takes down Cryptomixer cryptocurrency mixing service
Police takes down Cryptomixer cryptocurrency mixing service Law enforcement officers from Switzerland and Germany have taken down the Cryptomixer cryptocurrency-mixing service, believed to have helped cybercriminals launder stolen funds. […] Sergiu Gatlan Go to bleepingcomputer
-
Windows 11 24H2 Update Hides the Password Icon in the Sign-in Options on the Lock Screen
Windows 11 24H2 Update Hides the Password Icon in the Sign-in Options on the Lock Screen Microsoft has confirmed a bizarre user interface bug affecting Windows 11 version 24H2 devices that renders the password sign-in icon invisible on the lock screen. The issue, stemming from the August 2025 non-security preview update (KB5064081) and persisting in…
-
PoC Exploit Released for Critical Outlook 0-Click Remote Code Execution Vulnerability
PoC Exploit Released for Critical Outlook 0-Click Remote Code Execution Vulnerability A Proof-of-Concept (PoC) exploit code has been released for a critical remote code execution (RCE) vulnerability in Microsoft Outlook, identified as CVE-2024-21413. Dubbed “MonikerLink,” this flaw allows attackers to bypass Outlook’s security mechanisms, specifically the “Protected View,” to execute malicious code or steal credentials.…
-
Hackers Allegedly Claim Breach of Mercedes-Benz USA Legal and Customer Data
Hackers Allegedly Claim Breach of Mercedes-Benz USA Legal and Customer Data A threat actor known as “zestix” has claimed responsibility for a significant data breach affecting Mercedes-Benz USA (MBUSA), allegedly exfiltrating 18.3 GB of sensitive legal and customer information. The threat actor posted the dataset for sale on a dark web forum, pricing the complete…
-
Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets
Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets The threat actor known as Tomiris has been attributed to attacks targeting foreign ministries, intergovernmental organizations, and government entities in Russia with an aim to establish remote access and deploy additional tools. “These attacks highlight a notable shift in Tomiris’s tactics, namely…
-
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence of active exploitation. The vulnerability in question is CVE-2021-26829 (CVSS score: 5.4), a cross-site scripting (XSS) flaw…
-
ISC Stormcast For Monday, December 1st, 2025 https://isc.sans.edu/podcastdetail/9718, (Mon, Dec 1st)
ISC Stormcast For Monday, December 1st, 2025 https://isc.sans.edu/podcastdetail/9718, (Mon, Dec 1st) (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Go to isc.sans.edu
-
Tomiris Hacker Group Unveils New Tools and Techniques for Global Attacks
Tomiris Hacker Group Unveils New Tools and Techniques for Global Attacks A new wave of cyberattacks has been discovered targeting government officials and diplomats across Russia and Central Asia. The group, which has been active… Go to gbhackers.com
-
Mystery OAST Tool Exploits 200 CVEs Using Google Cloud for Large-Scale Attacks
Mystery OAST Tool Exploits 200 CVEs Using Google Cloud for Large-Scale Attacks A sophisticated threat actor has been operating a private Out-of-band Application Security Testing (OAST) service hosted on Google Cloud infrastructure to conduct a large-scale… Go to gbhackers.com
-
Albiriox Malware Emerges, Targeting Android Users for Full Device Takeover
Albiriox Malware Emerges, Targeting Android Users for Full Device Takeover A dangerous new Android malware called Albiriox has been discovered by security researchers, posing a serious threat to mobile banking and cryptocurrency users worldwide. The malware… Go to gbhackers.com
-
Japanese beer giant Asahi says data breach hit 1.5 million people
Japanese beer giant Asahi says data breach hit 1.5 million people Asahi Group Holdings, Japan’s largest beer producer, has finished the investigation into the September cyberattack and found that the incident has impacted up to 1.9 million individuals. […] Bill Toulas Go to bleepingcomputer
-
Leak confirms OpenAI is preparing ads on ChatGPT for public roll out
Leak confirms OpenAI is preparing ads on ChatGPT for public roll out OpenAI is now internally testing ‘ads’ inside ChatGPT that could redefine the web economy. […] Mayank Parmar Go to bleepingcomputer
-
CISA Warns of OpenPLC ScadaBR cross-site scripting vulnerability Exploited in Attacks
CISA Warns of OpenPLC ScadaBR cross-site scripting vulnerability Exploited in Attacks The Cybersecurity and Infrastructure Security Agency (CISA) has officially updated its Known Exploited Vulnerabilities (KEV) catalog to include a critical flaw in OpenPLC ScadaBR, confirming that threat actors are actively weaponizing it in the wild. The security defect, identified as CVE-2021-26829, is a Cross-Site…
-
This month in security with Tony Anscombe – November 2025 edition
This month in security with Tony Anscombe – November 2025 edition Data exposure by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month’s cybersecurity news Go to eset
-
Cybercriminals Register 18,000 Holiday-Themed Domains to Launch Seasonal Scams
Cybercriminals Register 18,000 Holiday-Themed Domains to Launch Seasonal Scams The holiday season has always been a magnet for increased online activity, but 2025 marks a new high-water mark in cybercrime intensity. FortiGuard Labs’… Go to gbhackers.com
-
Poland Arrests Suspected Russian Hacker Targeting Local Organizations’ Networks
Poland Arrests Suspected Russian Hacker Targeting Local Organizations’ Networks Polish authorities have made a significant move in their cybercrime enforcement efforts by detaining a Russian national suspected of conducting unauthorized cyber attacks against… Go to gbhackers.com
-
Gainsight Verifies Token Breach Linked to Salesforce Advisory, Issues New IOCs
Gainsight Verifies Token Breach Linked to Salesforce Advisory, Issues New IOCs Gainsight, the leading customer success platform, has confirmed that a security incident involving its Salesforce integration compromised customer tokens for a small subset of… Go to gbhackers.com
-
ShinyHunters Develop Sophisticated New Ransomware-as-a-Service Tool
ShinyHunters Develop Sophisticated New Ransomware-as-a-Service Tool In a significant escalation of the global cyber threat landscape, the notorious threat group ShinyHunters appears to be transitioning from data theft to full-scale… Go to gbhackers.com
-
New GreyNoise IP Checker Helps Users Identify Botnet Activity
New GreyNoise IP Checker Helps Users Identify Botnet Activity Cybersecurity firm GreyNoise has launched a new, free utility designed to answer a question most internet users never think to ask: Is my home… Go to gbhackers.com
-
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison A 44-year-old man was sentenced to seven years and four months in prison for operating an “evil twin” WiFi network to steal the data of unsuspecting travelers at various airports across Australia. […] Bill Toulas Go to bleepingcomputer
-
Microsoft: Windows updates make password login option invisible
Microsoft: Windows updates make password login option invisible Microsoft warned users that Windows 11 updates released since August may cause the password sign-in option to disappear from the lock screen options, even though the button remains functional. […] Sergiu Gatlan Go to bleepingcomputer
-
Public GitLab repositories exposed more than 17,000 secrets
Public GitLab repositories exposed more than 17,000 secrets After scanning all 5.6 million public repositories on GitLab Cloud, a security engineer discovered more than 17,000 exposed secrets across over 2,800 unique domains. […] Bill Toulas Go to bleepingcomputer
-
French Football Federation discloses data breach after cyberattack
French Football Federation discloses data breach after cyberattack The French Football Federation (FFF) disclosed a data breach on Friday after attackers used a compromised account to gain access to administrative management software used by football clubs. […] Sergiu Gatlan Go to bleepingcomputer
-
Malicious LLMs empower inexperienced hackers with advanced tools
Malicious LLMs empower inexperienced hackers with advanced tools Unrestricted large language models (LLMs) like WormGPT 4 and KawaiiGPT are improving their capabilities to generate malicious code, delivering functional scripts for ransomware encryptors and lateral movement. […] Bill Toulas Go to bleepingcomputer
-
New Albiriox Malware Attacking Android Users to Take Complete Control of their Device
New Albiriox Malware Attacking Android Users to Take Complete Control of their Device A sophisticated new Android malware family dubbed “Albiriox” has emerged on the cybercrime landscape, offering advanced remote access capabilities as a Malware-as-a-Service (MaaS). Identified by researchers at Cleafy, the malware is designed to execute On-Device Fraud (ODF) by granting attackers full control…
-
Beware of Weaponized Google Meet Page uses ClickFix Technique to Deliver Malicious Payload
Beware of Weaponized Google Meet Page uses ClickFix Technique to Deliver Malicious Payload A new, highly sophisticated malware campaign has been identified targeting remote workers and organizations through a fake Google Meet landing page. Hosted on the deceptive domain gogl-meet[.]com, this attack leverages the “ClickFix” social engineering technique to bypass traditional browser security controls and…
-
French Football Federation Reports Data Breach – Hackers Access Club Software Admin Controls
French Football Federation Reports Data Breach – Hackers Access Club Software Admin Controls The French Football Federation (FFF) has confirmed a significant cybersecurity incident resulting in the theft of personal data belonging to members and licensees. The federation revealed that cybercriminals had infiltrated the centralized administrative software used by football clubs across the country to…
-
Hackers Registered 18,000 Holiday-Themed Domains Targeting ‘Christmas,’ ‘Black Friday,’ and ‘Flash Sale’
Hackers Registered 18,000 Holiday-Themed Domains Targeting ‘Christmas,’ ‘Black Friday,’ and ‘Flash Sale’ The 2025 holiday season has unleashed an unprecedented wave of cyber threats, with attackers deploying industrialized infrastructure to exploit the global surge in online commerce. This year’s threat landscape is characterized by a calculated expansion of deceptive digital assets, where criminals leverage automated tools…
-
Handala Hacker Group Attacking Israeli High-Tech and Aerospace Professionals
Handala Hacker Group Attacking Israeli High-Tech and Aerospace Professionals The Handala hacker group has launched a targeted campaign against Israeli high-tech and aerospace professionals, marking a concerning shift in geopolitically motivated cyber operations. The group recently published a list of individuals working in these critical sectors, accompanied by hostile descriptions that falsely label them as criminals.…
-
What parents should know to protect their children from doxxing
What parents should know to protect their children from doxxing Online disagreements among young people can easily spiral out of control. Parents need to understand what’s at stake. Go to eset
-
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain takeover attack. Software supply chain security company ReversingLabs said it found the “vulnerability” in…
-
North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware
North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware The North Korean threat actors behind the Contagious Interview campaign have continued to flood the npm registry with 197 more malicious packages since last month. According to Socket, these packages have been downloaded over 31,000 times, and are designed to deliver a variant…
-
Why Organizations Are Turning to RPAM
Why Organizations Are Turning to RPAM As IT environments become increasingly distributed and organizations adopt hybrid and remote work at scale, traditional perimeter-based security models and on-premises Privileged Access Management (PAM) solutions no longer suffice. IT administrators, contractors and third-party vendors now require secure access to critical systems from any location and on any device,…
-
MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants
MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants Cybersecurity researchers have shed light on a cross-tenant blind spot that allows attackers to bypass Microsoft Defender for Office 365 protections via the guest access feature in Teams. “When users operate as guests in another tenant, their protections are determined entirely by…
-
Friday Squid Blogging: Flying Neon Squid Found on Israeli Beach
Friday Squid Blogging: Flying Neon Squid Found on Israeli Beach A meter-long flying neon squid (Ommastrephes bartramii) was found dead on an Israeli beach. The species is rare in the Mediterranean. Bruce Schneier Go to bruce schneier
-
Prompt Injection Through Poetry
Prompt Injection Through Poetry In a new paper, “Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models,” researchers found that turning LLM prompts into poetry resulted in jailbreaking the models: Abstract: We present evidence that adversarial poetry functions as a universal single-turn jailbreak technique for Large Language Models (LLMs). Across 25 frontier…
-
Microsoft Blocks External Scripts in Entra ID Logins to Boost Security
Microsoft Blocks External Scripts in Entra ID Logins to Boost Security Microsoft has announced a significant security change to the Microsoft Entra ID sign-in experience that will block external scripts from running during user logins…. Go to gbhackers.com
-
London Councils Hit by Cyberattack, Disrupts IT and Telephone Lines
London Councils Hit by Cyberattack, Disrupts IT and Telephone Lines The Royal Borough of Kensington and Chelsea (RBKC), Westminster City Council, and Hammersmith and Fulham Council confirmed they were targeted in the incident that… Go to gbhackers.com
-
KawaiiGPT: A Free WormGPT Clone Using DeepSeek, Gemini, and Kimi-K2 Models
KawaiiGPT: A Free WormGPT Clone Using DeepSeek, Gemini, and Kimi-K2 Models A new open-source tool called KawaiiGPT has surfaced on GitHub, positioning itself as a “cute” but unrestricted version of artificial intelligence. Developed by a user known… Go to gbhackers.com
-
Black Friday Scammers Are Impersonating Major Brands to Steal Your Money
Black Friday Scammers Are Impersonating Major Brands to Steal Your Money Black Friday is supposed to be chaotic, sure, but not this chaotic. Amid genuine doorbusters and flash sales, a large-scale, highly polished scam campaign… Go to gbhackers.com
-
OpenAI Reveals Mixpanel Data Breach Exposing User Details
OpenAI Reveals Mixpanel Data Breach Exposing User Details OpenAI has publicly disclosed a security incident involving a data breach at Mixpanel, a third-party analytics provider previously used by the company for monitoring… Go to gbhackers.com
-
OpenAI discloses API customer data breach via Mixpanel vendor hack
OpenAI discloses API customer data breach via Mixpanel vendor hack OpenAI is notifying some ChatGPT API customers that limited identifying information was exposed following a breach at its third-party analytics provider Mixpanel. […] Ionut Ilascu Go to bleepingcomputer
-
Comcast to Pay a $1.5 Million Fine to Settle an FCC Investigation Linked to Vendor Data Breach
Comcast to Pay a $1.5 Million Fine to Settle an FCC Investigation Linked to Vendor Data Breach The company has agreed to pay a $1.5 million fine to settle a Federal Communications Commission investigation into a data breach that exposed personal information from over 237,000 customers. Reuters reports that the FCC announced the settlement on…
-
Poland Arrested Suspected Russian Citizen Hacking for Local Organizations Computer Networks
Poland Arrested Suspected Russian Citizen Hacking for Local Organizations Computer Networks Polish authorities have arrested a Russian citizen suspected of conducting unauthorized cyberattacks against the computer networks of local organizations. The arrest marks a significant development in the country’s efforts to combat cybercrime targeting Polish and European businesses. On November 16, 2025, officers from the…
-
Microsoft to Block External Scripts in Entra ID Logins to Enhance Protections
Microsoft to Block External Scripts in Entra ID Logins to Enhance Protections Microsoft has announced a significant security upgrade to its Microsoft Entra ID authentication process, as part of the company’s broader Secure Future Initiative. Microsoft is updating its Content Security Policy (CSP) to block the execution of external scripts during user sign-ins. This proactive…
-
London Councils’ IT Systems Impacted by CyberAttack, Including Phone Lines
London Councils’ IT Systems Impacted by CyberAttack, Including Phone Lines Three West London councils are struggling with significant disruption to IT systems and phone lines after a cyberattack on a shared services provider, which officials are publicly describing only as an “IT incident”. The Royal Borough of Kensington and Chelsea (RBKC), Westminster City Council (WCC),…
-
Shai Hulud 2.0 Compromises 1,200+ Organizations, Exposing Critical Runtime Secrets
Shai Hulud 2.0 Compromises 1,200+ Organizations, Exposing Critical Runtime Secrets The Shai Hulud 2.0 worm, first detected on November 24, 2025, has compromised nearly 1,200 organizations, including major banks, government bodies, and Fortune 500 technology firms. While initial reports described it as a simple npm supply chain attack that flooded GitHub with spam repositories, new…
-
TR-25-0419 (Huawei Güvenlik Bildirimi)
TR-25-0419 (Huawei Güvenlik Bildirimi) Go to usom.gov
-
TR-25-0418 (Mattermost Uygulama Güvenlik Bildirimi)
TR-25-0418 (Mattermost Uygulama Güvenlik Bildirimi) Go to usom.gov
-
Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan
Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan The threat actor known as Bloody Wolf has been attributed to a cyber attack campaign that has targeted Kyrgyzstan since at least June 2025 with the goal of delivering NetSupport RAT. As of October 2025, the activity has expanded to also single out Uzbekistan,…
-
Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update
Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update Microsoft has announced plans to improve the security of Entra ID authentication by blocking unauthorized script injection attacks starting a year from now. The update to its Content Security Policy (CSP) aims to enhance the Entra ID sign-in experience at “login.microsoftonline[.]com” by…
-
Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools
Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools If you’re using community tools like Chocolatey or Winget to keep systems updated, you’re not alone. These platforms are fast, flexible, and easy to work with—making them favorites for IT teams. But there’s a catch… The very tools that make your job easier might…
-
ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories
ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-laundering busts and new scams, there’s a lot happening in the cyber world. Criminals are getting creative — using smart tricks to steal…
-
Gainsight Expands Impacted Customer List Following Salesforce Security Alert
Gainsight Expands Impacted Customer List Following Salesforce Security Alert Gainsight has disclosed that the recent suspicious activity targeting its applications has affected more customers than previously thought. The company said Salesforce initially provided a list of 3 impacted customers and that it has “expanded to a larger list” as of November 21, 2025. It did…
-
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartphones belonging to users of popular encrypted messaging apps such as Signal, WhatsApp, and Telegram. Read more in my article…
-
Chrome Extension Malware Secretly Adds Hidden SOL Fees to Solana Swap Transactions
Chrome Extension Malware Secretly Adds Hidden SOL Fees to Solana Swap Transactions Security researchers at Socket have uncovered a deceptive Chrome extension called Crypto Copilot that masquerades as a legitimate Solana trading tool while secretly siphoning… Go to gbhackers.com
-
Massive Data Leak: ByteToBreach Offers Stolen Global Airline, Banking, and Government Records
Massive Data Leak: ByteToBreach Offers Stolen Global Airline, Banking, and Government Records A cybercriminal operating under the alias ByteToBreach has emerged as a prominent figure in the underground data trade, orchestrating a series of high-profile breaches… Go to gbhackers.com
-
Threat Actors Use Fake Update Lures to Deploy SocGholish Malware
Threat Actors Use Fake Update Lures to Deploy SocGholish Malware In a significant escalation of cyber threats, Arctic Wolf Labs has identified a coordinated campaign in which the Russian-aligned RomCom threat group leverages the… Go to gbhackers.com
-
Hackers Launch Active Attacks on Telecom and Media Industries
Hackers Launch Active Attacks on Telecom and Media Industries The telecommunications & media sector stands at the epicenter of a relentless cyber onslaught, as evidenced by CYFIRMA’s latest quarterly industry report. Leveraging telemetry-driven… Go to gbhackers.com
-
HashJack: A Novel Exploit Leveraging URL Fragments To Deceive AI Browsers
HashJack: A Novel Exploit Leveraging URL Fragments To Deceive AI Browsers Security researchers at Cato CTRL have uncovered HashJack. This innovative indirect prompt-injection attack hides harmful commands in the fragment portion of URLs after the… Go to gbhackers.com
-
New ShadowV2 botnet malware used AWS outage as a test opportunity
New ShadowV2 botnet malware used AWS outage as a test opportunity A new Mirai-based botnet malware named ‘ShadowV2’ has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. […] Bill Toulas Go to bleepingcomputer
-
NordVPN Black Friday Deal: Unlock 77% off VPN plans in 2025
NordVPN Black Friday Deal: Unlock 77% off VPN plans in 2025 The NordVPN Black Friday Deal is now live, and you can get the best discount available: 77% off that applies automatically when you follow our link. If you’ve been waiting for the right moment to upgrade your online security, privacy, and streaming freedom, this is…
-
Popular Forge library gets fix for signature verification bypass flaw
Popular Forge library gets fix for signature verification bypass flaw A vulnerability in the ‘node-forge’ package, a popular JavaScript cryptography library, could be exploited to bypass signature verifications by crafting data that appears valid. […] Bill Toulas Go to bleepingcomputer
-
Comcast to pay $1.5M fine for vendor breach affecting 270K customers
Comcast to pay $1.5M fine for vendor breach affecting 270K customers Comcast will pay a $1.5 million fine to settle a Federal Communications Commission investigation into a February 2024 vendor data breach that exposed the personal information of nearly 275,000 customers. […] Sergiu Gatlan Go to bleepingcomputer
-
Multiple London councils’ IT systems disrupted by cyberattack
Multiple London councils’ IT systems disrupted by cyberattack The Royal Borough of Kensington and Chelsea (RBKC) and the Westminster City Council (WCC) announced that they are experiencing service disruptions following a cybersecurity issue. […] Bill Toulas Go to bleepingcomputer
-
OpenAI Discloses Mixpanel Data Breach – Name, Email Address and Operating System Details Exposed
OpenAI Discloses Mixpanel Data Breach – Name, Email Address and Operating System Details Exposed The company has publicly revealed a security incident involving Mixpanel, a third-party analytics provider previously used to monitor activity on platform.openai.com, the frontend for its API product. The company emphasized transparency in its announcement, assuring users that the breach did not compromise…
-
Hackers Actively Attacking Telecommunications & Media Industry to Deploy Malicious Payloads
Hackers Actively Attacking Telecommunications & Media Industry to Deploy Malicious Payloads Cybercriminals are launching increasingly sophisticated attacks against the telecommunications and media industry, focusing their efforts on deploying malicious payloads that compromise critical infrastructure. Recent security analysis reveals a concerning trend where threat actors are systematically targeting network operators, media platforms, and broadcasting services to…
-
Hackers Exploiting Fake Battlefield 6 Popularity to Deploy Stealers and C2 Agents
Hackers Exploiting Fake Battlefield 6 Popularity to Deploy Stealers and C2 Agents Since its release in October, Battlefield 6 has become one of the year’s most anticipated game launches. However, cybercriminals have quickly seized on this popularity to distribute malicious software. Attackers have created fake cracked versions of the game and fraudulent game trainers, spreading…
-
Threat Actors Allegedly Listed iOS 26 Full‑Chain 0‑Day Exploit on Dark Web
Threat Actors Allegedly Listed iOS 26 Full‑Chain 0‑Day Exploit on Dark Web A threat actor operating under the alias ResearcherX has posted what they claim to be a full‑chain zero‑day exploit targeting Apple’s recently released iOS 26 operating system. The listing, which appeared on a prominent dark web marketplace, alleges that the exploit leverages a…
-
Hackers Tricks macOS Users to Execute Command in Terminal to Deliver FlexibleFerret Malware
Hackers Tricks macOS Users to Execute Command in Terminal to Deliver FlexibleFerret Malware Cybercriminals are successfully targeting Apple users through a sophisticated social engineering scheme that tricks victims into running harmful commands on their computers. The threat, called FlexibleFerret, is attributed to North Korean operators and represents a continuing evolution of the Contagious Interview campaign…
-
TR-25-0417 (Zenitel Çoklu Ürün Güvenlik Bildirimi)
TR-25-0417 (Zenitel Çoklu Ürün Güvenlik Bildirimi) Go to usom.gov
-
TR-25-0416 (Apache Güvenlik Bildirimi)
TR-25-0416 (Apache Güvenlik Bildirimi) Go to usom.gov
-
TR-25-0415 (WordPress Eklenti Güvenlik Bildirimi)
TR-25-0415 (WordPress Eklenti Güvenlik Bildirimi) Go to usom.gov
-
TR-25-0414 (Microsoft Azure Güvenlik Bildirimi)
TR-25-0414 (Microsoft Azure Güvenlik Bildirimi) Go to usom.gov
-
TR-25-0413 (NVIDIA Güvenlik Zafiyeti)
TR-25-0413 (NVIDIA Güvenlik Zafiyeti) Go to usom.gov
-
Shai-Hulud v2 Spreads From npm to Maven, as Campaign Exposes Thousands of Secrets
Shai-Hulud v2 Spreads From npm to Maven, as Campaign Exposes Thousands of Secrets The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry. The Socket Research Team said it identified a Maven Central package named org.mvnpm:posthog-node:4.18.1 that embeds the…
-
Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist
Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist South Korea’s financial sector has been targeted by what has been described as a sophisticated supply chain attack that led to the deployment of Qilin ransomware. “This operation combined the capabilities of a major Ransomware-as-a-Service (RaaS) group, Qilin, with potential involvement from…
-
When Your $2M Security Detection Fails: Can your SOC Save You?
When Your $2M Security Detection Fails: Can your SOC Save You? Enterprises today are expected to have at least 6-8 detection tools, as detection is considered a standard investment and the first line of defense. Yet security leaders struggle to justify dedicating resources further down the alert lifecycle to their superiors. As a result, most…
-
Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools
Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools If you’re using community tools like Chocolatey or Winget to keep systems updated, you’re not alone. These platforms are fast, flexible, and easy to work with—making them favorites for IT teams. But there’s a catch… The very tools that make your job easier might…
-
Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps
Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps Cybersecurity researchers have discovered a new malicious extension on the Chrome Web Store that’s capable of injecting a stealthy Solana transfer into a swap transaction and transferring the funds to an attacker-controlled cryptocurrency wallet. The extension, named Crypto Copilot, was first published by a…
-
Huawei and Chinese Surveillance
Huawei and Chinese Surveillance This quote is from House of Huawei: The Secret History of China’s Most Powerful Company. “Long before anyone had heard of Ren Zhengfei or Huawei, Wan Runnan had been China’s star entrepreneur in the 1980s, with his company, the Stone Group, touted as “China’s IBM.” Wan had believed that economic change…
-
Smashing Security podcast #445: The hack that brought back the zombie apocalypse
Smashing Security podcast #445: The hack that brought back the zombie apocalypse America’s airwaves are haunted by zombies again, as we dig into a decade of broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts.…
-
Shadow AI security breaches will hit 40% of all companies by 2030, warns Gartner
Shadow AI security breaches will hit 40% of all companies by 2030, warns Gartner Shadow AI – the use of artificial intelligence tools by employees without a company’s approval and oversight – is becoming a significant cybersecurity risk. Read more in my article on the Fortra blog. Graham Cluley Go to grahamcluley
-
Digital Fraud at Industrial Scale: 2025 Wasn’t Great
Digital Fraud at Industrial Scale: 2025 Wasn’t Great Advanced fraud attacks surged 180% in 2025 as cyber-scammers used generative AI to churn out flawless IDs, deepfakes, and autonomous bots at levels never before seen. Jai Vijayan, Contributing Writer Go to gbhackers.com
-
‘Dark LLMs’ Aid Petty Criminals, But Underwhelm Technically
‘Dark LLMs’ Aid Petty Criminals, But Underwhelm Technically As in the wider world, AI is not quite living up to the hype in the cyber underground. But it’s definitely helping low-level cybercriminals do competent work. Nate Nelson, Contributing Writer Go to gbhackers.com
-
Prompt Injections Loom Large Over ChatGPT’s Atlas Browser
Prompt Injections Loom Large Over ChatGPT’s Atlas Browser It’s the law of unintended consequences: equipping browsers with agentic AI opens the door to an exponential volume of prompt injections. Alexander Culafi Go to gbhackers.com
-
Enterprises Aren’t Confident They Can Secure Non-Human Identities (NHIs)
Enterprises Aren’t Confident They Can Secure Non-Human Identities (NHIs) More than half of organizations surveyed aren’t sure they can secure non-human identities (NHIs), underscoring the lag between the rollout of these identities and the tools to protect them. Don Tait Go to gbhackers.com
-
Cobalt Strike 4.12 Adds New Injection, UAC Bypasses & C2 Features
Cobalt Strike 4.12 Adds New Injection, UAC Bypasses & C2 Features Fortra has officially released Cobalt Strike 4.12, introducing a comprehensive suite of new features designed to enhance red team operations and offensive security research. The… Go to gbhackers.com
-
VSCode Marketplace Hit by Rogue Prettier Extension Delivering Anivia Stealer
VSCode Marketplace Hit by Rogue Prettier Extension Delivering Anivia Stealer A recently discovered malicious Visual Studio Code (VSCode) extension masquerading as the well-known “Prettier” formatter briefly infiltrated the official VSCode Marketplace, delivering a variant… Go to gbhackers.com
-
Microsoft Warns of Security Risks in New Agentic AI Feature
Microsoft Warns of Security Risks in New Agentic AI Feature Microsoft is sounding the alarm on critical security considerations as it introduces agentic AI capabilities to Windows through experimental features like Copilot Actions. The… Go to gbhackers.com
-
Russian and North Korean Hackers Forge Global Cyberattack Alliance
Russian and North Korean Hackers Forge Global Cyberattack Alliance State-sponsored hackers from Russia and North Korea are collaborating on shared infrastructure, marking a significant shift in cyber geopolitics. Security researchers have uncovered evidence… Go to gbhackers.com