FAQ About Sha1-Hulud 2.0 The "Second Coming" of the npm Supply-Chain Campaign

A massive resurgence of the Sha1-Hulud malware family, dubbed “The Second Coming” by its creators, has been observed targeting the npm ecosystem, beginning around November 24. The attackers comprom...

Nov 24, 2025 SECURITY

Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims

Cox Enterprises has confirmed that its Oracle E-Business Suite (EBS) instance was impacted in the recent cybercrime campaign that has targeted many organizations. The company said the attackers ob...

Nov 24, 2025 CYBERSECURITY

2025-11-24 Daily Vulns

NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-31216 Apple - iPadOSApple - ...

Nov 24, 2025 VULNERABILITIES

Weaponized file name flaw makes updating glob an urgent job

Researchers are urging users of the glob file pattern matching library to update their installations due to a recently discovered remote code execution flaw (CVE-2025-64756) in the tool’s CLI. The ...

Nov 23, 2025 VULNS

Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION

The Security Affairs newsletter highlights a surge in cybercrime activity, including a confirmed data breach impacting the Pennsylvania Attorney General following an INC Ransom attack. DoorDash als...

Nov 23, 2025 SECURITY

Iberia discloses security incident tied to supplier breach

Iberia, the flag carrier airline of Spain, is notifying customers of a data breach stemming from a security incident affecting one of its third-party suppliers. The breach resulted in the exposure ...

Nov 23, 2025 DATA BREACH

Department 40 Exposed Inside the IRGC Unit Connecting Cyber Ops to Assassinations

A massive leak of internal documents has blown the cover off one of Iran’s most active hacking groups. For years, the cybersecurity community tracked them as APT35, Charming Kitten, Fresh Feline. N...

Nov 23, 2025 APT

Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges

A critical vulnerability in Azure Bastion (CVE-2025-49752) allows remote attackers to bypass authentication mechanisms and escalate privileges to administrative levels.\n\nThe vulnerability undermi...

Nov 23, 2025 CYBER SECURITY

Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update

The issue is related to how older 7-Zip versions handle symbolic links inside ZIP files (a symbolic link is a shortcut to another file or folder). As explained by Trend Micro’s Zero Day Initiative ...

Nov 23, 2025 SECURITY

WhatsApp API flaw let researchers scrape 3.5 billion accounts

Researchers compiled a list of 3.5 billion WhatsApp mobile phone numbers and associated personal information by abusing a contact-discovery API that lacked rate limiting.\n\nThe researchers from th...

Nov 22, 2025 SECURITY

CrowdStrike Fires Worker Over Insider Leak to Scattered Lapsus Hunters

Leading cybersecurity firm CrowdStrike recently confirmed it fired an employee for sharing confidential internal details with a major hacking group. This incident, which became public on Friday, sh...

Nov 22, 2025 NEWS

2025-11-22 Daily Vulns

NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-0504 Black Duck - Black Duck...

Nov 22, 2025 VULNERABILITIES

US citizens, Chinese nationals busted exporting "cutting-edge" Nvidia AI chips to China

Two American citizens and two Chinese nationals now face 50 years behind bars each for illegally exporting at least four shipments of Nvidia’s cutting-edge GPU chips and their AI technology to the ...

Nov 21, 2025 ARREST

ShinyHunters 'does not like Salesforce at all,' claims the crew accessed Gainsight 3 months ago

The ShinyHunters cybercrime group has claimed responsibility for the Gainsight breach, asserting they leveraged access gained during the earlier Salesloft Drift hack to pilfer data from hundreds of...

Nov 21, 2025 SECURITY

2025-11-21 Daily Vulns

NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-65025 esm-dev - esm.sh ...

Nov 21, 2025 VULNERABILITIES

Sturnus - New Android banking trojan targets WhatsApp, Telegram, and Signal

Sturnus is a new Android banking trojan with full device-takeover abilities. It bypasses encrypted messaging by capturing on-screen content and can steal banking credentials, remotely control the d...

Nov 20, 2025 SECURITY

New Ransomware Variants Targeting Amazon S3 Services Leveraging Misconfigurations and Access Controls

A new wave of ransomware attacks is targeting cloud storage environments, specifically focusing on Amazon Simple Storage Service (S3) buckets that contain critical business data. The Server-Side E...

Nov 20, 2025 CYBER SECURITY

Google exposes BadAudio malware used in APT24 espionage campaigns

China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage campaign that recently switched to more sophisticated attack methods.\n\nStart...

Nov 20, 2025 APT

WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide

A newly discovered campaign has compromised tens of thousands of outdated or end-of-life (EoL) ASUS routers worldwide, predominantly in Taiwan, the U.S., and Russia, to rope them into a massive net...

Nov 19, 2025 SECURITY

Mac users warned about new DigitStealer information stealer

A new information stealer targeting macOS users, dubbed DigitStealer, has been identified. This malware employs advanced detection-evasion techniques and a multi-stage attack chain, presenting new ...

Nov 19, 2025 RESEARCH