Latest news as of 11/17/2025, 12:25:07 PM
Dark Reading
A seemingly benign privilege-escalation process in VMware and other software has likely benefited attackers and other malware strains for years, researchers noted.
Bleeping Computer
The Federal Trade Commission (FTC) is suing Sendit's operating company and its CEO for unlawful collection of data from underage users, as well as deceptive subscription practices. [...]
Graham Cluley
INTERPOL has announced the arrest of 260 alleged romance scammers, sextortionists, and online fraudsters as part of a multi-national operation across Africa. Read more in my article on the Hot for Security blog.
The Hacker News
A group of academics from KU Leuven and the University of Birmingham has demonstrated a new vulnerability called Battering RAM to bypass the latest defenses on Intel and AMD cloud processors. "We built a simple, $50 interposer that sits quietly in the memory path, behaving transparently during startup and passing all trust checks," researchers Jesse De Meulemeester, David Oswald, Ingrid
Bleeping Computer
A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential theft or malware downloads. [...]
Bleeping Computer
Canadian airline WestJet is informing customers that the cyberattack disclosed in June compromised their sensitive information, including passports and ID documents. [...]
Bleeping Computer
Today, Microsoft announced the release of Windows 11 25H2, also known as Windows 11 2025 Update. [...]
The Hacker News
Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. "Phantom Taurus' main focus areas include ministries of foreign affairs, embassies, geopolitical events, and military operations," Palo Alto Networks Unit 42
Bleeping Computer
Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands. [...]
Bleeping Computer
Roughly 48,800 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers. [...]