Latest news as of 11/17/2025, 2:42:10 PM
The Hacker News
Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. "Phantom Taurus' main focus areas include ministries of foreign affairs, embassies, geopolitical events, and military operations," Palo Alto Networks Unit 42
Bleeping Computer
Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands. [...]
Bleeping Computer
Roughly 48,800 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers. [...]
The Register
50,000 firewall devices still exposed Nearly 50,000 Cisco ASA/FTD instances vulnerable to two bugs that are actively being exploited by "advanced" attackers remain exposed to the internet, according to Shadowserver data.…
The Register
Sharing links take seconds to create, but can last for years … Partner Content Seamless collaboration through cloud platforms like Microsoft 365 has radically reshaped the modern workplace. In the span of an hour, you could go from uploading budget proposals to a project channel to live editing a joint presentation with a business partner, all while making lunch plans over Teams. From remote work to video calls, it’s never been easier to connect people, ideas, and information.
Bleeping Computer
Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024. [...]
Bleeping Computer
VMware certification is surging as IT teams face hybrid infra, cloud complexity, & rising risks. See how VMUG Advantage helps practitioners & enterprises turn certification into stronger security & measurable value. [...]
Dark Reading
Agentic AI has introduced abundant shadow artificial intelligence (AI) risks. Cybersecurity startup Entro Security extends its platform to help enterprises combat the growing issue.
Graham Cluley
In episode 70 of The AI Fix, our hosts learn that AI makes people more dishonest, Waymo's robo-cars save lives but get outsmarted by a bathroom mirror, a "rescue" bot slurps up victims head-first, and China shows off a fusion robot arm that can lift ten elephants (or 200,000 pigeons, if you’re scientific about it). Meanwhile Graham reveals how AIs are tricked into solving CAPTCHAs with fake mouse wiggles, and Mark explains how OpenAI’s “deliberative alignment” works perfectly - until the AI realises it is being watched. So, nothing to worry about there then... All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
Dark Reading
Flaws in individual models of Google's AI suite created significant security and privacy risks for users, demonstrating the need for heightened defenses.