Latest news as of 11/18/2025, 7:28:54 AM
Bleeping Computer
The number of malicious dormant domains is on the rise, and as researchers warn, roughly 22.3% of strategically aged domains pose some form of danger. [...]
ZDNet Security
LastPass VP Gabor Angyal said some of the security alerts that initially caused concern were "likely triggered in error."
The Hacker News
A never-before-seen China-based targeted intrusion adversary dubbed Aquatic Panda has been observed leveraging critical flaws in the Apache Log4j logging library as an access vector to perform various post-exploitation operations, including reconnaissance and credential harvesting on targeted systems. Cybersecurity firm CrowdStrike said the infiltration, which was ultimately foiled, was aimed at
The Hacker News
A previously unknown rootkit has been found setting its sights on Hewlett-Packard Enterprise's Integrated Lights-Out (iLO) server management technology to carry out in-the-wild attacks that tamper with the firmware modules and completely wipe data off the infected systems. The discovery, which is the first instance of real-world malware in iLO firmware, was documented by Iranian cybersecurity
ZDNet Security
LastPass VP Gabor Angyal said some of the security alerts that initially caused concern were "likely triggered in error."
Bleeping Computer
Microsoft has released the KB5065789 preview cumulative update for Windows 11 24H2, which includes 41 improvements, including new AI actions in File Explorer and bug fixes for Windows Update and Windows Sandbox. [...]
Bleeping Computer
Broadcom has released security updates to patch two high-severity VMware NSX vulnerabilities reported by the U.S. National Security Agency (NSA). [...]
Graham Cluley
Two 17-year-olds have been arrested by Dutch authorities on suspicion of spying for pro-Russian hackers. The teenagers, who are said to have been recruited as "disposable agents" via Telegram, were reportedly arrested last week "on suspicion that are linked to government-sponsored interference." Read more in my article on the Hot for Security blog.
The Hacker News
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly. Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting "active senior
The Register
Met's Croydon cameras hailed as a triumph, guidance to be published later this year The government is to encourage police forces across England and Wales to adopt live facial recognition (LFR) technology, with a minister praising its use by the Metropolitan Police in a suburb of South London.…