Latest news as of 11/19/2025, 7:00:16 AM
Dark Reading
The cybercrime group continues to gain attention despite its apparent shutdown last week.
Dark Reading
Researchers have tracked a Russian disinformation campaign against upcoming Moldovan elections, linking it to a previous campaign that began in 2022.
Bleeping Computer
Two vulnerabilities affecting the firmware of Supermicro hardware, including Baseboard Management Controller (BMC) allow attackers to update systems with maliciously crafted images. [...]
Bleeping Computer
OpenAI is internally testing a new version of its AI agent, which uses a special version of GPT-5 dubbed "GPT-Alpha." [...]
The Register
If you recently got an email asking you to verify your credentials to a PyPI site, better change that password The Python Software Foundation warned users of a new string of phishing attacks using a phony Python Package Index (PyPI) website and asking victims to verify their account or face suspension, and advised anyone who did provide their credentials to change their password "immediately."…
Bleeping Computer
Kali Linux has released version 2025.3, the third version of 2025, featuring ten new tools, Nexmon support, and NetHunter improvements. [...]
Dark Reading
The poisoned package, purporting to be a JavaScript utility, threatens the software supply chain with a highly obsfuscated credential stealer.
Bleeping Computer
Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S. organizations in the technology and legal sectors. [...]
The Hacker News
A suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been assessed to be a Chinese state-sponsored threat actor. Recorded Future, which was tracking the activity under the moniker TAG-100, has now graduated it to a hacking group dubbed RedNovember.
Bleeping Computer
Cisco has released security updates to address a high-severity zero-day vulnerability in Cisco IOS and IOS XE Software that is currently being exploited in attacks. [...]