Latest news as of 11/19/2025, 1:41:32 PM
The Hacker News
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS). The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) that allows attackers to
Have I Been Pwned
In August 2025, . The incident resulted in a data breach that exposed almost 6.4M customer records, including 5.7M unique email addresses. The breach also exposed names, physical addresses, phone numbers, dates of birth and IBANs (International Bank Account Numbers). Bouygues Telecom advised that all affected customers had been notified about the incident. the French telecommunications company Bouygues Telecom detected a cyber attack against their services
The Hacker News
Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors. The vulnerability, tracked as CVE-2025-59689, carries a CVSS score of 6.1, indicating medium severity. "Libraesva ESG is affected by a command injection flaw that can be triggered by a malicious email containing a
Dark Reading
The Japanese government suffered the most cybersecurity incidents in 2024 — 447, nearly double the previous year — while failing to manage 16% of critical systems.
Bleeping Computer
US gaming and casino operator Boyd Gaming Corporation disclosed it suffered a breach after threat actors gained access to its systems and stole data, including employee information and data belonging to a limited number of other individuals. [...]
Dark Reading
GitHub will address weak authentication and overly permissive tokens in the NPM ecosystem, following high-profile threat campaigns like those involving Shai-Hulud malware.
Dark Reading
The for-hire platform leverages legitimate cloud-native tools to make detection and disruption harder for defenders and SOC analysts.
Dark Reading
Cybersecurity leader Jason Manar shares insights on diverse career paths, essential skills, and practical advice for entering and thriving in the high-stress yet rewarding field of cybersecurity.
The Register
AI attacks on the rise A survey of cybersecurity bosses has shown that 62 percent reported attacks on their staff using AI over the last year, either by the use of prompt injection attacks or faking out their systems using phony audio or video generated by AI.…
The Register
Security vendor's no good, very bad year week SonicWall on Monday released a firmware update that the security vendor says will remove rootkit malware deployed in recent attacks targeting Secure Mobile Access (SMA) 100 appliances.…