Latest news as of 11/19/2025, 4:58:52 PM
The Register
Security vendor's no good, very bad year week SonicWall on Monday released a firmware update that the security vendor says will remove rootkit malware deployed in recent attacks targeting Secure Mobile Access (SMA) 100 appliances.…
Dark Reading
Dark Reading Confidential Episode 10: It’s past time for a comprehensive plan to protect vital US systems from nation-state cyberattacks, and increasingly, that responsibility is falling to asset owners across a vast swath of organizations, who likely never bargained for an international cyber conflict playing out in their environments. But here we are. And here’s what comes next, according to Frank Cilluffo from the McCrary Institute and Booz Allen’s Dave Forbes.
The Hacker News
Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity vulnerabilities, both of which stem from improper verification of a cryptographic signature, are
The Hacker News
Law enforcement authorities in Europe have arrested five suspects in connection with an "elaborate" online investment fraud scheme that stole more than €100 million ($118 million) from over 100 victims in France, Germany, Italy, and Spain. According to Eurojust, the coordinated action saw searches in five places across Spain and Portugal, as well as in Italy, Romania and Bulgaria. Bank accounts
Bleeping Computer
Libraesva rolled out an emergency update for its Email Security Gateway solution to fix a vulnerability exploited by threat actors believed to be state sponsored. [...]
Bleeping Computer
WhatsApp has started rolling out a new translation feature that enables Android and iPhone users to translate messages in chats, groups, and channel updates. [...]
The Hacker News
The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials and posed an imminent threat to national security. "This protective intelligence investigation led to the discovery of more than 300 co-located SIM servers and 100,000 SIM cards across multiple sites," the Secret
The Register
Or maybe 3 strikes, you're out? SolarWinds on Tuesday released a hotfix - again - for a critical, 9.8-severity flaw in its Web Help Desk IT ticketing software that could allow a remote, unauthenticated attacker to run commands on a host machine. …
The Register
Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up Security researchers report that OnePlus smartphone users remain vulnerable to a critical bug that allows any application to read SMS and MMS data — a flaw that has persisted since late 2021.…
Dark Reading
In Operation Rewrite, an unspecified actor is using legitimate compromised web servers to deliver malicious content to visitors for financial gain.