Latest news as of 11/20/2025, 10:50:18 AM
The Register
Outside experts say the vulnerability has probably already been exploited Budding ransomware crooks have another shot at exploiting Fortra's GoAnywhere MFT product now that a new 10/10 severity vulnerability needs patching.…
Dark Reading
Following a pandemic-era respite, financial fraud linked to synthetic identities is rising again, with firms potentially facing $3.3 billion in damages from new accounts.
Bleeping Computer
Ransomware remains one of the most destructive threats—because defenses keep failing. Picus Blue Report 2025 shows prevention dropped to 62%, while data exfiltration prevention collapsed to just 3%. [...]
Bleeping Computer
Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT's License Servlet that can be exploited in command injection attacks. [...]
The Hacker News
The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. "Phishing-as-a-Service (PhaaS) deployments have risen significantly recently," Netcraft said in a new report. "The PhaaS operators charge a monthly fee for phishing software with pre-installed templates impersonating, in some cases,
Dark Reading
A Charming Kitten subgroup is performing some of the most bespoke cyberattacks ever witnessed in the wild, to down select high-value targets.
Dark Reading
Frameworks may seem daunting to implement — especially for government IT teams that may not have an abundance of resources and expertise. But beginning implementation is better than never starting.
The Register
Bad opsec Thalha Jubair, one of the two UK teens arrested on Tuesday and accused of being members of the notorious Scattered Spider cybercrime gang, allegedly played a role in bilking more than 100 organizations out of at least $115 million in ransom payments. The cops nabbed him after following a number of clues, including paying for gift cards from a wallet on the same server that also held wallets receiving extortion payments.…
Dark Reading
Jennifer Ewbank, former CIA deputy director of digital innovation, on resilience, cultural shifts, and cyber fundamentals in the AI era.
The Register
Until Microsoft lobbed it into a virtual volcano A security researcher claims to have found a flaw that could have handed him the keys to almost every Entra ID tenant worldwide.…