Latest news as of 11/20/2025, 8:14:49 PM
The Hacker News
Law enforcement authorities in the U.K. have arrested two teen members of the Scattered Spider hacking group in connection with their alleged participation in an August 2024 cyber attack targeting Transport for London (TfL), the city's public transportation agency. Thalha Jubair (aka EarthtoStar, Brad, Austin, and @autistic), 19, from East London and Owen Flowers, 18, from Walsall, West Midlands
Graham Cluley
28-year-old Daniel Lee Newhard, an American citizen living in Estonia, has been charged in relation to the notorious hack of Vastaamo, the biggest data breach in Finnish history. Read more in my article on the Hot for Security blog.
The Register
YouTube vids explain digital tradecraft to reach spooks over Tor or VPN without blowing your cover The UK’s Secret Intelligence Service, aka MI6, has created a dark web portal called “Silent Courier” that it hopes would-be foreign informants will find a suitably secure means of sharing secrets.…
The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of two sets of malware that were discovered in an unnamed organization's network following the exploitation of security flaws in Ivanti Endpoint Manager Mobile (EPMM). "Each set contains loaders for malicious listeners that enable cyber threat actors to run arbitrary code on the compromised server,"
Bleeping Computer
OpenAI is finally rolling out a toggle that allows you to decide how hard the GPT-5-thinking model can think. This feature is rolling out to Plus and Pro subscribers. [...]
Dark Reading
The proposed restructuring plan would address many concerns related to the social media platform, but risks remain for security teams.
Dark Reading
Threat actors breached the MySonicWall service and accessed backup firewall configuration files belonging to "fewer than 5%" of its install base, according to the company.
The Register
Sixth such Chrome flaw this year spotted by the Chocolate Factory, already in play Google pushed an emergency patch for a high-severity Chrome flaw, already under active exploitation. So it's time to make sure you're running the most recent version of the web browser.…
The Register
Vendor pulls plug on cloud backup feature, urges admins to reset passwords and re-secure devices SonicWall is telling some customers to reset passwords after attackers broke into its cloud backup service and accessed firewall configuration data.…
The Register
Three US medical centers fess up to serious breaches Cybercriminals broke in and stole nearly a million Americans' data in the space of a week, after three digital burglaries at healthcare providers.…