Latest news as of 11/10/2025, 12:46:06 PM
The Register
Expired security cert, real Brussels agenda, plus PlugX malware finish the job Cyber spies linked to the Chinese government exploited a Windows shortcut vulnerability disclosed in March – but that Microsoft hasn't fixed yet – to target European diplomats in an effort to steal defense and national security details.…
Bleeping Computer
Ribbon Communications, a provider of telecommunications services to the U.S. government and telecom companies worldwide, revealed that nation-state hackers breached its IT network as early as December 2024. [...]
The Register
Service will tell on compromised organizations, even if they didn't plan on doing so themselves Some orgs would rather you not know when they've suffered a cyberattack, but a new platform from privacy-focused tech firm Proton will shine a light on the big breaches that might otherwise stay buried.…
Bleeping Computer
American business services giant Conduent has confirmed that a 2024 data breach has impacted over 10.5 million people, according to notifications filed with the US Attorney General's offices. [...]
Bleeping Computer
WhatsApp is rolling out passkey-encrypted backups for iOS and Android devices, enabling users to encrypt their chat history using their fingerprint, face, or a screen lock code. [...]
The Hacker News
The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing number of threat actors, some of whom are related to Russian ransomware gangs. AdaptixC2 is an emerging extensible post-exploitation and adversarial emulation framework designed for penetration testing. While the server component is written in Golang, the GUI Client is written in C++ QT for
The Hacker News
Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected malicious calls and messages every month. The tech giant also said it has blocked over 100 million suspicious numbers from using Rich Communication Services (RCS), an evolution of the SMS protocol, thereby preventing scams before they could even be sent. In
Bleeping Computer
Peter Williams, a former general manager at U.S. defense contractor L3Harris Trenchant, has pleaded guilty in U.S. District Court to stealing and selling confidential cybersecurity information to a Russian vulnerability exploit broker. [...]
The Register
Windows Desktop installer also fixed after DLL hijack flaw rated 8.8 severity Docker Compose users are being strongly urged to upgrade their versions of the orchestration tool after a researcher uncovered a flaw that could allow attackers to stage path traversal attacks.…
Graham Cluley
The UK Information Commissioner’s Office (ICO) has levied a fine of £200,000 against a sole trader who sent almost one million spam text messages to people across the country - many of whom were already struggling with debt. Read more in my article on the Hot for Security blog.