Latest news as of 11/12/2025, 6:13:37 AM
Bleeping Computer
QNAP warned customers to patch a critical ASP.NET Core vulnerability that also impacts the company's NetBak PC Agent, a Windows utility for backing& up data to a QNAP network-attached storage (NAS) device. [...]
The Hacker News
Social media platform X is urging users who have enrolled for two-factor authentication (2FA) using passkeys and hardware security keys like Yubikeys to re-enroll their key to ensure continued access to the service. To that end, users are being asked to complete the re-enrollment, either using their existing security key or enrolling a new one, by November 10, 2025. "After November 10, if you
Bleeping Computer
A zero-day vulnerability in Google Chrome exploited in Operation ForumTroll earlier this year delivered malware linked to Italian spyware vendor Memento Labs, born after IntheCyber Group acquired the infamous Hacking Team. [...]
The Register
Ravin Academy confirms the intrusion on Telegram, says investigation continues Iran's school for state-sponsored cyberattackers admits it suffered a breach exposing the names and other personal information of its associates and students.…
Dark Reading
The attack by the one of the most impactful RaaS groups active today demonstrates an evasion strategy that can stump defenses not equipped to detect cross-platform threats.
Bleeping Computer
Google AI Studio product lead teased that everyone will be able to vibe code video games by the end of the year. [...]
The Hacker News
Cybersecurity researchers have discovered a new vulnerability in OpenAI's ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the artificial intelligence (AI)-powered assistant's memory and run arbitrary code. "This exploit can allow attackers to infect systems with malicious code, grant themselves access privileges, or deploy malware," LayerX
The Register
Nations previously exempt from scraping now in the firing line If you thought living in Europe, Canada, or Hong Kong meant you were protected from having LinkedIn scrape your posts to train its AI, think again. You have a week to opt out before the Microsoft subsidiary assumes you're fine with it.…
Bleeping Computer
Attackers are using AI to weaponize old vulnerabilities while security teams face expanding attack surfaces and limited resources. Intruder's 2025 Exposure Management Index reveals how 3,000+ organizations are adapting and fixing critical flaws faster than ever. [...]
Bleeping Computer
Microsoft now allows IT administrators to remove pre-installed Microsoft Store apps (also known as in-box apps) using a new app management policy. [...]