Latest news as of 11/13/2025, 2:44:35 PM
The Hacker News
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased "operations tempo" from the threat actor. The findings come from Google Threat Intelligence Group (GTIG), which said the state-sponsored hacking crew has rapidly refined and retooled its malware arsenal merely five days following
Dark Reading
The Russia-backed threat actor's latest cyber spying campaign is a classic example of how quickly sophisticated hacking groups can pivot when exposed.
Dark Reading
The sophisticated worm — which uses invisible code to steal credentials and turn developer systems into criminal proxies — has so far infected nearly 36k machines.
Dark Reading
"FD-SOI" makes hardware attacks on silicon chips more difficult. And, researchers argue, it'll help OEMs with regulatory compliance.
Dark Reading
The operation took down a massive SIM card fraud network that provided fake phone numbers from more than 80 countries to criminals.
Bleeping Computer
The DNS0.EU non-profit public DNS service focused on European users announced its immediate shut down due to time and resource constraints. [...]
Dark Reading
If an employee's phone connects to their car and then their corporate network, an attack against the car can reach the company.
Dark Reading
Oracle E-Business Suite customers received conflicting deployment guidance, leaving enterprises exposed a recent zero-day flaw, Andrew argues.
Bleeping Computer
Microsoft has confirmed that this month's security updates disable USB mice and keyboards in the Windows Recovery Environment (WinRE), making it unusable. [...]
The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite (EBS) has been weaponized in real-world attacks. The security defect in question is CVE-2025-61884 (CVSS score: 7.5), which has been described as a