469/68 Monday, November 17, 2025 ASUS has released an update to fix a critical vulnerability identified as CVE-2025-59367 (CVSS 9.3), an authentication bypass flaw that allows remote attackers to access unpatched routers without authentication. The vulnerability affects the following DSL router models: DSL-AC51, DSL-N16, and DSL-AC750. ASUS has issued firmware version 1.1.2.3_1010 to address the […]
468/68 Monday, November 17, 2025 Logitech, the well-known computer peripherals manufacturer, has filed a disclosure with the U.S. Securities and Exchange Commission (SEC) confirming that a data breach did occur. The company stated that while attackers were able to access and steal certain data, the incident did not affect manufacturing operations, business continuity, or product […]
467/68 Friday, November 14, 2025 Researchers have detected new DanaBot activity, marking the return of the malware after it was dismantled during the large-scale international Operation Endgame in May. The newly observed variant features a rebuilt command-and-control (C2) infrastructure using Tor-based (.onion) domains and backconnect nodes to remotely control infected devices. Investigators also identified several […]
466/68 Friday, November 14, 2025 Google and Mozilla have released their latest security updates for the Chrome and Firefox browsers, addressing several high-severity vulnerabilities. In the Chrome 142 update, Google patched CVE-2025-13042, an inappropriate implementation issue in the V8 JavaScript engine. Although specific technical details have not yet been disclosed, the flaw could potentially lead […]
465/68 Friday, November 14, 2025 Security researchers at the Genians Security Center (GSC) have uncovered highly concerning findings, revealing that the KONNI hacking group – believed to be supported by North Korea and linked to Kimsuky (APT37) – has developed sophisticated attack techniques to spy on and wipe data from victims’ Android devices. The campaign […]
464/68 Thursday, November 13, 2025 Microsoft has issued its monthly Patch Tuesday security update, addressing more than 60 vulnerabilities across the company’s products – including a Zero-Day vulnerability actively exploited in the wild on Windows systems. The Zero-Day, CVE-2025-62215, is a Privilege Escalation flaw rated Important, allowing attackers to elevate their privileges to the highest […]
463/68 Thursday, November 13, 2025 SAP has released its November 2025 security updates, addressing a total of 19 vulnerabilities — including one Critical flaw (CVSS 10.0), tracked as CVE-2025-42890, affecting SQL Anywhere Monitor (Non-GUI). The vulnerability stems from insecure key and secret management due to hardcoded credentials embedded directly in the code. This flaw allows […]
462/68 Thursday, November 13, 2025 Cybersecurity researchers from Zimperium have uncovered a new Android malware called Fantasy Hub, a Remote Access Trojan (RAT) currently being sold openly on Russian-language Telegram channels under a Malware-as-a-Service (MaaS) model. The malware is designed for data theft and full device control, capable of collecting sensitive information such as SMS […]
461/68 Wednesday, November 12, 2025 Security researchers have discovered an advanced threat actor (APT) abusing the Google Find Hub (Android’s Find My Device) service to locate victims via GPS and remotely trigger factory resets to erase devices, thereby covering their tracks. After wiping devices, attackers sever victims’ accounts from services-especially messaging apps-and then use the […]
460/68 Wednesday, November 12, 2025 Cybersecurity firm Mandiant (Google) has identified active exploitation of an n-day vulnerability in Gladinet Triofox, a secure enterprise file-sharing and remote access platform, shortly after a patch was released. The critical flaw, tracked as CVE-2025-12480 with a CVSS score of 9.1, allows attackers to bypass authentication and gain access to […]
