Port 22

~ 28 Nov 2025 ~

TryHackMe races to add women to Christmas cyber challenge roster after backlash

OBR drags in cyber bigwig after Budget leak blunder

UK digital ID plan gets a price tag at last 1.8B

Poems Can Trick AI Into Helping You Make a Nuclear Weapon

Tomiris wreaks Havoc: New tools and techniques of the APT group

Korean web giant Naver acquired crypto exchange Upbit, which reported a $30m heist a day later

~ 27 Nov 2025 ~

Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update

Zendesk users targeted as Scattered Lapsus$ Hunters spin up fake support sites

OpenAI cuts off Mixpanel after analytics leak exposes API users

ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks and 20 More Stories

FCC sounds alarm after emergency tones turned into potty-mouthed radio takeover

Asahi admits ransomware gang may have spilled almost 2M people's data

Gainsight Expands Impacted Customer List Following Salesforce Security Alert

Scottish council still rebuilding systems two years after ransomware attack

What parents should know to protect their children from doxxing

~ 26 Nov 2025 ~

Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets

Gainsight CEO downplays breach, says only a 'handful' of customers had data stolen

Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim 'Korean Leaks' Data Heist

Botnet takes advantage of AWS outage to smack 28 countries

When Your $2M Security Detection Fails: Can your SOC Save You?

Meet Rey, the Admin of Scattered Lapsus$ Hunters

Mobile industry warns patchwork cyber regs are driving up costs

Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools

Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps

The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been Performative

CodeRED emergency alert system CodeDEAD after INC ransomware attack

US Navy scuttles Constellation frigate program for being too slow for tomorrow's threats

RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

Huawei and Chinese Surveillance

London councils probe cyber incident as shared IT systems knocked offline

Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025

FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams

Top five cybersecurity Black Friday deals for businesses 2025

~ 25 Nov 2025 ~

Lifetime access to AI-for-evil WormGPT 4 costs just $220

Corporate predators get more than they bargain for when their prey runs SonicWall firewalls

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys

ICE Offers Up to $280 Million to Immigrant-Tracking Bounty Hunter Firms

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

HashJack attack shows AI browsers can be fooled with a simple #

ToddyCats New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens

Charting the future of SOC: Human and AI collaboration for better security

3 SOC Challenges You Need to Solve Before 2026

Get ready for 2026, the year of AI-aided ransomware

Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware

Clop's Oracle EBS rampage reaches Dartmouth College

CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users

Four Ways AI Is Being Used to Strengthen Democracies Worldwide

Zenitel TCIV-3+

SiRcom SMART Alert (SiSA)

Rockwell Automation Arena Simulation

Opto 22 groov View

Festo Compact Vision System, Control Block, Controller, and Operator Unit products

Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share

CISA warns spyware crews are breaking into Signal and WhatsApp accounts

Russian spy ship theories sink after Orkney blackout traced to wind farm fault

Influencers in the crosshairs: How cybercriminals are targeting content creators

ZTE, China Unicom Liaoning and Dalian Changhai Airport launch 5G-A ISAC private network to elevate low-altitude security and airport safety

~ 24 Nov 2025 ~

Fresh ClickFix attacks use Windows Update trick-pics to steal credentials

Praise Amazon for raising this service from the dead

New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions

Ex-CISA officials, CISOs dispel 'hacklore,' spread cybersecurity truths

Is Your Android TV Streaming Box Part of a Botnet?

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More

Dec 11 | Signalgate The Rise of Alternative Communication Platforms

Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs

Years-old bugs in open source tool left every major cloud open to disruption

Intrusion at real estate finance biz sparks concern for big banks

Shai-Hulud worm returns, belches secrets to 25K GitHub repos

Amazon Is Using Specialized AI Agents for Deep Bug Hunting

FCC guts post-Salt Typhoon telco rules despite ongoing espionage risk

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

To buy or not to buy: How cybercriminals capitalize on Black Friday

IACR Nullifies Election Because of Lost Decryption Key

CISA orders feds to patch Oracle Identity Manager zero-day after signs of abuse

MDR is the answer now, whats the question?

Championing cyber security: the national UK cyber team's journey at the European Cyber Security Challenge

Cryptology boffins association to re-run election after losing encryption key needed to count votes

70-hour work weeks no longer enough for Infosys founder, who praises Chinas 996 culture

~ 23 Nov 2025 ~

Weaponized file name flaw makes updating glob an urgent job

~ 22 Nov 2025 ~

China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

US Border Patrol Is Spying on Millions of American Drivers

~ 21 Nov 2025 ~

Friday Squid Blogging: New Squid Sneaker

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

ShinyHunters 'does not like Salesforce at all,' claims the crew accessed Gainsight 3 months ago

More on Rewiring Democracy

Google Brings AirDrop Compatibility to Androids Quick Share Using Rust-Hardened Security

Microsoft named a Leader in the Gartner Magic Quadrant for Access Management for the ninth consecutive year

Why IT Admins Choose Samsung for Mobile Security

APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains

Four charged over alleged plot to smuggle Nvidia AI chips into China

SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny

Russia-linked crooks bought a bank for Christmas to launder cyber loot

AI as Cyberattacker

Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity

This Hacker Conference Installed a Literal Anti-Virus Monitoring System

ToddyCat: your hidden email assistant. Part 1