ICYMI: 2025-11-11
Latest Headlines
WhatsApp Malware ‘Maverick’ Hijacks Browser Sessions to Target Brazil’s Biggest Banks
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories
Android Trojan ‘Fantasy Hub’ Malware Service Turns Telegram Into a Hub for Hackers
Microsoft Patches Actively Exploited Windows Kernel Zero-Day
Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform
SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager
CMMC Live: Pentagon Demands Verified Cybersecurity From Contractors
‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics
Beware of Security Alert-Themed Malicious Emails that Steal Your Email Logins
Microsoft November 2025 Patch Tuesday – 63 Vulnerabilities, Including 1 Zero-Day Fixed
Firefox Releases Security Update to Fix Multiple Vulnerabilities Allowing Arbitrary Code Execution
Researchers Uncover the Strong Links Between Maverick and Coyote Banking Malwares
New VanHelsing Ransomware RaaS Model Attacking Windows, Linux, BSD, ARM, and ESXi Systems
Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Arbitrary Files to Disk
Android Remote Data-Wipe Malware Attacking Users Leveraging Google’s Find Hub
Synology BeeStation 0-Day Vulnerability Let Remote Attackers Execute Arbitrary Code
Hackers Weaponizing Calendar Files as New Attack Vector Bypassing Traditional Email Defenses
Synology fixes BeeStation zero-days demoed at Pwn2Own Ireland
Hackers abuse Triofox antivirus feature to deploy remote access tools
Microsoft: Windows 11 23H2 Home and Pro reach end of support
Microsoft releases KB5068781 — The first Windows 10 extended security update
Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws
Windows 11 KB5068861 & KB5068865 cumulative updates released
Microsoft: Emergency Windows 10 update fixes ESU enrollment bug
“Bitcoin Queen” gets 11 years in prison for $7.3 billion Bitcoin scam
SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor
GlobalLogic warns 10,000 employees of data theft after Oracle breach
How a CPU spike led to uncovering a RansomHub ransomware attack
Webinar: Modern Patch Management – Strategies to patch faster with less risk
– MTZ