ICYMI: 2025-11-14
Latest Headlines
North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets
Ransomware’s Fragmentation Reaches a Breaking Point While LockBit Returns
Chinese Hackers Use Anthropic’s AI to Launch Automated Cyber Espionage Campaign
Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts
DOJ Issued Seizure Warrant to Starlink Over Satellite Internet Systems Used at Scam Compound
Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability
CYBERCOM 2.0: Pentagon Unveils Plan to Fix Cyber Talent Shortfalls
In Other News: Deepwatch Layoffs, macOS Vulnerability, Amazon AI Bug Bounty
Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack
Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign
Imunify360 Vulnerability Could Expose Millions of Sites to Hacking
Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign
Beware of Phishing Emails as Spam Filter Alerts Steal Your Email Logins in a Blink
Malicious npm Package with 206k Downloads Attacking GitHub-Owned Repositories to Exfiltrate Tokens
NVIDIA NeMo Framework Vulnerabilities Allows Code Injection and Privilege Escalation
SmartApeSG Campaign Leverages ClickFix Technique to Deploy NetSupport RAT
Multiple vulnerabilities in Cisco Unified CCX Allow Attackers to Execute Arbitrary Commands
Hackers Flooded npm Registry Over 43,000 Spam Packages Survived for Almost Two Years
Washington Post Oracle E-Suite 0-Day Hack Impacts 9K+ Employees and Contractors
Critical Imunify360 AV Vulnerability Exposes 56 Million+ Linux-hosted Websites to RCE Attacks
Malicious Chrome Extension as Ethereum Wallet Enables Full Wallet Takeover
Five plead guilty to helping North Koreans infiltrate US firms
Anthropic claims of Claude AI-automated cyberattacks met with doubt
Fortinet confirms silent patch for FortiWeb zero-day exploited in attacks
Checkout.com snubs hackers after data breach, to donate ransom instead
US announces new strike force targeting Chinese crypto scammers
Google backpedals on new Android developer registration rules
ASUS warns of critical auth bypass flaw in DSL series routers
DoorDash hit by new data breach in October exposing user information
Fortinet FortiWeb flaw with public PoC exploited to create admin users
– MTZ