ICYMI: 2025-11-21
Latest Headlines
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security
APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains
SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny
Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity
This Hacker Conference Installed a Literal Anti-Virus Monitoring System
In Other News: ATM Jackpotting, WhatsApp-NSO Lawsuit Continues, CISA Hiring
Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day
Over 370 Organizations Take Part in GridEx VIII Grid Security Exercise
SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance
Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks
SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability
Runlayer Emerges From Stealth Mode With $11 Million in Funding
AI-Based Obfuscated Malicious Apps Evading AV Detection to Deploy Malicious Payload
Dark Web Job Market Evolved – Prioritizes Practical Skills Over Formal Education
Hackers Using New Matrix Push C2 to Deliver Malware and Phishing Attacks via Web Browser
Operation DreamJob Attacking Manufacturing Industries Using Job-related WhatsApp Web Message
Chinese Hackers Exploiting WSUS Remote Code Execution Vulnerability to Deploy ShadowPad Malware
Ransomware Actors Primarily Targeting Retailers This Holiday Season to Deploy Malicious Payloads
China-linked APT24 Hackers New BadAudio Compromised Legitimate Public Websites to Attack Users
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
Microsoft: Out-of-band update fixes Windows 11 hotpatch install loop
FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
‘Scattered Spider’ teens plead not guilty to UK transport hack
Avast Makes AI-Driven Scam Defense Available for Free Worldwide
– MTZ