Top Security News for Today
Cyberattack on Russia’s food safety agency reportedly disrupts product shipments
https://therecord.media/russia-food-safety-agency-rosselkhoznadzor-ddos-attack
TARMAGEDDON (CVE-2025-62518): RCE Vulnerability Highlights the challenges of open source abandonware
https://therecord.media/cybercrime-treaty-signing-hanoi
Counter Ransomware Initiative stresses importance of supply-chain security
https://therecord.media/counter-ransomware-initiative-software-supply-chain-guidance
Part Four of The Kryptos Sculpture
https://www.schneier.com/blog/archives/2025/10/part-four-of-the-kryptos-sculpture.html
A Quantum-Inspired Algorithm for Solving Sudoku Puzzles and the MaxCut Problem
https://arxiv.org/abs/2510.19835
Excitation of Looped Bistable Bands for High-Speed Linear Actuation
https://arxiv.org/abs/2510.19834
Benchmarking Reasoning Reliability in Artificial Intelligence Models for Energy-System Analysis
https://arxiv.org/abs/2510.19836
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Cyberattack on Russia’s food safety agency reportedly disrupts product shipments
https://therecord.media/russia-food-safety-agency-rosselkhoznadzor-ddos-attack
TARMAGEDDON (CVE-2025-62518): RCE Vulnerability Highlights the challenges of open source abandonware
https://therecord.media/cybercrime-treaty-signing-hanoi
Counter Ransomware Initiative stresses importance of supply-chain security
https://therecord.media/counter-ransomware-initiative-software-supply-chain-guidance
Part Four of The Kryptos Sculpture
https://www.schneier.com/blog/archives/2025/10/part-four-of-the-kryptos-sculpture.html
A Quantum-Inspired Algorithm for Solving Sudoku Puzzles and the MaxCut Problem
https://arxiv.org/abs/2510.19835
Excitation of Looped Bistable Bands for High-Speed Linear Actuation
https://arxiv.org/abs/2510.19834
Benchmarking Reasoning Reliability in Artificial Intelligence Models for Energy-System Analysis
https://arxiv.org/abs/2510.19836
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Cyberattack on Russia’s food safety agency reportedly disrupts product shipments
A veterinary certification platform and systems that track products and chemicals were among the tools disrupted by a DDoS incident, Russia's food safety watchdog said.
Top Security News for Today
Account takeover exploit write-up for Magento SessionReaper
https://www.reddit.com/r/netsec/comments/1ofm6og/account_takeover_exploit_writeup_for_magento/
Pentesting Next.js Server Actions
https://www.reddit.com/r/netsec/comments/1of84hu/pentesting_nextjs_server_actions/
What Does Print Function ACTUALLY Do?
https://www.reddit.com/r/lowlevel/comments/1ofza5t/what_does_print_function_actually_do/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Account takeover exploit write-up for Magento SessionReaper
https://www.reddit.com/r/netsec/comments/1ofm6og/account_takeover_exploit_writeup_for_magento/
Pentesting Next.js Server Actions
https://www.reddit.com/r/netsec/comments/1of84hu/pentesting_nextjs_server_actions/
What Does Print Function ACTUALLY Do?
https://www.reddit.com/r/lowlevel/comments/1ofza5t/what_does_print_function_actually_do/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Account takeover exploit write-up for Magento SessionReaper
Posted by AdAccording4827 - 1 vote and 0 comments
Top Security News for Today
Hacking the World Poker Tour: Inside ClubWPT Gold’s Back Office
https://www.reddit.com/r/netsec/comments/1ogilto/hacking_the_world_poker_tour_inside_clubwpt_golds/
Using EDR-Redir To Break EDR Via Bind Link and Cloud Filter
https://www.reddit.com/r/netsec/comments/1oglfix/using_edrredir_to_break_edr_via_bind_link_and/
NetExec – Network Execution Toolkit for Windows and Active Directory
https://www.darknet.org.uk/2025/10/netexec-network-execution-toolkit-for-windows-and-active-directory/
New no nonsense platform for practice security learning
https://www.reddit.com/r/netsec/comments/1ogmqkl/new_no_nonsense_platform_for_practice_security/
YOLO detect security cameras
http://diablohorn.com/2025/10/26/yolo-detect-security-cameras/
Reaper – Unified Application Security Testing with AI Support
https://www.darknet.org.uk/2025/10/reaper-unified-application-security-testing-with-ai-support/
GlobalCVE — OpenSource Unified CVE Data from Around the World
https://www.reddit.com/r/netsec/comments/1oh4d5w/globalcve_opensource_unified_cve_data_from_around/
CoPHish: New OAuth phishing technique abuses Microsoft Copilot Studio chatbots to create convincing credential theft campaigns
https://www.reddit.com/r/netsec/comments/1oh8j4d/cophish_new_oauth_phishing_technique_abuses/
Vibecoding and the illusion of security
https://www.reddit.com/r/netsec/comments/1oh9mr4/vibecoding_and_the_illusion_of_security/
Jetty's addPath allows LFI in Windows - Traccar Unauthenticated LFI v5.8-v6.8.1
https://www.reddit.com/r/netsec/comments/1oh8zn4/jettys_addpath_allows_lfi_in_windows_traccar/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Hacking the World Poker Tour: Inside ClubWPT Gold’s Back Office
https://www.reddit.com/r/netsec/comments/1ogilto/hacking_the_world_poker_tour_inside_clubwpt_golds/
Using EDR-Redir To Break EDR Via Bind Link and Cloud Filter
https://www.reddit.com/r/netsec/comments/1oglfix/using_edrredir_to_break_edr_via_bind_link_and/
NetExec – Network Execution Toolkit for Windows and Active Directory
https://www.darknet.org.uk/2025/10/netexec-network-execution-toolkit-for-windows-and-active-directory/
New no nonsense platform for practice security learning
https://www.reddit.com/r/netsec/comments/1ogmqkl/new_no_nonsense_platform_for_practice_security/
YOLO detect security cameras
http://diablohorn.com/2025/10/26/yolo-detect-security-cameras/
Reaper – Unified Application Security Testing with AI Support
https://www.darknet.org.uk/2025/10/reaper-unified-application-security-testing-with-ai-support/
GlobalCVE — OpenSource Unified CVE Data from Around the World
https://www.reddit.com/r/netsec/comments/1oh4d5w/globalcve_opensource_unified_cve_data_from_around/
CoPHish: New OAuth phishing technique abuses Microsoft Copilot Studio chatbots to create convincing credential theft campaigns
https://www.reddit.com/r/netsec/comments/1oh8j4d/cophish_new_oauth_phishing_technique_abuses/
Vibecoding and the illusion of security
https://www.reddit.com/r/netsec/comments/1oh9mr4/vibecoding_and_the_illusion_of_security/
Jetty's addPath allows LFI in Windows - Traccar Unauthenticated LFI v5.8-v6.8.1
https://www.reddit.com/r/netsec/comments/1oh8zn4/jettys_addpath_allows_lfi_in_windows_traccar/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Hacking the World Poker Tour: Inside ClubWPT Gold’s Back Office
Explore this post and more from the netsec community
Top Security News for Today
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
https://www.trendmicro.com/en_us/research/25/j/active-water-saci-campaign-whatsapp-update.html
CISA releases warning about Windows Server Update Service bug, orders agencies to patch
https://therecord.media/wsus-vulnerability-cisa-late-friday-warning
Sweden’s power grid operator confirms data breach claimed by ransomware gang
https://therecord.media/sweden-power-grid-operator-data
CoPHish: New OAuth phishing technique abuses Microsoft Copilot Studio chatbots to create convincing credential theft campaigns
https://www.reddit.com/r/netsec/comments/1oh8j4d/cophish_new_oauth_phishing_technique_abuses/
Cities reverse course on automated license plate reader cameras amid privacy concerns
https://therecord.media/cities-reverse-course-on-automated-license-plate-reader-cameras
Louvre Jewel Heist
https://www.schneier.com/blog/archives/2025/10/louvre-jewel-heist.html
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
https://www.trendmicro.com/en_us/research/25/j/active-water-saci-campaign-whatsapp-update.html
CISA releases warning about Windows Server Update Service bug, orders agencies to patch
https://therecord.media/wsus-vulnerability-cisa-late-friday-warning
Sweden’s power grid operator confirms data breach claimed by ransomware gang
https://therecord.media/sweden-power-grid-operator-data
CoPHish: New OAuth phishing technique abuses Microsoft Copilot Studio chatbots to create convincing credential theft campaigns
https://www.reddit.com/r/netsec/comments/1oh8j4d/cophish_new_oauth_phishing_technique_abuses/
Cities reverse course on automated license plate reader cameras amid privacy concerns
https://therecord.media/cities-reverse-course-on-automated-license-plate-reader-cameras
Louvre Jewel Heist
https://www.schneier.com/blog/archives/2025/10/louvre-jewel-heist.html
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Trend Micro
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
Continuous investigation on the Water Saci campaign reveals innovative email-based C&C system, multi-vector persistence, and real-time command capabilities that allow attackers to orchestrate coordinated botnet operations, gather detailed campaign intelligence…
Top Security News for Today
Deepfake-as-a-Service 2025 – How Voice Cloning and Synthetic Media Fraud Are Changing Enterprise Defenses
https://www.darknet.org.uk/2025/10/deepfake-as-a-service-2025-how-voice-cloning-and-synthetic-media-fraud-are-changing-enterprise-defenses/
404 to arbitrary file read in WSO2 API Manager (CVE-2025-2905)
https://www.reddit.com/r/netsec/comments/1oi416x/404_to_arbitrary_file_read_in_wso2_api_manager/
Crafting self masking functions using LLVM
https://www.reddit.com/r/netsec/comments/1oi3jnm/crafting_self_masking_functions_using_llvm/
Improving E-commerce Search with Category-Aligned Retrieval
https://arxiv.org/abs/2510.21710
Social Engineering People’s Credit Card Details
https://www.schneier.com/blog/archives/2025/10/social-engineering-peoples-credit-card-details.html
New Android malware mimics human typing to evade detection, steal money
https://therecord.media/android-malware-mimics-humans-avoid-detection
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Deepfake-as-a-Service 2025 – How Voice Cloning and Synthetic Media Fraud Are Changing Enterprise Defenses
https://www.darknet.org.uk/2025/10/deepfake-as-a-service-2025-how-voice-cloning-and-synthetic-media-fraud-are-changing-enterprise-defenses/
404 to arbitrary file read in WSO2 API Manager (CVE-2025-2905)
https://www.reddit.com/r/netsec/comments/1oi416x/404_to_arbitrary_file_read_in_wso2_api_manager/
Crafting self masking functions using LLVM
https://www.reddit.com/r/netsec/comments/1oi3jnm/crafting_self_masking_functions_using_llvm/
Improving E-commerce Search with Category-Aligned Retrieval
https://arxiv.org/abs/2510.21710
Social Engineering People’s Credit Card Details
https://www.schneier.com/blog/archives/2025/10/social-engineering-peoples-credit-card-details.html
New Android malware mimics human typing to evade detection, steal money
https://therecord.media/android-malware-mimics-humans-avoid-detection
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Darknet - Hacking Tools, Hacker News & Cyber Security
Deepfake-as-a-Service 2025 - How Voice Cloning and Synthetic Media Fraud Are Changing Enterprise Defenses
Deepfake-as-a-Service 2025. How voice cloning and synthetic media fraud hit enterprises, with case studies, detection tactics, and CISO actions.
Top Security News for Today
Living off the land' allowed Russia-linked group to breach Ukrainian entities this summer
https://therecord.media/russia-linked-breaches-ukraine-living-off-the-land
Attacker Target VSCode Extension Marketplace, IDE Plugins Face Higher Supply Chain Attack Risks
https://www.reddit.com/r/netsec/comments/1oiw00r/attacker_target_vscode_extension_marketplace_ide/
Cloud Atlas hackers target Russian agriculture sector ahead of industry forum
https://therecord.media/cloud-atlas-targets-russian-agriculture
More than 10 million impacted by breach of government contractor Conduent
https://therecord.media/millions-impacted-breach-conduent
Former Trenchant exec pleads guilty to selling cyber exploits to Russian broker
https://therecord.media/trenchant-exec-pleads-guilty-russia-secrets
Signal’s Post-Quantum Cryptographic Implementation
https://www.schneier.com/blog/archives/2025/10/signals-post-quantum-cryptographic-implementation.html
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Living off the land' allowed Russia-linked group to breach Ukrainian entities this summer
https://therecord.media/russia-linked-breaches-ukraine-living-off-the-land
Attacker Target VSCode Extension Marketplace, IDE Plugins Face Higher Supply Chain Attack Risks
https://www.reddit.com/r/netsec/comments/1oiw00r/attacker_target_vscode_extension_marketplace_ide/
Cloud Atlas hackers target Russian agriculture sector ahead of industry forum
https://therecord.media/cloud-atlas-targets-russian-agriculture
More than 10 million impacted by breach of government contractor Conduent
https://therecord.media/millions-impacted-breach-conduent
Former Trenchant exec pleads guilty to selling cyber exploits to Russian broker
https://therecord.media/trenchant-exec-pleads-guilty-russia-secrets
Signal’s Post-Quantum Cryptographic Implementation
https://www.schneier.com/blog/archives/2025/10/signals-post-quantum-cryptographic-implementation.html
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
'Living off the land' allowed Russia-linked group to breach Ukrainian entities this summer
In two separate incidents this summer, hackers appearing to work from Russia used available assets to steal data from a large Ukrainian business services company and a local government agency, researchers say.
Top Security News for Today
The AI-Designed Bioweapon Arms Race
https://www.schneier.com/blog/archives/2025/10/the-ai-designed-bioweapon-arms-race.html
Zendesk's Anonymous Authentication exploited for Email Spam
https://www.reddit.com/r/netsec/comments/1ogc9o6/zendesks_anonymous_authentication_exploited_for/
Invasion of the Face Changers: Halloween Hijinks with Bluetooth LED Masks
https://bishopfox.com/blog/invasion-of-the-face-changers-halloween-hijinks-with-bluetooth-led-masks
What Security Teams Need to Know as PHP and IoT Exploits Surge
https://blog.qualys.com/vulnerabilities-threat-research/2025/10/30/what-security-teams-need-to-know-as-php-and-iot-exploits-surge
Business rival credits cyberattack on M&S for boosting profits
https://therecord.media/next-clothing-retailer-reports-profits-boosted-post-ms-cyberattack
How we found +2k vulns, 400+ secrets and 175 PII instances in publicly exposed apps built on vibe-coded platforms (Research methodology)
https://www.reddit.com/r/netsec/comments/1ok3ffd/how_we_found_2k_vulns_400_secrets_and_175_pii/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The AI-Designed Bioweapon Arms Race
https://www.schneier.com/blog/archives/2025/10/the-ai-designed-bioweapon-arms-race.html
Zendesk's Anonymous Authentication exploited for Email Spam
https://www.reddit.com/r/netsec/comments/1ogc9o6/zendesks_anonymous_authentication_exploited_for/
Invasion of the Face Changers: Halloween Hijinks with Bluetooth LED Masks
https://bishopfox.com/blog/invasion-of-the-face-changers-halloween-hijinks-with-bluetooth-led-masks
What Security Teams Need to Know as PHP and IoT Exploits Surge
https://blog.qualys.com/vulnerabilities-threat-research/2025/10/30/what-security-teams-need-to-know-as-php-and-iot-exploits-surge
Business rival credits cyberattack on M&S for boosting profits
https://therecord.media/next-clothing-retailer-reports-profits-boosted-post-ms-cyberattack
How we found +2k vulns, 400+ secrets and 175 PII instances in publicly exposed apps built on vibe-coded platforms (Research methodology)
https://www.reddit.com/r/netsec/comments/1ok3ffd/how_we_found_2k_vulns_400_secrets_and_175_pii/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
The AI-Designed Bioweapon Arms Race - Schneier on Security
Interesting article about the arms race between AI systems that invent/design new biological pathogens, and AI systems that detect them before they’re created: The team started with a basic test: use AI tools to design variants of the toxin ricin, then test…
Top Security News for Today
Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition
https://therecord.media/alleged-conti-ransomware-affiliate-extradited-ireland-tennessee
Three suspected developers of Meduza Stealer malware arrested in Russia
https://therecord.media/meduza-stealer-malware-suspected-developers-arrested-russia
Sling TV settles with California for allegedly violating state consumer privacy law
https://therecord.media/sling-tv-california-data-protection-settlement
CFPB ends probe into Meta’s financial data advertising practices
https://therecord.media/cfpb-meta-probe-advertising
Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide
https://therecord.media/chinese-hackers-scan-exploit-firewalls-government
FCC plans vote to remove cyber regulations installed after theft of Trump info from telecoms
https://therecord.media/fcc-plans-vote-rescind-biden-era-ruling-telecoms-cyber
Will AI Strengthen or Undermine Democracy?
https://www.schneier.com/blog/archives/2025/10/will_ai_strengthen_or_undermine_democracy.html
Evaluating Argon2 Adoption and Effectiveness in Real-World Software
https://arxiv.org/abs/2504.17121
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition
https://therecord.media/alleged-conti-ransomware-affiliate-extradited-ireland-tennessee
Three suspected developers of Meduza Stealer malware arrested in Russia
https://therecord.media/meduza-stealer-malware-suspected-developers-arrested-russia
Sling TV settles with California for allegedly violating state consumer privacy law
https://therecord.media/sling-tv-california-data-protection-settlement
CFPB ends probe into Meta’s financial data advertising practices
https://therecord.media/cfpb-meta-probe-advertising
Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide
https://therecord.media/chinese-hackers-scan-exploit-firewalls-government
FCC plans vote to remove cyber regulations installed after theft of Trump info from telecoms
https://therecord.media/fcc-plans-vote-rescind-biden-era-ruling-telecoms-cyber
Will AI Strengthen or Undermine Democracy?
https://www.schneier.com/blog/archives/2025/10/will_ai_strengthen_or_undermine_democracy.html
Evaluating Argon2 Adoption and Effectiveness in Real-World Software
https://arxiv.org/abs/2504.17121
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition
Ukrainian national Oleksii Oleksiyovych Lytvynenko faces charges in the U.S. related to his alleged involvement with the Conti cybercrime operation, which attacked hundreds of organizations globally before disbanding in 2022.
Top Security News for Today
EDR-Redir V2: Blind EDR With Fake "Program Files"
https://www.reddit.com/r/netsec/comments/1olkuwg/edrredir_v2_blind_edr_with_fake_program_files/
Open Source CVE Scanner for Project Dependencies
https://www.reddit.com/r/netsec/comments/1olpb18/open_source_cve_scanner_for_project_dependencies/
r/netsec Monthly Discussion & Tool Thread
https://www.reddit.com/r/netsec/comments/1olp81v/rnetsec_monthly_discussion_tool_thread/
Quantifying Swiss Cheese, the Bayesian Way
https://www.reddit.com/r/netsec/comments/1oluzam/quantifying_swiss_cheese_the_bayesian_way/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
EDR-Redir V2: Blind EDR With Fake "Program Files"
https://www.reddit.com/r/netsec/comments/1olkuwg/edrredir_v2_blind_edr_with_fake_program_files/
Open Source CVE Scanner for Project Dependencies
https://www.reddit.com/r/netsec/comments/1olpb18/open_source_cve_scanner_for_project_dependencies/
r/netsec Monthly Discussion & Tool Thread
https://www.reddit.com/r/netsec/comments/1olp81v/rnetsec_monthly_discussion_tool_thread/
Quantifying Swiss Cheese, the Bayesian Way
https://www.reddit.com/r/netsec/comments/1oluzam/quantifying_swiss_cheese_the_bayesian_way/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: EDR-Redir V2: Blind EDR With Fake "Program Files"
Explore this post and more from the netsec community
Top Security News for Today
MCP Scanner - Python MCP Scanner for Prompt-Injection and Insecure Agents
https://www.darknet.org.uk/2025/10/mcp-scanner-python-mcp-scanner-for-prompt-injection-and-insecure-agents/
Drawn to Danger: Windows Graphics Vulnerabilities Lead to Remote Code Execution and Memory Exposure
https://research.checkpoint.com/2025/drawn-to-danger-windows-graphics-vulnerabilities-lead-to-remote-code-execution-and-memory-exposure/
Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody
https://krebsonsecurity.com/2025/11/alleged-jabber-zeus-coder-mricq-in-u-s-custody/
Steal MS Teams app cookies
https://www.reddit.com/r/netsec/comments/1omuz9a/steal_ms_teams_app_cookies/
Quick writeup for what to check when you see Firebase in a pentest
https://www.reddit.com/r/netsec/comments/1on6yjx/quick_writeup_for_what_to_check_when_you_see/firebase_in_a_pentest/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
MCP Scanner - Python MCP Scanner for Prompt-Injection and Insecure Agents
https://www.darknet.org.uk/2025/10/mcp-scanner-python-mcp-scanner-for-prompt-injection-and-insecure-agents/
Drawn to Danger: Windows Graphics Vulnerabilities Lead to Remote Code Execution and Memory Exposure
https://research.checkpoint.com/2025/drawn-to-danger-windows-graphics-vulnerabilities-lead-to-remote-code-execution-and-memory-exposure/
Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody
https://krebsonsecurity.com/2025/11/alleged-jabber-zeus-coder-mricq-in-u-s-custody/
Steal MS Teams app cookies
https://www.reddit.com/r/netsec/comments/1omuz9a/steal_ms_teams_app_cookies/
Quick writeup for what to check when you see Firebase in a pentest
https://www.reddit.com/r/netsec/comments/1on6yjx/quick_writeup_for_what_to_check_when_you_see/firebase_in_a_pentest/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Darknet - Hacking Tools, Hacker News & Cyber Security
mcp-scanner - Python MCP Scanner for Prompt-Injection and Insecure Agents
mcp-scanner: Python tool to scan Model Context Protocol servers for prompt injection, jailbreaks, and insecure tool patterns.
Top Security News for Today
Hackers are attacking Britain’s drinking water suppliers
https://therecord.media/britain-water-supply-cybersecurity-incident-reports-dwi-nis
Beating XLoader at Speed: Generative AI as a Force Multiplier for Reverse Engineering
https://research.checkpoint.com/2025/generative-ai-for-reverse-engineering/
Japanese retailer Askul confirms data leak after cyberattack claimed by Russia-linked group
https://therecord.media/askul-confirms-data-breach-ransomware-incident
Inside an Automotive Giant’s Data Leak — A Cloud Misconfiguration Lesson for AWS Users
https://blog.qualys.com/product-tech/2025/11/03/inside-an-automotive-giants-data-leak-a-cloud-misconfiguration-lesson-for-aws-users
Data breach costs lead to 90% drop in operating profit at South Korean telecom giant
https://therecord.media/data-breach-costs-lead-to-profit-decline-south-korea-telecom
Cargo theft gets a boost from hackers using remote monitoring tools
https://therecord.media/cargo-theft-hackers-remote-monitoring-tools
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Hackers are attacking Britain’s drinking water suppliers
https://therecord.media/britain-water-supply-cybersecurity-incident-reports-dwi-nis
Beating XLoader at Speed: Generative AI as a Force Multiplier for Reverse Engineering
https://research.checkpoint.com/2025/generative-ai-for-reverse-engineering/
Japanese retailer Askul confirms data leak after cyberattack claimed by Russia-linked group
https://therecord.media/askul-confirms-data-breach-ransomware-incident
Inside an Automotive Giant’s Data Leak — A Cloud Misconfiguration Lesson for AWS Users
https://blog.qualys.com/product-tech/2025/11/03/inside-an-automotive-giants-data-leak-a-cloud-misconfiguration-lesson-for-aws-users
Data breach costs lead to 90% drop in operating profit at South Korean telecom giant
https://therecord.media/data-breach-costs-lead-to-profit-decline-south-korea-telecom
Cargo theft gets a boost from hackers using remote monitoring tools
https://therecord.media/cargo-theft-hackers-remote-monitoring-tools
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Hackers are attacking Britain’s drinking water suppliers
The U.K.'s water suppliers have reported five cyberattacks since January 2024, according to information reviewed by Recorded Future News. The incidents did not affect the safety of water supplies, but they highlight an increasing threat.
Top Security News for Today
Microsoft Teams: Impersonation and Spoofing Vulnerabilities Exposed
https://research.checkpoint.com/2025/microsoft-teams-impersonation-and-spoofing-vulnerabilities-exposed/
Cybercriminals Targeting Payroll Sites
https://www.schneier.com/blog/archives/2025/11/cybercriminals-targeting-payroll-sites.html
RondoDox v2: A 650% Expansion in Exploits
https://www.reddit.com/r/netsec/comments/1oo2qag/new_research_rondodox_v2_a_650_expansion_in/
GitLab Runner Research – PoC for Abusing Self-Hosted GitLab Runners
https://www.darknet.org.uk/2025/11/gitlab-runner-research-poc-for-abusing-self-hosted-gitlab-runners/
Health Privacy Bill Seeks Protections for Data Collected by Apps, Smartwatches
https://therecord.media/health-privacy-bill-seeks-protections-apps-smartwatches
9 Arrested in Europe in Operation Against Fake Platforms for Crypto Investments
https://therecord.media/9-arrested-europe-crypto-platform-takedown
Learn What Generative AI Can Do for Your Security Operations Center
https://www.microsoft.com/en-us/security/blog/2025/11/04/learn-what-generative-ai-can-do-for-your-security-operations-center-soc/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft Teams: Impersonation and Spoofing Vulnerabilities Exposed
https://research.checkpoint.com/2025/microsoft-teams-impersonation-and-spoofing-vulnerabilities-exposed/
Cybercriminals Targeting Payroll Sites
https://www.schneier.com/blog/archives/2025/11/cybercriminals-targeting-payroll-sites.html
RondoDox v2: A 650% Expansion in Exploits
https://www.reddit.com/r/netsec/comments/1oo2qag/new_research_rondodox_v2_a_650_expansion_in/
GitLab Runner Research – PoC for Abusing Self-Hosted GitLab Runners
https://www.darknet.org.uk/2025/11/gitlab-runner-research-poc-for-abusing-self-hosted-gitlab-runners/
Health Privacy Bill Seeks Protections for Data Collected by Apps, Smartwatches
https://therecord.media/health-privacy-bill-seeks-protections-apps-smartwatches
9 Arrested in Europe in Operation Against Fake Platforms for Crypto Investments
https://therecord.media/9-arrested-europe-crypto-platform-takedown
Learn What Generative AI Can Do for Your Security Operations Center
https://www.microsoft.com/en-us/security/blog/2025/11/04/learn-what-generative-ai-can-do-for-your-security-operations-center-soc/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Check Point Research
Exploiting Microsoft Teams: Impersonation and Spoofing Vulnerabilities Exposed Microsoft Teams Vulnerabilities Uncovered
By Andrey Charikov and Oded Vanunu Key Findings: Launched in March 2017, Microsoft Teams has become one of the most widely used communication and collaboration platforms in the world. As part of the Microsoft 365 family, Teams provides workplaces with chat…
Top Security News for Today
How an Attacker Drained $128M from Balancer Through Rounding Error Exploitation
https://research.checkpoint.com/2025/how-an-attacker-drained-128m-from-balancer-through-rounding-error-exploitation/
New malware uses AI to adapt during attacks, report finds
https://therecord.media/new-malware-uses-ai-to-adapt
Russia-linked 'Curly COMrades' turn to malicious virtual machines for digital spy campaigns
https://therecord.media/virtual-machines-cyber-espionage-russia-linked-curly-comrades
Japan’s Nikkei reports Slack breach exposing employee and partner records
https://therecord.media/japan-nikkei-slack-breach
Cyberattack ate up profits for first half of year, retailer M&S says
https://therecord.media/marks-spencer-profits-wiped-out-cyberattack
Scientists Need a Positive Vision for AI
https://www.schneier.com/blog/archives/2025/11/scientists-need-a-positive-vision-for-ai.html
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How an Attacker Drained $128M from Balancer Through Rounding Error Exploitation
https://research.checkpoint.com/2025/how-an-attacker-drained-128m-from-balancer-through-rounding-error-exploitation/
New malware uses AI to adapt during attacks, report finds
https://therecord.media/new-malware-uses-ai-to-adapt
Russia-linked 'Curly COMrades' turn to malicious virtual machines for digital spy campaigns
https://therecord.media/virtual-machines-cyber-espionage-russia-linked-curly-comrades
Japan’s Nikkei reports Slack breach exposing employee and partner records
https://therecord.media/japan-nikkei-slack-breach
Cyberattack ate up profits for first half of year, retailer M&S says
https://therecord.media/marks-spencer-profits-wiped-out-cyberattack
Scientists Need a Positive Vision for AI
https://www.schneier.com/blog/archives/2025/11/scientists-need-a-positive-vision-for-ai.html
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Check Point Research
How an Attacker Drained $128M from Balancer Through Rounding Error Exploitation - Check Point Research
By: Dikla Barda, Roaman Zaikin & Oded Vanunu On November 3, 2025, Check Point Research’s blockchain monitoring systems detected a sophisticated exploit targeting Balancer V2’s ComposableStablePool contracts. The attacker exploited arithmetic precision loss…
Top Security News for Today
I built Ashes CTI: a dual-mode (CLI + UI) Threat Intelligence platform for Windows
https://www.reddit.com/r/netsec/comments/1opw4a9/i_built_ashes_cti_a_dualmode_cli_ui_threat/
Russia’s Sandworm hackers deploying wipers against Ukraine’s grain industry
https://therecord.media/russia-sandworm-grain-wipers
Evading Elastic EDR's call stack signatures with call gadgets
https://www.reddit.com/r/netsec/comments/1opyr37/evading_elastic_edrs_call_stack_signatures_with/
LeakyInjector and LeakyStealer Duo Hunts For Crypto and Browser History
https://www.reddit.com/r/netsec/comments/1oq1ia4/leakyinjector_and_leakystealer_duo_hunts_for/
New IDC research highlights a major cloud security shift
https://www.microsoft.com/en-us/security/blog/2025/11/06/new-idc-research-highlights-a-major-cloud-security-shift/
Italian communications executive reveals he was targeted with Paragon spyware
https://therecord.media/italy-comms-exec-spyware
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
I built Ashes CTI: a dual-mode (CLI + UI) Threat Intelligence platform for Windows
https://www.reddit.com/r/netsec/comments/1opw4a9/i_built_ashes_cti_a_dualmode_cli_ui_threat/
Russia’s Sandworm hackers deploying wipers against Ukraine’s grain industry
https://therecord.media/russia-sandworm-grain-wipers
Evading Elastic EDR's call stack signatures with call gadgets
https://www.reddit.com/r/netsec/comments/1opyr37/evading_elastic_edrs_call_stack_signatures_with/
LeakyInjector and LeakyStealer Duo Hunts For Crypto and Browser History
https://www.reddit.com/r/netsec/comments/1oq1ia4/leakyinjector_and_leakystealer_duo_hunts_for/
New IDC research highlights a major cloud security shift
https://www.microsoft.com/en-us/security/blog/2025/11/06/new-idc-research-highlights-a-major-cloud-security-shift/
Italian communications executive reveals he was targeted with Paragon spyware
https://therecord.media/italy-comms-exec-spyware
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: I built Ashes CTI: a dual-mode (CLI + UI) Threat Intelligence platform for Windows
Explore this post and more from the netsec community
Top Security News for Today
Whisper Leak: A novel side-channel attack on remote language models
https://www.microsoft.com/en-us/security/blog/2025/11/07/whisper-leak-a-novel-side-channel-cyberattack-on-remote-language-models/
The DragonForce Cartel: Scattered Spider at the gate
https://www.reddit.com/r/netsec/comments/1oqr275/the_dragonforce_cartel_scattered_spider_at_the/
Faking Receipts with AI
https://www.schneier.com/blog/archives/2025/11/faking-receipts-with-ai.html
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1oquo6r/whats_that_coming_over_the_hill_monsta_ftp_remote/
Free test for Post-Quantum Cryptography TLS
https://www.reddit.com/r/netsec/comments/1oqsojn/free_test_for_postquantum_cryptography_tls/
New 'Landfall' spyware exploited a Samsung 0-day delivered through WhatsApp messages
https://therecord.media/landfall-spyware-middle-east-appears-commercial-grade
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Whisper Leak: A novel side-channel attack on remote language models
https://www.microsoft.com/en-us/security/blog/2025/11/07/whisper-leak-a-novel-side-channel-cyberattack-on-remote-language-models/
The DragonForce Cartel: Scattered Spider at the gate
https://www.reddit.com/r/netsec/comments/1oqr275/the_dragonforce_cartel_scattered_spider_at_the/
Faking Receipts with AI
https://www.schneier.com/blog/archives/2025/11/faking-receipts-with-ai.html
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1oquo6r/whats_that_coming_over_the_hill_monsta_ftp_remote/
Free test for Post-Quantum Cryptography TLS
https://www.reddit.com/r/netsec/comments/1oqsojn/free_test_for_postquantum_cryptography_tls/
New 'Landfall' spyware exploited a Samsung 0-day delivered through WhatsApp messages
https://therecord.media/landfall-spyware-middle-east-appears-commercial-grade
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft News
Whisper Leak: A novel side-channel attack on remote language models
Understand the risks of encrypted AI traffic exposure and explore practical steps users and cloud providers can take to stay secure. Learn more.
Top Security News for Today
彼岸花
https://www.reddit.com/r/lowlevel/comments/1orkgpg/彼岸花/
Scanners-Box – Open-Source Reconnaissance and Scanning Toolkit
https://www.darknet.org.uk/2025/11/scanners-box-open-source-reconnaissance-and-scanning-toolkit/
New 'Landfall' spyware exploited a Samsung 0-day delivered through WhatsApp messages
https://www.reddit.com/r/netsec/comments/1or81fv/new_landfall_spyware_exploited_a_samsung_0day/
Free IOC tool
https://www.reddit.com/r/netsec/comments/1or42i7/free_ioc_tool/
Arbitrary App Installation on Intune Managed Android Enterprise BYOD in Work Profile
https://www.reddit.com/r/netsec/comments/1orq1ym/arbitrary_app_installation_on_intune_managed/
Implementing the Etherhiding technique
https://www.reddit.com/r/netsec/comments/1orqn0f/implementing_the_etherhiding_technique/
How much latency does a Throwing Star LAN Tap add to packet capture? (practical numbers appreciated)
https://www.reddit.com/r/netsec/comments/1os0u8d/how_much_latency_does_a_throwing_star_lan_tap_add/
[Update] VulScan-MCP: Now shows detailed CVE denoscriptions, severity, and mitigation steps
https://www.reddit.com/r/netsec/comments/1osarf3/update_vulscanmcp_now_shows_detailed_cve/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
彼岸花
https://www.reddit.com/r/lowlevel/comments/1orkgpg/彼岸花/
Scanners-Box – Open-Source Reconnaissance and Scanning Toolkit
https://www.darknet.org.uk/2025/11/scanners-box-open-source-reconnaissance-and-scanning-toolkit/
New 'Landfall' spyware exploited a Samsung 0-day delivered through WhatsApp messages
https://www.reddit.com/r/netsec/comments/1or81fv/new_landfall_spyware_exploited_a_samsung_0day/
Free IOC tool
https://www.reddit.com/r/netsec/comments/1or42i7/free_ioc_tool/
Arbitrary App Installation on Intune Managed Android Enterprise BYOD in Work Profile
https://www.reddit.com/r/netsec/comments/1orq1ym/arbitrary_app_installation_on_intune_managed/
Implementing the Etherhiding technique
https://www.reddit.com/r/netsec/comments/1orqn0f/implementing_the_etherhiding_technique/
How much latency does a Throwing Star LAN Tap add to packet capture? (practical numbers appreciated)
https://www.reddit.com/r/netsec/comments/1os0u8d/how_much_latency_does_a_throwing_star_lan_tap_add/
[Update] VulScan-MCP: Now shows detailed CVE denoscriptions, severity, and mitigation steps
https://www.reddit.com/r/netsec/comments/1osarf3/update_vulscanmcp_now_shows_detailed_cve/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the lowlevel community on Reddit: [ Removed by moderator ]
Posted by eapflimym - 0 votes and 0 comments
Top Security News for Today
Drilling Down on Uncle Sam’s Proposed TP-Link Ban
https://krebsonsecurity.com/2025/11/drilling-down-on-uncle-sams-proposed-tp-link-ban/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Drilling Down on Uncle Sam’s Proposed TP-Link Ban
https://krebsonsecurity.com/2025/11/drilling-down-on-uncle-sams-proposed-tp-link-ban/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Krebs on Security
Drilling Down on Uncle Sam’s Proposed TP-Link Ban
The U.S. government is reportedly preparing to ban the sale of wireless routers and other networking gear from TP-Link Systems, a tech company that currently enjoys an estimated 50% market share among home users and small businesses. Experts say while…
Top Security News for Today
Efficient Deployment of CNN Models on Multiple In-Memory Computing Units
https://arxiv.org/abs/2502.03503
AI-Powered Citation Auditing: A Zero-Assumption Protocol for Systematic Reference Verification in Academic Research
https://arxiv.org/abs/2511.04682
RAS: A Bit-Exact rANS Accelerator For High-Performance Neural Lossless Compression
https://arxiv.org/abs/2511.04683
A hybrid solution approach for the Integrated Healthcare Timetabling Competition 2024
https://arxiv.org/abs/2511.04684
Stateful KV Cache Management for LLMs: Balancing Space, Time, Accuracy, and Positional Fidelity
https://arxiv.org/abs/2511.04685
New Attacks Against Secure Enclaves
https://www.schneier.com/blog/archives/2025/11/new-attacks-against-secure-enclaves.html
One Simple Mistake, Thousands at Risk - How Common Misconfigurations Could Lead to Massive Data Exposure
https://www.reddit.com/r/netsec/comments/1otba0s/one_simple_mistake_thousands_at_risk_how_common/
10th November – Threat Intelligence Report
https://research.checkpoint.com/2025/10th-november-threat-intelligence-report/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Efficient Deployment of CNN Models on Multiple In-Memory Computing Units
https://arxiv.org/abs/2502.03503
AI-Powered Citation Auditing: A Zero-Assumption Protocol for Systematic Reference Verification in Academic Research
https://arxiv.org/abs/2511.04682
RAS: A Bit-Exact rANS Accelerator For High-Performance Neural Lossless Compression
https://arxiv.org/abs/2511.04683
A hybrid solution approach for the Integrated Healthcare Timetabling Competition 2024
https://arxiv.org/abs/2511.04684
Stateful KV Cache Management for LLMs: Balancing Space, Time, Accuracy, and Positional Fidelity
https://arxiv.org/abs/2511.04685
New Attacks Against Secure Enclaves
https://www.schneier.com/blog/archives/2025/11/new-attacks-against-secure-enclaves.html
One Simple Mistake, Thousands at Risk - How Common Misconfigurations Could Lead to Massive Data Exposure
https://www.reddit.com/r/netsec/comments/1otba0s/one_simple_mistake_thousands_at_risk_how_common/
10th November – Threat Intelligence Report
https://research.checkpoint.com/2025/10th-november-threat-intelligence-report/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
Analyzing limits for in-context learning
Our paper challenges claims from prior research that transformer-based models, when learning in context, implicitly implement standard learning algorithms. We present empirical evidence...
Top Security News for Today
Customized Retrieval-Augmented Generation with LLM for Debiasing Recommendation Unlearning
https://reporter.deepspecter.com/your-article-link-1
GreyShot: Zeroshot and Privacy-preserving Recommender System by GM(1,1) Model
https://arxiv.org/abs/2511.05494
IMDMR: An Intelligent Multi-Dimensional Memory Retrieval System for Enhanced Conversational AI
https://arxiv.org/abs/2511.05493
DOCUEVAL: An LLM-based AI Engineering Tool for Building Customisable Document Evaluation Workflows
https://arxiv.org/abs/2511.05495
Socially Aware Music Recommendation: A Multi-Modal Graph Neural Networks for Collaborative Music Consumption and Community-Based Engagement
https://arxiv.org/abs/2511.05496
Prompt Injection in AI Browsers
https://www.schneier.com/blog/archives/2025/11/prompt-injection-in-ai-browsers.html
Reconnoitre – Open-Source Reconnaissance and Service Enumeration Tool
https://www.darknet.org.uk/2025/11/reconnoitre-open-source-reconnaissance-and-service-enumeration-tool/
Microsoft Patch Tuesday, November 2025 Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/11/11/microsoft-patch-tuesday-november-2025-security-update-review
From Data Loss Prevention (DLP) to Modern Data Security
https://www.trendmicro.com/en_us/research/25/k/dlp-to-modern-data-security.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/11-11-2025
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Customized Retrieval-Augmented Generation with LLM for Debiasing Recommendation Unlearning
https://reporter.deepspecter.com/your-article-link-1
GreyShot: Zeroshot and Privacy-preserving Recommender System by GM(1,1) Model
https://arxiv.org/abs/2511.05494
IMDMR: An Intelligent Multi-Dimensional Memory Retrieval System for Enhanced Conversational AI
https://arxiv.org/abs/2511.05493
DOCUEVAL: An LLM-based AI Engineering Tool for Building Customisable Document Evaluation Workflows
https://arxiv.org/abs/2511.05495
Socially Aware Music Recommendation: A Multi-Modal Graph Neural Networks for Collaborative Music Consumption and Community-Based Engagement
https://arxiv.org/abs/2511.05496
Prompt Injection in AI Browsers
https://www.schneier.com/blog/archives/2025/11/prompt-injection-in-ai-browsers.html
Reconnoitre – Open-Source Reconnaissance and Service Enumeration Tool
https://www.darknet.org.uk/2025/11/reconnoitre-open-source-reconnaissance-and-service-enumeration-tool/
Microsoft Patch Tuesday, November 2025 Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/11/11/microsoft-patch-tuesday-november-2025-security-update-review
From Data Loss Prevention (DLP) to Modern Data Security
https://www.trendmicro.com/en_us/research/25/k/dlp-to-modern-data-security.html
NEW 'Off The Wall' ONLINE
https://www.2600.com/wall/11-11-2025
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
NHS patients to finally be informed if hackers published their STI and cancer test data
https://therecord.media/synnovis-healthcare-data-breach-notification-uk-patients
German extremist arrested over operating alleged darknet assassination marketplace
https://therecord.media/german-extremist-arrested-darknet-assassination-market
Google files lawsuit to disrupt massive ‘Lighthouse’ smishing scheme
https://therecord.media/google-files-lawsuit-to-disrupt-lighthouse-scam
Data broker Kochava agrees to change business practices to settle lawsuit
https://therecord.media/data-broker-kochava-business-change
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1ov4lab/is_it_citrixbleed4_well_no_is_it_good_also_no/
‘Advanced’ hacker seen exploiting Cisco, Citrix zero-days
https://therecord.media/advanced-hacker-exploiting-cisco-citrix-zero-days-amazon
British government unveils long-awaited landmark cybersecurity bill
https://therecord.media/british-gov-cybersecurity-law
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
NHS patients to finally be informed if hackers published their STI and cancer test data
https://therecord.media/synnovis-healthcare-data-breach-notification-uk-patients
German extremist arrested over operating alleged darknet assassination marketplace
https://therecord.media/german-extremist-arrested-darknet-assassination-market
Google files lawsuit to disrupt massive ‘Lighthouse’ smishing scheme
https://therecord.media/google-files-lawsuit-to-disrupt-lighthouse-scam
Data broker Kochava agrees to change business practices to settle lawsuit
https://therecord.media/data-broker-kochava-business-change
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1ov4lab/is_it_citrixbleed4_well_no_is_it_good_also_no/
‘Advanced’ hacker seen exploiting Cisco, Citrix zero-days
https://therecord.media/advanced-hacker-exploiting-cisco-citrix-zero-days-amazon
British government unveils long-awaited landmark cybersecurity bill
https://therecord.media/british-gov-cybersecurity-law
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
NHS patients to finally be informed if hackers published their STI and cancer test data
U.K. pathology services company Synnovis says it has begun notifying individuals if their sensitive healthcare data was posted online by a ransomware gang, 17 months after the incident.
Top Security News for Today
Operation Endgame: Police reveal takedowns of three key cybercrime tools
https://therecord.media/operation-endgame-cybercrime-takedowns-rhadamanthys-venomrat-elysium
The State of Ransomware – Q3 2025
https://research.checkpoint.com/2025/the-state-of-ransomware-q3-2025/
Google Sues to Disrupt Chinese SMS Phishing Triad
https://krebsonsecurity.com/2025/11/google-sues-to-disrupt-chinese-sms-phishing-triad/
Phishing campaign targets customers of major Italian web hosting provider
https://therecord.media/phishing-campaign-targets-italian-web-hosting-customers
Kazakhstan becomes latest country to ban 'LGBT propaganda' online
https://therecord.media/kazakhstan-legislation-ban-lgbtq-content-online-media
Drawbot: Let’s Hack Something Cute! — Atredis Partners
https://www.reddit.com/r/netsec/comments/1ow9xsv/drawbot_lets_hack_something_cute_atredis_partners/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Operation Endgame: Police reveal takedowns of three key cybercrime tools
https://therecord.media/operation-endgame-cybercrime-takedowns-rhadamanthys-venomrat-elysium
The State of Ransomware – Q3 2025
https://research.checkpoint.com/2025/the-state-of-ransomware-q3-2025/
Google Sues to Disrupt Chinese SMS Phishing Triad
https://krebsonsecurity.com/2025/11/google-sues-to-disrupt-chinese-sms-phishing-triad/
Phishing campaign targets customers of major Italian web hosting provider
https://therecord.media/phishing-campaign-targets-italian-web-hosting-customers
Kazakhstan becomes latest country to ban 'LGBT propaganda' online
https://therecord.media/kazakhstan-legislation-ban-lgbtq-content-online-media
Drawbot: Let’s Hack Something Cute! — Atredis Partners
https://www.reddit.com/r/netsec/comments/1ow9xsv/drawbot_lets_hack_something_cute_atredis_partners/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Operation Endgame: Police reveal takedowns of three key cybercrime tools
The Rhadamanthys infostealer, the VenomRAT remote access trojan and the Elysium botnet were targeted in the latest phase of the international police action known as Operation Endgame.