Google just launched a new form to report extortion scams on Google Maps.
Scammers are posting fake 1⭐ reviews, then asking business owners to pay up to remove them.
This new tool is meant to stop the surge in “review bombing” hitting small businesses.
Read how it works ↓ https://thehackernews.com/2025/11/google-launches-new-maps-feature-to.html
Scammers are posting fake 1⭐ reviews, then asking business owners to pay up to remove them.
This new tool is meant to stop the surge in “review bombing” hitting small businesses.
Read how it works ↓ https://thehackernews.com/2025/11/google-launches-new-maps-feature-to.html
🤔11😁6🔥5👏2
Your company's logins could be on the dark web right now, and they could sell for as little as $15.
It only takes one click for hackers to walk right in.
Find out if your company’s credentials are exposed → https://thehackernews.com/2025/11/enterprise-credentials-at-risk-same-old.html
It only takes one click for hackers to walk right in.
Find out if your company’s credentials are exposed → https://thehackernews.com/2025/11/enterprise-credentials-at-risk-same-old.html
🤯5😁4
🚨 WARNING: Malicious NuGet packages were caught hiding delayed payloads—set to fire off years from now, in 2027–2028.
They look harmless. Some even helpful. But one, Sharp7Extend, quietly sabotages PLCs—crashing processes or corrupting writes after a short delay.
Nearly 10K downloads before anyone noticed.
Here’s what’s really going on ↓ https://thehackernews.com/2025/11/hidden-logic-bombs-in-malware-laced.html
They look harmless. Some even helpful. But one, Sharp7Extend, quietly sabotages PLCs—crashing processes or corrupting writes after a short delay.
Nearly 10K downloads before anyone noticed.
Here’s what’s really going on ↓ https://thehackernews.com/2025/11/hidden-logic-bombs-in-malware-laced.html
🔥12👏5👍4
Chinese hackers used old bugs like Log4j and Struts to break into U.S. policy networks.
Then they hid using msbuild.exe and a fake system task to stay inside.
Old tricks. New targets.
Read the details ↓ https://thehackernews.com/2025/11/from-log4j-to-iis-chinas-hackers-turn.html
Then they hid using msbuild.exe and a fake system task to stay inside.
Old tricks. New targets.
Read the details ↓ https://thehackernews.com/2025/11/from-log4j-to-iis-chinas-hackers-turn.html
👏3🤔2
A single image file could hijack Galaxy phones.
Attackers hid a ZIP inside DNG photos sent over WhatsApp, exploiting a zero-day in Samsung’s image codec (CVE-2025-21042).
The implant — called LANDFALL — gave full spyware access.
Full report → https://thehackernews.com/2025/11/samsung-zero-click-flaw-exploited-to.html
Attackers hid a ZIP inside DNG photos sent over WhatsApp, exploiting a zero-day in Samsung’s image codec (CVE-2025-21042).
The implant — called LANDFALL — gave full spyware access.
Full report → https://thehackernews.com/2025/11/samsung-zero-click-flaw-exploited-to.html
🔥6😁2
Attackers are now using your cloud tools against you.
Fortinet uncovered a new campaign where stolen AWS credentials were used to run quiet recon and launch fraud from inside trusted environments.
No malware. No noise. Just normal-looking API traffic doing damage.
Read this story → https://thehackernews.com/2025/11/threatsday-bulletin-ai-tools-in-malware.html#researchers-uncover-large-scale-aws-abuse-network
Fortinet uncovered a new campaign where stolen AWS credentials were used to run quiet recon and launch fraud from inside trusted environments.
No malware. No noise. Just normal-looking API traffic doing damage.
Read this story → https://thehackernews.com/2025/11/threatsday-bulletin-ai-tools-in-malware.html#researchers-uncover-large-scale-aws-abuse-network
🔥8😁1