π¨ GootLoader is back β and smarter.
Huntress found 3 new cases since Oct 27. In 2 of them, attackers took full control in under 17 hours.
Now it hides fake PDFs using special web fonts so the files look safe. ZIPs fool scanners but open real malware on Windows.
Details β https://thehackernews.com/2025/11/gootloader-is-back-using-new-font-trick.html
Huntress found 3 new cases since Oct 27. In 2 of them, attackers took full control in under 17 hours.
Now it hides fake PDFs using special web fonts so the files look safe. ZIPs fool scanners but open real malware on Windows.
Details β https://thehackernews.com/2025/11/gootloader-is-back-using-new-font-trick.html
π8π₯3π3
A new malware called Maverick is spreading through WhatsApp Web.
It can copy your Chrome data to skip QR logins, turn off Defender, and message your contacts from your account.
Full story β https://thehackernews.com/2025/11/whatsapp-malware-maverick-hijacks.html
It can copy your Chrome data to skip QR logins, turn off Defender, and message your contacts from your account.
Full story β https://thehackernews.com/2025/11/whatsapp-malware-maverick-hijacks.html
π±16π₯6π4π4
This media is not supported in your browser
VIEW IN TELEGRAM
π₯ Google just launched Private AI Compute β a new cloud system that runs AI without letting Google see your data.
It keeps Gemini models inside secure, encrypted hardware to protect privacy.
Auditors did find small flaws that could, in rare cases, expose users β but Google says fixes are on the way.
Read more β https://thehackernews.com/2025/11/google-launches-private-ai-compute.html
It keeps Gemini models inside secure, encrypted hardware to protect privacy.
Auditors did find small flaws that could, in rare cases, expose users β but Google says fixes are on the way.
Read more β https://thehackernews.com/2025/11/google-launches-private-ai-compute.html
π₯12π€7π2π±2π1
π€ 82% of companies use AI agents.
π 53% let them access sensitive data every day.
β οΈ Most donβt know who owns or controls them.
One forgotten agent can leak everything.
How to stop it β https://thehackernews.com/expert-insights/2025/11/governing-ai-agents-from-enterprise.html
π 53% let them access sensitive data every day.
β οΈ Most donβt know who owns or controls them.
One forgotten agent can leak everything.
How to stop it β https://thehackernews.com/expert-insights/2025/11/governing-ai-agents-from-enterprise.html
π10π₯4π2
π¨ Microsoft just fixed a Windows flaw hackers are already exploiting in the wild.
The kernel bug (CVE-2025-62215) lets anyone with local access gain full control β and itβs being linked with other attacks for complete takeover.
Install the latest patches now β https://thehackernews.com/2025/11/microsoft-fixes-63-security-flaws.html
The kernel bug (CVE-2025-62215) lets anyone with local access gain full control β and itβs being linked with other attacks for complete takeover.
Install the latest patches now β https://thehackernews.com/2025/11/microsoft-fixes-63-security-flaws.html
π16π₯2
Scale Container Security with Confidence β Live Webinar
Learn how top teams build secure, compliant containers that scale β without slowing delivery.
π Nov 25 | 11 AM EST
ποΈ 20-Minute Session + Q&A
Save Your Seat π https://thn.news/webinar-insights
Learn how top teams build secure, compliant containers that scale β without slowing delivery.
π Nov 25 | 11 AM EST
ποΈ 20-Minute Session + Q&A
Save Your Seat π https://thn.news/webinar-insights
π9
Active Directory is the single point of failure for most enterprises.
One bad password or missed update can give attackers full control. They know it. Most teams donβt act on it.
See what the latest breach exposed β https://thehackernews.com/2025/11/active-directory-under-siege-why.html
One bad password or missed update can give attackers full control. They know it. Most teams donβt act on it.
See what the latest breach exposed β https://thehackernews.com/2025/11/active-directory-under-siege-why.html
π₯9π2π2π€―1
β‘ Hackers only need one open door. Most tools find it after theyβre inside.
Dynamic Attack Surface Reduction (DASR) spots weak points as they appearβand closes them fast. Fewer alerts. Stronger defense.
Join this WEBINAR to see how it works β https://thehackernews.com/2025/11/webinar-learn-how-leading-security.html
Dynamic Attack Surface Reduction (DASR) spots weak points as they appearβand closes them fast. Fewer alerts. Stronger defense.
Join this WEBINAR to see how it works β https://thehackernews.com/2025/11/webinar-learn-how-leading-security.html
π€―5β‘2π2π2
π¨ Amazon revealed details of attacks exploiting two recent flaws in Cisco ISE and Citrix NetScaler β both used as zero-days.
Hackers made a fake Cisco file that hid in memory, watched traffic, and stole access without being seen.
Full story β https://thehackernews.com/2025/11/amazon-uncovers-attacks-exploited-cisco.html
Hackers made a fake Cisco file that hid in memory, watched traffic, and stole access without being seen.
Full story β https://thehackernews.com/2025/11/amazon-uncovers-attacks-exploited-cisco.html
π₯7π4π1
π» Google sued a Chinese hacker group that runs a phishing service called Lighthouse.
It tricked over 1 million people in 120 countries and made more than $1 billion using fake Google and USPS pages.
They sold the phishing kits β $88 a week to $1,588 a year.
Read more β https://thehackernews.com/2025/11/google-sues-china-based-hackers-behind.html
It tricked over 1 million people in 120 countries and made more than $1 billion using fake Google and USPS pages.
They sold the phishing kits β $88 a week to $1,588 a year.
Read more β https://thehackernews.com/2025/11/google-sues-china-based-hackers-behind.html
π24π±6π2β‘1π1
π¨ Over 43,000 fake npm packages have flooded the registry since 2024.
They donβt steal data β they just keep cloning themselves. A hidden script waits until someone runs node auto.js, then the cycle starts.
It went unnoticed for almost two years.
Read more β https://thehackernews.com/2025/11/over-46000-fake-npm-packages-flood.html
They donβt steal data β they just keep cloning themselves. A hidden script waits until someone runs node auto.js, then the cycle starts.
It went unnoticed for almost two years.
Read more β https://thehackernews.com/2025/11/over-46000-fake-npm-packages-flood.html
π5π±2
π¨ CISA says hackers are exploiting a serious WatchGuard firewall flaw (CVE-2025-9242, score 9.3).
Attackers can run code without logging in.
Over 54,000 Firebox devices are still exposed. Patch before Dec 3.
Details β https://thehackernews.com/2025/11/cisa-flags-critical-watchguard-fireware.html
Attackers can run code without logging in.
Over 54,000 Firebox devices are still exposed. Patch before Dec 3.
Details β https://thehackernews.com/2025/11/cisa-flags-critical-watchguard-fireware.html
π±5π₯3π1
π¨ New ThreatsDay Bulletin is out!
From AI bug bounties and data leaks to phishing kits and global cyber laws β hereβs whatβs shaping the week in cybersecurity.
π Read the full update: https://thehackernews.com/2025/11/threatsday-bulletin-cisco-0-days-ai-bug.html
From AI bug bounties and data leaks to phishing kits and global cyber laws β hereβs whatβs shaping the week in cybersecurity.
π Read the full update: https://thehackernews.com/2025/11/threatsday-bulletin-cisco-0-days-ai-bug.html
π1