🚨 Hackers made 4,300+ fake hotel websites copying Booking[.]com, Airbnb, and Expedia.

Each fake page looks real, changes based on your booking link, and steals your card details.

See how this massive travel scam works ↓ https://thehackernews.com/2025/11/russian-hackers-create-4300-fake-travel.html

⚠️ Hackers are actively exploiting a Fortinet FortiWeb bug that lets them skip login and make admin accounts.

Fortinet quietly fixed it in v8.0.2 — no CVE, no warning.

If you haven’t patched yet, your device might already be hit.

Learn more here ↓ https://thehackernews.com/2025/11/fortinet-fortiweb-flaw-actively.html

🚨 Securing one browser isn’t enough.

Malicious extensions now move between Chrome, Edge, and AI browsers like Atlas and Comet. AI helps them learn and adapt fast.

See how cross-browser attacks really work ↓ https://thehackernews.com/expert-insights/2025/11/beyond-chrome-risks-of-malicious.html

China’s hackers used Anthropic’s AI to run cyber attacks — almost fully on its own.

They turned Claude into a self-running hacking tool that hit tech, finance, and government targets.

AI did about 90% of the work by itself.

Learn more ↓ https://thehackernews.com/2025/11/chinese-hackers-use-anthropics-ai-to.html

Ransomware is breaking records again.

In Q3 2025, researchers found 85 active ransomware groups — more than ever before. Police took some down, but 14 new ones popped up right after.

Now LockBit 5.0 is back, and it could pull them all together again.

Read the full report → https://thehackernews.com/2025/11/ransomwares-fragmentation-reaches.html

🛑 Iran’s APT42 hackers are now targeting defense officials and their families.

They send fake WhatsApp invites that install a PowerShell backdoor called TAMECAT using Cloudflare, Discord, and Telegram.

It’s active and still spreading.

Details here ↓ https://thehackernews.com/2025/11/iranian-hackers-launch-spearspecter-spy.html

🕵️‍♂️ How many AI assets are running in your organization right now?

If you can’t answer that, you’re not alone.

From hidden models in Jupyter notebooks to AI-powered features buried in SaaS tools, AI is spreading faster than most teams can track.

Join this live webinar to learn:

- How to discover and catalog AI assets you didn’t know existed
- Why AI inventory is the foundation for effective AI security and governance

👉 https://thn.news/building-ai-inventory

🚨 Major AI engines from Meta, Nvidia, Microsoft, and PyTorch were hit by the same critical bug.

It lets attackers run code on remote systems — all because of a reused unsafe pattern in ZeroMQ and Python pickle.

Some systems are still not fixed.

Read the full story ↓ https://thehackernews.com/2025/11/researchers-find-serious-ai-bugs.html

🚨 North Korean hackers have a new trick.

They’re hiding malware inside fake API keys on GitHub — using JSON Keeper and other legit tools to stay invisible.

The attack installs “BeaverTail” to steal data and drop a Python backdoor.

See how it works ↓ https://thehackernews.com/2025/11/north-korean-hackers-turn-json-services.html

🔔 Update: Fortinet has assigned CVE-2025-64446 (CVSS 9.1) — a path traversal flaw letting attackers run admin commands via crafted HTTP/S requests.

CISA added it to KEV — deadline: Nov 21.

Exploited in the wild.

Patch now ⤵️ https://thehackernews.com/2025/11/fortinet-fortiweb-flaw-actively.html

The U.S. just uncovered how North Korea used fake “remote IT jobs” to sneak millions past sanctions.

👤 5 Americans pleaded guilty
🏢 136 U.S. companies hit
💰 $2.2M sent to North Korea

Read the details ↓ https://thehackernews.com/2025/11/five-us-citizens-plead-guilty-to.html

🚨 A new botnet called RondoDox is attacking unpatched XWiki servers through a critical bug (CVE-2025-24893, score 9.8).

Hackers are using it to spread crypto miners and DDoS tools.

Learn more ↓ https://thehackernews.com/2025/11/rondodox-exploits-unpatched-xwiki.html