Follow on Google News
Pavel Durov attacks WhatsApp’s encryption claims, but his broadest charge goes too far
Telegram founder Pavel Durov has accused WhatsApp of running a “giant consumer fraud,” arguing that many users wrongly assume all their WhatsApp data stays protected…
Critical WordPress plugin flaw lets attackers create admin accounts on vulnerable sites
A critical flaw in the User Registration & Membership plugin for WordPress can let unauthenticated attackers gain administrator-level access on affected sites. The bug, tracked…
Microsoft confirms recent Windows 11 hotpatch updates can break Reset this PC
Microsoft has confirmed that some recent Windows 11 hotpatch updates can cause Push Button Reset, also known as Reset this PC, to fail on affected…
Elon Musk says XChat brings disappearing messages, but key security questions remain
Elon Musk says XChat is rolling out as a major upgrade to messaging on X, with encryption, disappearing messages, file sharing, and audio and video…
Adobe patches Acrobat and Reader zero-day exploited in the wild
Adobe has released an emergency security update for Acrobat and Acrobat Reader after confirming active exploitation of CVE-2026-34621. The flaw can lead to arbitrary code…
Basic-Fit says data breach exposed data of about 1 million members across Europe
Basic-Fit has confirmed a major data breach that exposed personal data tied to around 1 million members, including about 200,000 in the Netherlands. Reuters, citing…
APT37 uses Facebook, Telegram, and a trojanized PDF installer in a new targeted intrusion campaign
North Korea-linked threat group APT37 has launched a new targeted intrusion campaign that starts on Facebook, shifts to Telegram, and ends with a trojanized PDF…
VIPERTUNNEL hides in a fake DLL and turns Python into a stealthy SOCKS5 backdoor
A newly detailed malware campaign shows how attackers can turn a normal Python runtime into a quiet persistence and tunneling tool on Windows. InfoGuard Labs…
Iran-linked CyberAv3ngers targets water utilities and industrial controllers across the US
Iranian-affiliated cyber actors tied to CyberAv3ngers are actively targeting internet-exposed programmable logic controllers across U.S. critical infrastructure, including water, wastewater, energy, food and beverage, and…
Apache Tomcat fixes EncryptInterceptor bypass and related security flaws
Apache Tomcat users need to patch again if they updated last month for the EncryptInterceptor issue. Apache has now disclosed that the earlier fix for…
November 21, 2025
1 comment 
