Follow on Google News
CareCloud says hackers accessed one EHR environment and may have exposed patient data
CareCloud has disclosed a cybersecurity incident that gave an unauthorized actor access to one of its electronic health record environments, raising the possibility that patient…
ChatGPT flaw allowed silent data exfiltration from chats, uploads, and code analysis sessions
A now-patched ChatGPT vulnerability allowed attackers to quietly extract sensitive user data by abusing a hidden outbound channel inside the platform’s code execution runtime. Check…
EvilTokens turns Microsoft’s device code flow into a phishing tool for account takeover
A new phishing-as-a-service platform called EvilTokens is helping cybercriminals hijack Microsoft 365 accounts by abusing Microsoft’s legitimate device code authentication flow. Sekoia says the kit…
Smart Slider 3 flaw puts 800,000-plus WordPress sites at risk of sensitive file exposure
A newly disclosed vulnerability in the WordPress plugin Smart Slider 3 could let low-privilege authenticated users read sensitive files from the server, including wp-config.php in…
Anthropic’s Claude Code source code was exposed through an npm packaging mistake
Anthropic accidentally exposed a large portion of the source code behind its Claude Code CLI after a public npm package shipped with a source map…
Hackers use Telegram-based ResokerRAT to spy on Windows PCs and keep access after reboot
A newly analyzed Windows remote access trojan called ResokerRAT uses Telegram’s Bot API as its control channel instead of a traditional command-and-control server. That gives…
Google Drive ransomware detection and bulk file restoration are now generally available
Google has moved its ransomware detection and file restoration features for Google Drive out of beta and into general availability. The tools are designed to…
Ransomware gangs are turning trusted Windows tools into antivirus killers before encryption starts
Modern ransomware attacks often begin long before files get encrypted. Researchers say many operators now abuse legitimate Windows utilities and low-level tools to disable antivirus…
Google now lets some users change their @gmail.com address without creating a new account
Google has finally made it possible for eligible users to change the main @gmail.com address tied to their existing Google Account. That means people who…
Mercor confirms cyberattack tied to LiteLLM compromise as Lapsus$ claims it stole company data
Mercor has confirmed a security incident, but some of the biggest claims circulating online still need careful framing. The AI recruiting startup told TechCrunch it…
November 21, 2025
1 comment 
