Follow on Google News
Windows 11 emergency update KB5086672 fixes the install loop caused by KB5079391
Microsoft has released an out-of-band Windows 11 update, KB5086672, to fix installation failures caused by the March 26 preview update KB5079391. The company published the…
ShinyHunters claims Cisco breach with Salesforce, GitHub, and AWS data, but key details remain unverified
ShinyHunters has allegedly listed Cisco on its leak site and claims it stole more than 3 million Salesforce records along with GitHub repositories and AWS-related…
Hackers hijack hotel booking workflows to send fake payment requests to real guests
A growing fraud campaign is targeting hotel guests by abusing trusted reservation workflows instead of relying on generic phishing alone. Researchers at Gen call it…
CrystalX malware spreads through Telegram with RAT, stealer, and prankware features
CrystalX is a newly documented malware-as-a-service platform that researchers say threat actors promoted through private Telegram channels starting in early 2026. Kaspersky’s Securelist team says…
EtherRAT uses Ethereum to hide malware infrastructure and keep attacks alive
A malware backdoor called EtherRAT is drawing attention because it hides part of its command infrastructure in the Ethereum blockchain. Researchers say the malware uses…
HSBC India tells customers to enter internet banking passwords in uppercase from April 6
HSBC India has told customers that, from April 6, 2026, they must enter their existing internet banking passwords in uppercase letters when they sign in.…
New Chrome zero-day vulnerability is under active attack, and Google has already pushed a fix
Google has released an emergency Chrome update to fix a zero-day vulnerability that attackers are already exploiting in the wild. The flaw, tracked as CVE-2026-5281,…
Russian “CTRL” toolkit hijacks RDP sessions and steals Windows credentials
A newly uncovered malware toolkit called “CTRL” gives attackers a quiet way to take over Windows systems, steal credentials, and keep long-term access. Security researchers…
Oracle WebLogic proxy flaw is under active attack, and honeypot data shows scanners moved fast
Attackers are actively probing and exploiting CVE-2026-21962, a maximum-severity Oracle flaw that Oracle patched in January 2026. But there is an important correction up front:…
Vertex AI Agent Engine default permissions exposed a path to sensitive Google Cloud data
Security researchers say Google Cloud’s Vertex AI Agent Engine exposed a serious privilege risk through its default service agent model, allowing a deployed AI agent…
November 21, 2025
1 comment 
