Follow on Google News
Hackers target unpatched Quest KACE SMA systems through critical CVE-2025-32975 flaw
Threat actors are now targeting unpatched Quest KACE Systems Management Appliance, or SMA, systems by abusing CVE-2025-32975, a critical authentication bypass flaw with a CVSS…
VoidStealer uses a new debugger trick to steal Chrome’s master key
VoidStealer is using a newer and quieter method to bypass Chrome’s Application-Bound Encryption, or ABE, and steal the browser’s v20_master_key from memory. Researchers at Gen…
Google adds Advanced Flow to make APK sideloading safer on Android
Google has announced a new Android feature called Advanced Flow that will let power users sideload APKs from unverified developers with extra security checks. The…
Microsoft Azure Monitor alerts abused in callback phishing campaign
Threat actors are abusing Microsoft Azure Monitor to send callback phishing emails that look far more legitimate than a typical scam. The messages appear to…
Copyright-themed lures spread PureLog Stealer in stealthy credential theft campaign
A new phishing campaign is using fake copyright violation notices to infect organizations with PureLog Stealer, a data-stealing malware that runs almost entirely in memory.…
Microsoft releases emergency Windows 11 update to fix Microsoft account sign-in bug
Microsoft has released an emergency out-of-band update for Windows 11 24H2 and 25H2 to fix a Microsoft account sign-in problem that appeared after the March…
Crunchyroll breach claim points to 100GB of stolen user data, but the company has not confirmed it
Crunchyroll has not publicly confirmed a data breach as of March 23, 2026. What exists right now is a threat actor claim that about 100GB…
AstraZeneca breach claim surfaces as LAPSUS$ resurfaces, but confirmation is still missing
AstraZeneca has not publicly confirmed a breach as of March 23, 2026. What exists right now is a claim from actors identifying themselves as LAPSUS$,…
Hackers hijacked Trivy GitHub Actions to steal CI/CD secrets
Organizations that used compromised Trivy components on March 19 and March 20, 2026 should treat their CI/CD secrets as exposed and rotate them immediately. Aqua…
Operation Alice shuts down 373,000 fake dark web sites in global child protection crackdown
An international law enforcement operation has shut down more than 373,000 dark web sites tied to a fraud network that advertised illegal abuse material and…
November 21, 2025
1 comment 
