Follow on Google News
New VENOM phishing kit targets CEOs and CFOs with Microsoft login theft
A newly documented phishing platform called VENOM is targeting senior executives with attacks designed to steal Microsoft 365 credentials and session access, even when multi-factor…
New LucidRook malware targets NGOs and universities in Taiwan
Cisco Talos says a newly identified malware family called LucidRook is being used in targeted attacks against Taiwanese non-governmental organizations and suspected universities. The company…
Gmail end-to-end encryption reaches Android and iPhone for enterprise users
Google has started rolling out Gmail end-to-end encryption on Android and iPhone, but this is not a feature for regular personal accounts. It is meant…
ChipSoft ransomware attack disrupts Dutch hospital software, with spillover reported in Belgium
Dutch healthcare software provider ChipSoft has confirmed a serious cyber incident, and Z-CERT says it was a ransomware attack. The company’s outage forced precautionary shutdowns…
Smart Slider 3 Pro update hijack pushed malware to WordPress and Joomla sites
Website owners who use Smart Slider 3 Pro should check their installations right away. Nextend says attackers breached the plugin’s update infrastructure and pushed a…
Eurail says December breach exposed data of more than 300,000 travelers
Eurail says a December 2025 data breach exposed customer data, and follow-up reporting now puts the impact at 308,777 individuals. The company has confirmed that…
Adobe patches actively exploited Acrobat Reader zero-day after months of PDF attacks
Adobe has confirmed that attackers have been exploiting a zero-day flaw in Acrobat Reader in the wild, and the company has now released a security…
OpenAI tells macOS users to update ChatGPT, Codex, and Atlas after Axios supply chain scare
MacOS users should update OpenAI’s desktop apps right away. OpenAI says a compromised Axios package reached part of its macOS app-signing workflow, so the company…
Fake BTS ticket sites are scamming fans across multiple countries, Kaspersky warns
Cybercriminals are exploiting BTS’s return to touring with fake ticket websites that imitate official pre-sale pages and steal money from fans. Kaspersky says it found…
Storm-2755 uses AiTM session hijacking to redirect employee salaries in Canada
Microsoft says a financially motivated threat actor tracked as Storm-2755 is targeting Canadian employees in a “payroll pirate” campaign that redirects salary payments to attacker-controlled…
November 21, 2025
1 comment 
