Follow on Google News
Meta Business Manager phishing emails now come from Meta’s real mail domain
A new phishing campaign is abusing Meta’s own Business Manager partner-request system to send convincing emails from facebookmail.com, a legitimate Meta-owned domain. That makes the…
Silver Fox hides ValleyRAT in fake Telegram Chinese language pack installer
A new Silver Fox malware campaign is using a fake Telegram Chinese language pack installer to deliver ValleyRAT on Windows systems. Public reporting says the…
Chrome 147 fixes two critical bugs that could let attackers run code on your PC
Google has released Chrome 147 to the stable channel for Windows, Mac, and Linux with a long list of security fixes, including two critical flaws…
RoningLoader malware campaign hides behind fake Chrome and Teams installers to disable security tools
RoningLoader is a stealthy malware loader tied to DragonBreath, also tracked as APT-Q-27. It targets Chinese-speaking users and spreads through trojanized NSIS installers that pretend…
Microsoft locks VeraCrypt and WireGuard out of Windows signing, stalling critical updates
Microsoft has suspended developer access tied to VeraCrypt and WireGuard, leaving both projects unable to sign Windows drivers and ship new Windows builds. For users,…
Hackers claim to have stolen 10 petabytes of data from China’s Tianjin supercomputer center
A hacker is claiming to have stolen more than 10 petabytes of sensitive data from what multiple reports identify as China’s National Supercomputing Center in…
New phishing attack via Google Storage deploys Remcos RAT
A newly documented phishing campaign is using Google Cloud Storage links to help deliver Remcos RAT, a remote access trojan that gives attackers long-term control…
Palo Alto patches Cortex XSOAR and XSIAM Microsoft Teams integration flaw
Palo Alto Networks has patched a high-severity vulnerability in the Microsoft Teams integration for Cortex XSOAR and Cortex XSIAM. The flaw, tracked as CVE-2026-0234, stems…
Multiple SonicWall vulnerabilities enable SQL injection and privilege escalation attacks
SonicWall has disclosed four vulnerabilities in its Secure Mobile Access 1000 series appliances that can lead to SQL injection, credential enumeration, and multi-factor authentication bypass.…
GitLab patches multiple vulnerabilities that enable DoS and code injection attacks
]GitLab has released security updates for Community Edition and Enterprise Edition to fix multiple vulnerabilities, including bugs that could let attackers trigger denial of service…
November 21, 2025
1 comment 
