Follow on Google News
Chinese-language smishing services use SMS, iMessage, and RCS to scale credential theft
Chinese-language phishing-as-a-service platforms are helping cybercriminals run large credential theft campaigns through SMS, iMessage, and Rich Communication Services. urlscan.io researchers say these ecosystems now support…
Silver Fox campaign uses fake tax alerts and software updates to deliver malware
Silver Fox is using fake tax audit messages, HR-themed emails, and counterfeit software update pages to infect users across Asia with remote access malware. Recent…
Microsoft patches Windows Shell flaw after reports of active exploitation
Microsoft has confirmed that a Windows Shell vulnerability tracked as CVE-2026-32202 has been exploited in the wild. The flaw affects the way Windows handles certain…
WhatsApp is testing its own encrypted cloud backup provider
WhatsApp is working on a first-party cloud backup provider that would let users store chat backups on WhatsApp’s own servers instead of relying only on…
Chinese Silk Typhoon suspect extradited to the U.S. over COVID research hacks
A Chinese national accused of taking part in state-backed cyber intrusions has been extradited from Italy to the United States. Xu Zewei, 34, appeared in…
Critical LiteLLM SQL injection flaw is already being exploited in the wild
A critical SQL injection vulnerability in LiteLLM is already being targeted in the wild, giving attackers a way to query the proxy database before authentication.…
Checkmarx confirms GitHub repository data was published on the dark web
Checkmarx has confirmed that data linked to the company was published on the dark web after attackers gained unauthorized access to its GitHub repositories. The…
Microsoft confirms Remote Desktop warning display bug after April 2026 Windows update
Microsoft has confirmed a Windows issue that can cause new Remote Desktop security warnings to display incorrectly after the April 2026 security updates. The problem…
Nessus Agent flaw on Windows can lead to SYSTEM-level code execution
Tenable has patched a high-severity vulnerability in Nessus Agent for Windows that can allow an authenticated local attacker to delete arbitrary files with SYSTEM privileges.…
pentest-ai-agents turns Claude Code into a specialist pentesting assistant
pentest-ai-agents is an open-source toolkit that turns Claude Code into a security testing assistant with specialist subagents for authorized penetration testing. The project was first…
November 21, 2025
1 comment 
