Critical ExifTool flaw lets malicious images run code on macOS
A newly disclosed ExifTool vulnerability can let a malicious image trigger command execution on macOS during metadata processing. The flaw affects ExifTool 13.49 and earlier…
Hikvision Camera Vulnerability Actively Exploited, CISA Warns Agencies to Patch Immediately
A critical vulnerability affecting multiple Hikvision surveillance products is drawing fresh security attention after it was added to the U.S. government’s Known Exploited Vulnerabilities (KEV)…
Microsoft warns fake AI browser extensions exposed chat data across 20,000+ enterprise tenants
Microsoft has warned that malicious AI-themed browser extensions compromised enterprise users and exposed sensitive chat histories across more than 20,000 organizational tenants. The fake extensions,…
CISA warns of actively exploited Apple vulnerabilities affecting macOS, iOS, and iPadOS
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that several Apple vulnerabilities affecting macOS, iOS, iPadOS, Safari, and other Apple platforms are actively…
Web server exploits and Mimikatz linked to years-long attacks on Asian critical sectors
A newly detailed cyber campaign has targeted high-value organizations across South, Southeast, and East Asia by exploiting internet-facing web servers, planting web shells, stealing credentials,…
EU court adviser says banks should refund phishing victims first, then recover losses later
Banks in the EU should immediately refund customers for unauthorized transactions, even when the bank believes the customer acted with gross negligence, according to an…
WiFi signals can map body movement through walls, but the biggest claims still need proof
A fast-growing open-source project called π RuView says it can turn WiFi signal data into human pose estimation, presence detection, and even breathing or heart-rate…
Alleged exploit sale for patched Windows RDS flaw raises fresh concern, but public proof remains limited
A dark web post is claiming to sell an exploit for CVE-2026-21533, a Windows Remote Desktop Services elevation-of-privilege flaw that Microsoft disclosed and patched on…
ClickFix campaign tied to Velvet Tempest stages CastleRAT and DonutLoader in suspected pre-ransomware intrusions
A newly documented intrusion chain links the ClickFix social-engineering technique to activity associated with Velvet Tempest, a long-running ransomware affiliate that Microsoft previously mapped from…
Microsoft says hackers now use AI across every stage of the attack chain
Microsoft says threat actors now use artificial intelligence throughout the cyberattack lifecycle, from early reconnaissance and phishing to malware development, post-compromise research, and data monetization.…
November 21, 2025
1 comment 
