Smart Slider 3 Pro update hijack pushed malware to WordPress and Joomla sites
Website owners who use Smart Slider 3 Pro should check their installations right away. Nextend says attackers breached the plugin’s update infrastructure and pushed a…
Eurail says December breach exposed data of more than 300,000 travelers
Eurail says a December 2025 data breach exposed customer data, and follow-up reporting now puts the impact at 308,777 individuals. The company has confirmed that…
Adobe patches actively exploited Acrobat Reader zero-day after months of PDF attacks
Adobe has confirmed that attackers have been exploiting a zero-day flaw in Acrobat Reader in the wild, and the company has now released a security…
OpenAI tells macOS users to update ChatGPT, Codex, and Atlas after Axios supply chain scare
MacOS users should update OpenAI’s desktop apps right away. OpenAI says a compromised Axios package reached part of its macOS app-signing workflow, so the company…
Fake BTS ticket sites are scamming fans across multiple countries, Kaspersky warns
Cybercriminals are exploiting BTS’s return to touring with fake ticket websites that imitate official pre-sale pages and steal money from fans. Kaspersky says it found…
Storm-2755 uses AiTM session hijacking to redirect employee salaries in Canada
Microsoft says a financially motivated threat actor tracked as Storm-2755 is targeting Canadian employees in a “payroll pirate” campaign that redirects salary payments to attacker-controlled…
EngageLab SDK flaw exposed millions of Android crypto wallet users to data theft risk
A security flaw in the EngageLab Android SDK exposed more than 30 million crypto wallet app installations to possible data theft, according to Microsoft. The…
Anthropic launches Claude for Word beta, bringing tracked AI edits into Microsoft documents
Anthropic has launched Claude for Word in beta, adding its AI assistant directly inside Microsoft Word instead of forcing users to jump between apps. The…
AI-assisted breach hit nine Mexican government agencies, report says
A single threat actor used Anthropic’s Claude Code and OpenAI’s GPT-4.1 during a months-long intrusion that hit nine Mexican government organizations, according to a new…
Ransomware gangs now use more EDR killers that do not rely on vulnerable drivers, ESET says
Ransomware groups are using a wider range of tools to shut down security products before they launch encryption, and ESET says the trend now goes…
November 21, 2025
1 comment 
