Windows now warns before opening risky RDP files after April 2026 security update
Microsoft has changed how Windows handles Remote Desktop .rdp files after the April 2026 security update. The new behavior adds warning dialogs before a connection…
MiningDropper is pushing Android infostealers, RATs, and banking malware through fake apps, Cyble says
A fast-growing Android malware campaign is using a framework called MiningDropper to deliver far more dangerous payloads through fake mobile apps, according to Cyble. The…
NSA reportedly uses Anthropic’s Mythos despite Pentagon blacklist, exposing a split inside the U.S. government
The National Security Agency is reportedly using Anthropic’s Mythos Preview even though the Pentagon formally labeled Anthropic a supply-chain risk last month. Axios first reported…
Windows 11 Dev build 26300.8170 adds clearer Secure Boot status and useful storage fixes
Microsoft has released Windows 11 Insider Preview Build 26300.8170 to the Dev Channel, and the biggest change is a new Secure Boot status view inside…
Microsoft rolls back Teams update after desktop launch failures leave some users stuck on loading screen
Microsoft has rolled back a problematic update after some users found that the Teams desktop client would not launch properly. Affected users got stuck on…
JanaWare ransomware is targeting Turkish users through a modified Adwind RAT, Acronis says
A new ransomware operation called JanaWare appears to be targeting users in Turkey through a customized version of the Adwind remote access trojan, according to…
Attackers are abusing QEMU to hide ransomware prep and credential theft inside virtual machines, Sophos says
Attackers are now using QEMU, a legitimate open-source machine emulator, to hide malicious activity inside virtual machines that many endpoint tools cannot inspect properly. Sophos…
Microsoft Teams and Quick Assist helpdesk impersonation attacks are rising, Microsoft warns
Attackers are increasingly using Microsoft Teams and Quick Assist to pose as IT helpdesk staff, trick employees into granting remote access, and then move deeper…
Lovable says chat exposure on public projects came from a permissions error, after researchers warned sensitive project data was accessible
Lovable, the AI app builder platform, says it has fixed a permissions issue that exposed chat data tied to public projects after researchers and users…
Iranian MOIS linked three hacker brands to one coordinated cyber campaign, researchers say
Iran’s Ministry of Intelligence and Security appears to have run Homeland Justice, Karma/KarmaBelow80, and Handala as parts of one coordinated cyber campaign, not as separate…
November 21, 2025
1 comment 
