Microsoft has confirmed that some Windows Server domain controllers can enter repeated restart loops after installing the April 2026 security updates. The company says the…
Leaked Windows Defender zero-days are already being used in real attacks, and two of them still do not have a Microsoft patch. Huntress said threat…
CISA has added CVE-2026-34197, a high-severity Apache ActiveMQ vulnerability, to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the wild. The agency added…
A ransomware group called Payouts King has emerged as a credible threat, and Zscaler says several recent attacks tie back with high confidence to operators…
A cybercrime platform called ATHR appears to package the full callback-phishing chain into one browser-based system, making it easier for attackers to run phone-led scams…
Anthropic has released Claude Opus 4.7, a new flagship model that improves coding, vision, and long-running task performance while adding stronger protections for high-risk cybersecurity…
A counterfeit Ledger Nano S Plus sold through a Chinese marketplace appears to have been built to steal recovery phrases and PINs from the start.…
Attackers have started exploiting CVE-2026-39987, a critical marimo vulnerability, to run code on exposed developer systems without authentication. Sysdig said it observed real attacks just…
A North Korean threat actor known as Sapphire Sleet has launched a new macOS campaign that uses a fake Zoom SDK update to steal passwords,…
A sharp rise in email-borne worm activity hit industrial control systems in the fourth quarter of 2025, driven largely by a campaign spreading Backdoor.MSIL.XWorm through…
November 21, 2025
1 comment 
