TECHZONE™
Kanalga Telegram’da o‘tish
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Ko'proq ko'rsatish595
Obunachilar
Ma'lumot yo'q24 soatlar
Ma'lumot yo'q7 kunlar
-730 kunlar
Postlar arxiv
594
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets
https://thehackernews.com/2025/11/iranian-hackers-launch-spearspecter-spy.html
The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign.
The activity, detected in early September 2025 and assessed to be ongoing, has been codenamed SpearSpecter by the Israel National Digital Agency (INDA).
"The
594
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
https://thehackernews.com/2025/11/researchers-find-serious-ai-bugs.html
Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang.
"These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ (ZMQ) and Python's pickle deserialization,"
594
Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts
https://thehackernews.com/2025/11/fortinet-fortiweb-flaw-actively.html
Cybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet Fortiweb WAF that could allow an attacker to take over admin accounts and completely compromise a device.
"The watchTowr team is seeing active, indiscriminate in-the-wild exploitation of what appears to be a silently patched vulnerability in Fortinet's FortiWeb product," Benjamin Harris,
594
Ransomware's Fragmentation Reaches a Breaking Point While LockBit Returns
https://thehackernews.com/2025/11/ransomwares-fragmentation-reaches.html
Key Takeaways:
85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date.
1,590 victims disclosed across 85 leak sites, showing high, sustained activity despite law-enforcement pressure.
14 new ransomware brands launched this quarter, proving how quickly affiliates reconstitute after takedowns.
LockBit’s reappearance with
594
Chinese Hackers Use Anthropic's AI to Launch Automated Cyber Espionage Campaign
https://thehackernews.com/2025/11/chinese-hackers-use-anthropics-ai-to.html
State-sponsored threat actors from China used artificial intelligence (AI) technology developed by Anthropic to orchestrate automated cyber attacks as part of a "highly sophisticated espionage campaign" in mid-September 2025.
"The attackers used AI's 'agentic' capabilities to an unprecedented degree – using AI not just as an advisor, but to execute the cyber attacks themselves," the AI upstart
594
Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests' Payment Data
https://thehackernews.com/2025/11/russian-hackers-create-4300-fake-travel.html
A Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year.
The activity, per Netcraft security researcher Andrew Brandt, is designed to target customers of the hospitality industry, specifically hotel guests who may have travel reservations with spam emails. The campaign is said to have begun in earnest around
594
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases Using Sui Blockchain
https://thehackernews.com/2025/11/fake-chrome-extension-safery-steals.html
Cybersecurity researchers have uncovered a malicious Chrome extension that poses as a legitimate Ethereum wallet but harbors functionality to exfiltrate users' seed phrases.
The name of the extension is "Safery: Ethereum Wallet," with the threat actor describing it as a "secure wallet for managing Ethereum cryptocurrency with flexible settings." It was uploaded to the Chrome Web Store on
594
When Attacks Come Faster Than Patches: Why 2026 Will be the Year of Machine-Speed Security
https://thehackernews.com/2025/11/when-attacks-come-faster-than-patches.html
The Race for Every New CVE
Based on multiple 2025 industry reports: roughly 50 to 61 percent of newly disclosed vulnerabilities saw exploit code weaponized within 48 hours. Using the CISA Known Exploited Vulnerabilities Catalog as a reference, hundreds of software flaws are now confirmed as actively targeted within days of public disclosure. Each new announcement now triggers a global race
594
Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown
https://thehackernews.com/2025/11/operation-endgame-dismantles.html
Malware families like Rhadamanthys Stealer, Venom RAT, and the Elysium botnet have been disrupted as part of a coordinated law enforcement operation led by Europol and Eurojust.
The activity, which is taking place between November 10 and 13, 2025, marks the latest phase of Operation Endgame, an ongoing operation designed to take down criminal infrastructures and combat ransomware enablers
594
ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories
https://thehackernews.com/2025/11/threatsday-bulletin-cisco-0-days-ai-bug.html
Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us.
But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger systems to keep people safe. It’s a constant race — every
594
CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks
https://thehackernews.com/2025/11/cisa-flags-critical-watchguard-fireware.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including
594
Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack
https://thehackernews.com/2025/11/over-46000-fake-npm-packages-flood.html
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort.
"The packages were systematically published over an extended period, flooding the npm registry with junk packages that survived in the ecosystem for almost two years," Endor Labs
594
Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform
https://thehackernews.com/2025/11/google-sues-china-based-hackers-behind.html
Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries.
The PhaaS kit is used to conduct large-scale SMS phishing attacks that exploit trusted brands like E-ZPass and USPS to
594
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
https://thehackernews.com/2025/11/amazon-uncovers-attacks-exploited-cisco.html
Amazon's threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware.
"This discovery highlights the trend of threat actors focusing on critical identity and network access control infrastructure –
594
[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR
https://thehackernews.com/2025/11/webinar-learn-how-leading-security.html
Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you’re always one step behind.
But what if there was a smarter way to stay ahead—without adding more work or stress?
Join The Hacker News and Bitdefender for a free cybersecurity webinar to learn about a new approach called Dynamic Attack
594
Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security
https://thehackernews.com/2025/11/active-directory-under-siege-why.html
Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making it the ultimate target. For attackers, it represents the holy grail: compromise Active
594
Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack
https://thehackernews.com/2025/11/microsoft-fixes-63-security-flaws.html
Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild.
Of the 63 flaws, four are rated Critical and 59 are rated Important in severity. Twenty-nine of these vulnerabilities are related to privilege escalation, followed by 16 remote code execution, 11 information disclosure, three
594
Google Launches 'Private AI Compute' — Secure AI Processing with On-Device-Level Privacy
https://thehackernews.com/2025/11/google-launches-private-ai-compute.html
Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud.
The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private to you and is not accessible to anyone else, not
594
Why shadow AI could be your biggest security blind spot
https://www.welivesecurity.com/en/business-security/shadow-ai-security-blind-spot/
From unintentional data leakage to buggy code, here’s why you should care about unsanctioned AI use in your company
594
WhatsApp Malware 'Maverick' Hijacks Browser Sessions to Target Brazil's Biggest Banks
https://thehackernews.com/2025/11/whatsapp-malware-maverick-hijacks.html
Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp.
According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking applications.
