Latest Cybersecurity News and Articles
12 November 2025
Amazon's threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware.
"This discovery highlights the trend of threat actors focusing on critical identity and network access control infrastructure –
12 November 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Nov. 12, 2025 – Read the full story from ISACA It is no secret that many enterprises have struggled to derive measurable value from their threat intelligence programs. In a recent study commissioned by
The post Blueprint For Building Or Strengthening A Modern Cyber Threat Intelligence Program appeared first on Cybercrime Magazine.
12 November 2025
The cybersecurity startup will use the investment to accelerate global expansion and product innovation.
The post Sweet Security Raises $75 Million for Cloud and AI Security appeared first on SecurityWeek.
12 November 2025
Google is targeting the threat group known as Smishing Triad, which used over 194,000 malicious domains in a campaign.
The post Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit appeared first on SecurityWeek.
12 November 2025
Ivanti and Zoom resolved security defects that could lead to arbitrary file writes, elevation of privilege, code execution, and information disclosure.
The post High-Severity Vulnerabilities Patched by Ivanti and Zoom appeared first on SecurityWeek.
12 November 2025
Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you’re always one step behind.
But what if there was a smarter way to stay ahead—without adding more work or stress?
Join The Hacker News and Bitdefender for a free cybersecurity webinar to learn about a new approach called Dynamic Attack
12 November 2025
Researchers submitted 107 bug reports during the bugSWAT hacking event at the ESCAL8 conference in New Mexico.
The post Google Paid Out $458,000 at Live Hacking Event appeared first on SecurityWeek.
12 November 2025
Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making it the ultimate target. For attackers, it represents the holy grail: compromise Active
12 November 2025
Intel, AMD and Nvidia have published security advisories describing vulnerabilities found recently in their products.
The post Chipmaker Patch Tuesday: Over 60 Vulnerabilities Patched by Intel appeared first on SecurityWeek.
12 November 2025
Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild.
Of the 63 flaws, four are rated Critical and 59 are rated Important in severity. Twenty-nine of these vulnerabilities are related to privilege escalation, followed by 16 remote code execution, 11 information disclosure, three
12 November 2025
Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud.
The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private to you and is not accessible to anyone else, not
12 November 2025
An Aveva vulnerability also impacts Schneider Electric products and both vendors have published advisories.
The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Rockwell, Aveva, Schneider appeared first on SecurityWeek.
12 November 2025
Security risks amplified by economic uncertainty.
12 November 2025
Healthcare organizations struggle to recover after a cyberattack.
11 November 2025
Adobe has fixed InDesign, InCopy, Photoshop, Illustrator, Pass, Substance 3D Stager, and Format Plugins vulnerabilities.
The post Adobe Patches 29 Vulnerabilities appeared first on SecurityWeek.
11 November 2025
Microsoft’s latest Patch Tuesday updates address more than 60 vulnerabilities in Windows and other products.
The post Microsoft Patches Actively Exploited Windows Kernel Zero-Day appeared first on SecurityWeek.
11 November 2025
Tel Aviv, Israel based Tenzai has developed an AI-driven platform for penetration testing, which it says can continuously identify and address vulnerabilities.
The post Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform appeared first on SecurityWeek.
11 November 2025
Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp.
According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking applications.
11 November 2025
The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress.
The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours of initial infection.
"
11 November 2025
A threat actor has exploited the issue to create a new administrator account and then used the account to execute remote access tools.
The post Critical Triofox Vulnerability Exploited in the Wild appeared first on SecurityWeek.