A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a “full spectrum” of features to facilitate on-device fraud (ODF), screen manipulation, and real-time interaction with infected devices. The malware embeds a hard-coded list…
Category: EN
Taiwan Prosecutors Raid Residences Of Former TSMC Executive
Taiwanese prosecutors raid residences of Lo Wei-Jen, who left TSMC to return to Intel in October, amid intellectual property lawsuit This article has been indexed from Silicon UK Read the original article: Taiwan Prosecutors Raid Residences Of Former TSMC Executive
Alibaba Builds On Qwen Success With AI Glasses
Alibaba starts China sales of Quark AI Glasses, building on success of Qwen models, as it competes with Meta, Xiaomi in wearables sector This article has been indexed from Silicon UK Read the original article: Alibaba Builds On Qwen Success…
A week in security (November 24 – November 30)
A list of topics we covered in the week of November 24 to November 30 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (November 24 – November 30)
Asahi ransomware details, California browser law, Windows Teams accelerated
Japanese brewer Asahi provides details regarding October ransomware attack California law regulating web browsers might impact national data privacy Microsoft to speed up Teams Huge thanks to our episode sponsor, Vanta This message comes from Vanta. What’s your 2 AM…
Asahi Hackers Stole Personal Data Of 2 Million People
Japanese brewery group says personal data on roughly 2 million people, including employees and customers, stolen in September hack This article has been indexed from Silicon UK Read the original article: Asahi Hackers Stole Personal Data Of 2 Million People
Kevin Lancaster Joins the usecure Board to Accelerate North American Channel Growth
Claymont, Delaware, 1st December 2025, CyberNewsWire Kevin Lancaster Joins the usecure Board to Accelerate North American Channel Growth on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has been indexed from Latest Hacking…
Treating MCP like an API creates security blind spots
In this Help Net Security interview, Michael Yaroshefsky, CEO at MCP Manager, discusses how Model Context Protocol’s (MCP) trust model creates security gaps that many teams overlook and why MCP must not be treated like a standard API. He explains how…
What We Learned from Recent Airport Cyber Attacks
Major airport problems across Europe in 2025 showed the aviation sector’s vulnerability to cyber threats, especially from ransomware targeting critical vendor systems. These cyberattacks are… The post What We Learned from Recent Airport Cyber Attacks appeared first on Panda Security…
Linux 6.18 Rolls Out With Major Hardware Support Upgrades and Driver Enhancements
Linus Torvalds has officially released Linux 6.18, the latest stable version of the Linux kernel. The announcement came on Sunday, November 30, 2025, marking another milestone for the open-source operating system that powers everything from smartphones to supercomputers. Torvalds shared…
PoC Released for Outlook “MonikerLink” RCE Flaw Allowing Remote Code Execution
Security researchers have released a proof-of-concept (PoC) exploit for CVE-2024-21413, a critical remote code execution vulnerability in Microsoft Outlook dubbed “MonikerLink.” This flaw enables attackers to execute arbitrary code on victim systems via specially crafted emails, posing a serious risk…
APT36 Deploys Python-Based ELF Malware in Targeted Attacks on Indian Government Agencies
Pakistan-linked cyberespionage group APT36 (Transparent Tribe) has escalated its campaign against Indian government institutions with the deployment of sophisticated Python-based ELF malware specifically designed to compromise Linux-based BOSS operating environments, according to research published by CYFIRMA. The threat actor, historically…
Windows 11 24H2 Update Hides the Password Icon in the Sign-in Options on the Lock Screen
Microsoft has confirmed a bizarre user interface bug affecting Windows 11 version 24H2 devices that renders the password sign-in icon invisible on the lock screen. The issue, stemming from the August 2025 non-security preview update (KB5064081) and persisting in subsequent…
Enterprise password audits made practical for busy security teams
Security teams carry a heavy load, and password risk is one of the most overlooked parts of that workload. Every year new systems, cloud tools, and shared services add more credentials into the mix. Some sit in proper vaults, others…
Offensive cyber power is spreading fast and changing global security
Offensive cyber activity has moved far beyond a handful of major powers. More governments now rely on digital operations to project influence during geopolitical tension, which raises new risks for organizations caught in the middle. A new policy brief from…
Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets
The threat actor known as Tomiris has been attributed to attacks targeting foreign ministries, intergovernmental organizations, and government entities in Russia with an aim to establish remote access and deploy additional tools. “These attacks highlight a notable shift in Tomiris’s…
Cybersecurity Today: QR Code Parking Scams, Evil Twin WiFi Attacks & Microsoft’s Teams Flaw
In this episode of Cybersecurity Today, host David Shipley discusses a range of pressing cybersecurity issues. Topics include the surge in QR code parking scams, with recent cases in Monaco, Ottawa, and across Europe; an Australian man sentenced for evil…
What zero trust looks like when you build it step by step
In this Help Net Security video, Jonathan Edwards, Managing Director at KeyData Cyber, walks us through what practical zero trust adoption looks like in stages. He explains why he dislikes the term itself, then shifts to steps teams can follow…
Hackers Allegedly Claim Breach of Mercedes-Benz USA Legal and Customer Data
A threat actor known as “zestix” has claimed responsibility for a significant data breach affecting Mercedes-Benz USA (MBUSA), allegedly exfiltrating 18.3 GB of sensitive legal and customer information. The threat actor posted the dataset for sale on a dark web…
PoC Exploit Released for Critical Outlook 0-Click Remote Code Execution Vulnerability
A Proof-of-Concept (PoC) exploit code has been released for a critical remote code execution (RCE) vulnerability in Microsoft Outlook, identified as CVE-2024-21413. Dubbed “MonikerLink,” this flaw allows attackers to bypass Outlook’s security mechanisms, specifically the “Protected View,” to execute malicious…