Microsoft on Monday disclosed that it automatically detected and neutralized a distributed denial-of-service (DDoS) attack targeting a single endpoint in Australia that measured 5.72 terabits per second (Tbps) and nearly 3.64 billion packets per second (pps). The tech giant said…
CISA Warns of Critical Lynx+ Gateway Vulnerability Exposes Data in Cleartext
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about a severe vulnerability in Lynx+ Gateway devices that could expose sensitive information in clear text during transmission. The flaw allows attackers to catch network traffic and obtain…
Google Reveals Public Preview of Alert Triage and Investigation Agent for Security Operations
Google has announced the public preview of its Alert Triage and Investigation agent, a significant advancement in artificial intelligence-driven security operations. The intelligent agent is now embedded directly within Google Security Operations, helping security teams process alerts faster and more effectively.…
Azure hit by DDoS, Kenyan government sites recover, EVALUSION emerges
Azure hit by DDoS using 500K IPs Kenyan government websites back online EVALUSION emerges Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn’t catching everything — and cybercriminals know it. That’s why there’s KnowBe4’s Cloud Email Security platform.…
IT Security News Hourly Summary 2025-11-18 09h : 2 posts
2 posts were published in the last hour 7:38 : KongTuke activity, (Tue, Nov 18th) 7:38 : Chrome 142 Update Patches Exploited Zero-Day
KongTuke activity, (Tue, Nov 18th)
Introduction This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: KongTuke activity, (Tue, Nov 18th)
Chrome 142 Update Patches Exploited Zero-Day
The flaw was reported by Google’s Threat Analysis Group and was likely exploited by a commercial spyware vendor. The post Chrome 142 Update Patches Exploited Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Dutch police takes down bulletproof hosting hub linked to 80+ cybercrime cases
Dutch police seized 250 servers running a bulletproof hosting service tied to cybercriminals and linked to over 80 investigations since 2022. Dutch police Politie, seized 250 servers running an unnamed bulletproof hosting service used solely by cybercriminals. Active since 2022,…
Threat Actors Leveraging Compromised RDP Logins to Deploy Lynx Ransomware After Deleting Server Backups
Lynx ransomware has emerged as a significant threat to enterprise environments, with recent intrusions demonstrating sophisticated attack strategies that prioritize data exfiltration and infrastructure destruction. The malware campaign combines compromised credentials with careful planning to ensure maximum impact on target…
How attackers use patience to push past AI guardrails
Most CISOs already assume that prompt injection is a known risk. What may come as a surprise is how quickly those risks grow once an attacker is allowed to stay in the conversation. A new study from Cisco AI Defense…
What security pros should know about insurance coverage for AI chatbot wiretapping claims
AI-powered chatbots raise profound concerns under federal and state wiretapping and eavesdropping statutes that is being tested by recent litigation, creating greater exposure to the companies and developers that use this technology. Security professionals that integrate AI-chatbots into their business…
Agentic AI puts defenders on a tighter timeline to adapt
Security teams know that attackers rarely wait for defenders to be ready. The latest AI Maturity in Cybersecurity Report from Arkose Labs shows how quickly the threat landscape is shifting and how slowly organizations can respond in comparison. Attackers test…
Azure Cloud Mitigates Record 15.7 Tbps DDoS Attack From Aisuru Botnet Threat
In a stark display of modern cyber warfare capabilities, Microsoft Azure successfully deflected the largest distributed denial-of-service (DDoS)… The post Azure Cloud Mitigates Record 15.7 Tbps DDoS Attack From Aisuru Botnet Threat appeared first on Hackers Online Club. This article…
The privacy panic around machine learning is overblown
We often hear warnings about how machine learning (ML) models may expose sensitive information tied to their training data. The concern is understandable. If a model was trained on personal records, it may seem reasonable to assume that releasing it…
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 (CVSS score: 8.8), a type confusion vulnerability in…
IBM AIX Vulnerabilities Let Remote Attacker Execute Arbitrary Commands
IBM has released critical security updates addressing two severe vulnerabilities in its AIX operating system that could allow remote attackers to execute arbitrary commands on affected systems. Both vulnerabilities stem from improper process controls in essential IBM AIX services. Critical…
Cybersecurity jobs available right now: November 18, 2025
Application Security Engineer Vim | Israel | Hybrid – View job details As an Application Security Engineer, you will conduct internal penetration testing against Vim’s applications and APIs. Design, build, and implement the Secure SDLC process, integrating security into all…
IT Security News Hourly Summary 2025-11-18 06h : 1 posts
1 posts were published in the last hour 4:40 : Landfall Spyware Exploited a Samsung Image Flaw to Secretly Target Users For Nearly a Year
Landfall Spyware Exploited a Samsung Image Flaw to Secretly Target Users For Nearly a Year
Security specialists at Palo Alto Networks’ Unit 42 have uncovered a complex spyware tool named Landfall that silently infiltrated certain Samsung Galaxy phones for close to a year. The operation relied on a serious flaw in Samsung’s Android image-processing system,…
Record-Breaking 15 Tbps DDoS Attack From 500,000+ Devices Hits Azure Network
Microsoft Azure thwarted what may be the largest distributed denial-of-service (DDoS) attack ever recorded in the cloud on October 24. The attack peaked at 15.72 terabits per second (Tbps) and unleashed nearly 3.64 billion packets per second (pps), targeting a…
Chrome Type Confusion Zero-Day Vulnerability Actively Exploited in the Wild
Google has rushed out a critical update for its Chrome browser to address a zero-day vulnerability actively exploited in the wild, urging users to update immediately to mitigate the risk posed by sophisticated attackers. The patch, rolled out in Chrome…
ISC Stormcast For Tuesday, November 18th, 2025 https://isc.sans.edu/podcastdetail/9704, (Tue, Nov 18th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, November 18th, 2025…
Department of Know: Autonomous AI cyberattack, CISOs back to work, bus kill switches
Link to episode page This week’s Department of Know is hosted by Rich Stroffolino with guests Robb Dunewood, Host, Daily Tech News Show, and Howard Holton, CEO, GigaOm Thanks to our show sponsor, KnowBe4 Your email gateway isn’t catching everything…
What agentic AI means for cybersecurity
<p>Security practitioners are engaged in a battle against an enemy that sometimes seems to have all the ammunition.</p> <p>Case in point: Organizations worldwide field hundreds of millions of cyberattacks daily, according to the <a target=”_blank” href=”https://www.microsoft.com/en-us/security/security-insider/threat-landscape/microsoft-digital-defense-report-2024″ rel=”noopener”>Microsoft Digital Defense Report…