Researchers say attacks are laying the groundwork for stealthy espionage activity Around 50,000 ASUS routers have been compromised in a sophisticated attack that researchers believe may be linked to China, according to findings released today by SecurityScorecard’s STRIKE team.… This…
Arctic Wolf expands MDR capabilities with Abnormal AI behavioral email intelligence
Arctic Wolf announced a new integration between the Arctic Wolf Aurora Platform and Abnormal AI, expanding detection and response capabilities across one of the most targeted attack surfaces, email. The integration brings Abnormal AI’s behavioral AI detections directly into Arctic…
Sophos adds Intelix threat intelligence to Microsoft Security and 365 Copilot
Sophos announced the general availability of new integrations that connect Sophos Intelix, its cyber threat intelligence repository, with Microsoft Security Copilot and Microsoft 365 Copilot. Organizations of all sizes now gain real-time access to Sophos threat intelligence within Microsoft’s AI-powered…
Microsoft Adds Azure Firewall With AI-Powered Security Copilot
Microsoft has integrated Azure Firewall with its AI-powered Security Copilot platform, bringing natural language threat investigation capabilities to cloud network security teams. The new integration allows security analysts to investigate malicious network traffic using conversational prompts instead of complex query…
Critical SolarWinds Serv-U Flaws Allow Remote Admin-Level Code Execution
SolarWinds has released an urgent security update for its Serv-U file transfer software, patching three critical vulnerabilities that could enable attackers with administrative access to execute remote code on affected systems. The flaws, all rated 9.1 on the CVSS severity…
New npm Malware Campaign Checks If Visitor Is a Victim or Researcher Before Initiating Infection
The Socket Threat Research Team has uncovered a sophisticated npm malware campaign orchestrated by the threat actor dino_reborn, who deployed 7 malicious packages designed to distinguish genuine targets from security researchers before executing their payloads. This nuanced approach represents a…
New FortiWeb 0-Day Code Execution Flaw Actively Exploited
Fortinet has disclosed a critical OS command injection vulnerability affecting multiple versions of FortiWeb that is currently being exploited in the wild. The flaw, tracked as CVE-2025-58034, allows authenticated attackers to execute unauthorized code on vulnerable systems through specially crafted…
New ShadowRay Exploit Targets Vulnerability in Ray AI Framework to Attack AI Systems
Oligo Security researchers have uncovered an active global hacking campaign that leverages artificial intelligence to attack AI infrastructure. The operation, dubbed ShadowRay 2.0, exploits a known yet disputed vulnerability in Ray an open-source framework powering numerous AI systems worldwide to…
Selling technology investments to the board: a strategic guide for CISOs and CIOs
The C-suite will have zero interest in zero trust without a good business case Partner Content In today’s enterprise environment, technology investments are no longer judged solely by their technical sophistication. Approval depends on their ability to support business goals,…
Eurofiber confirms November 13 hack, data theft, and extortion attempt
Eurofiber says hackers exploited a flaw on November 13, breached its ticket and customer portals, stole data, and attempted extortion. On November 13, threat actors exploited a vulnerability to breach its ticketing system and ATE customer portal of the European…
Vanta’s Agentic Trust Platform redefines how enterprises earn, prove, and scale trust
Vanta unveiled a number of new products that redefine how enterprises earn and prove trust at scale. Powered by intelligent automation, Vanta’s Agentic Trust Platform helps teams understand their environment, anticipate what’s next, and automate workflows across compliance, risk, and…
Tanium integrates AI-driven Triage and Identity Insights into Microsoft Security Copilot
Tanium announced the general availability of Tanium Security Triage Agent and Tanium Security Triage Agent with Identity Insights in Microsoft Security Copilot. “Agentic AI is transforming the workflows used by security operations to respond, prioritize and act,” said Dan Varga,…
CredShields Joins Forces with Checkmarx to Bring Smart Contract Security to Enterprise AppSec Programs
Singapore, Singapore, 19th November 2025, CyberNewsWire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the original article: CredShields Joins Forces with Checkmarx to Bring Smart Contract Security to Enterprise AppSec…
Cayosoft Guardian SaaS expands identity continuity with always-on hybrid protection
Cayosoft announced an expansion in the deployment of its flagship platform, Cayosoft Guardian SaaS. This milestone marks a significant evolution in identity continuity, empowering enterprises to detect, respond, and recover instantly, even when infrastructure is under attack. Enterprises can now…
FCC to torch Salt Typhoon rules, Group claims Danish party website hits, MI5 warns Chinese spies are on LinkedIn
FCC to torch rules from Salt Typhoon Group claims hits on Danish party websites MI5 warns Chinese spies are using LinkedIn Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn’t catching everything — and cybercriminals know it. That’s…
IT Security News Hourly Summary 2025-11-19 09h : 11 posts
11 posts were published in the last hour 8:4 : Germany To Bar China From 6G Networks 8:4 : New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet 8:4 : Microsoft Unveils Security Enhancements for Identity, Defense, Compliance 8:4 :…
Germany To Bar China From 6G Networks
Germany to strip Chinese tech from existing infrastructure where possible and ban it from future networks, amidst trade disruption This article has been indexed from Silicon UK Read the original article: Germany To Bar China From 6G Networks
New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet
Fortinet patched a new FortiWeb zero-day, tracked as CVE-2025-58034, which attackers are actively exploiting. Fortinet patched a new FortiWeb zero-day, tracked as CVE-2025-58034 (CVSS score 6.7), which is being actively exploited in attacks in the wild. Trend Micro researcher Jason…
Microsoft Unveils Security Enhancements for Identity, Defense, Compliance
Microsoft announced new security capabilities for Defender, Sentinel, Copilot, Intune, Purview, and Entra. The post Microsoft Unveils Security Enhancements for Identity, Defense, Compliance appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Microsoft Unveils…
authID Mandate Framework establishes governance model for secure agentic AI deployment
authID unveiled the authID Mandate Framework, a comprehensive governance model for agentic AI security with support for non-human identities, including autonomous and semi-autonomous AI agents. Mandate provides enterprises with the trust foundation, policy controls, and auditability needed to safely deploy…
New FortiWeb 0-Day Command Injection Vulnerability Exploited in the Wild
Fortinet has released an urgent security advisory addressing a newly discovered zero-day vulnerability, CVE-2025-58034, in its FortiWeb web application firewall platform, after evidence emerged of active exploitation in the wild. The flaw, characterized as improper neutralization of special elements used…
F5 BIG-IP v21.0 accelerates enterprise AI initiatives
F5 introduced BIG-IP v21.0, giving customers a unified approach to app delivery, security, and scale in the AI era. This major release extends the F5 Application Delivery and Security Platform (ADSP) with a purpose-built delivery engine for application workloads—reducing operational…
CyberProof’s Agentic AI framework sets a new standard for flexible, threat-led defense
CyberProof has launched its new Agentic AI framework and SOC agents which are designed to improve threat detection, incident response, and operational efficiency for exposure and defense management. This framework is a key part of CyberProof’s Threat-led defense methodology, orchestrating…
Nightfall’s AI File Classifier Detectors bring LLM intelligence to unstructured IP protection
Nightfall announced the launch of AI File Classifier Detectors, the first solution to use large language models (LLMs) to classify and protect business-critical documents that traditional DLP tools cannot see. Most high-value assets, including source code, financial reports, strategic roadmaps,…