Microsoft has officially acknowledged a significant disruption affecting Windows 11 version 24H2 users, specifically after installing the cumulative update KB5062553 released in July 2025. The issue primarily affects environments using Virtual Desktop Infrastructure (VDI) and devices undergoing their first user…
U.S., International Partners Target Bulletproof Hosting Services
Agencies with the US and other countries have gone hard after bulletproof hosting services providers this month, including Media Land, Hypercore, and associated companies and individuals, while the FiveEyes threat intelligence alliance published BPH mitigation guidelines for ISPs, cloud providers,…
ADDA – 1,829,314 breached accounts
In March 2025, data allegedly breached from the ADDA housing societies service was posted to a public hacking forum. The data contained over 1.8M unique email addresses along with names, phone numbers and MD5 password hashes. This article has been…
IT Security News Hourly Summary 2025-11-23 00h : 1 posts
1 posts were published in the last hour 22:55 : IT Security News Daily Summary 2025-11-22
IT Security News Daily Summary 2025-11-22
36 posts were published in the last hour 18:2 : BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks 18:2 : Salesforce: Some Customer Data Accessed via Gainsight Breach 17:5 : IT Security News Hourly Summary 2025-11-22 18h…
BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks
APT24 used supply chain attacks and varied techniques to deploy the BadAudio malware in a long-running cyberespionage campaign. China-linked group APT24 used supply-chain attacks and multiple techniques over three years to deploy the BadAudio downloader and additional malware payloads, Google…
Salesforce: Some Customer Data Accessed via Gainsight Breach
An attack on the app of CRM platform-provider Gainsight led to the data of hundreds of Salesforce customers being compromised, highlighting the ongoing threats posed by third-party software in SaaS environments and illustrating how one data breach can lead to…
IT Security News Hourly Summary 2025-11-22 18h : 8 posts
8 posts were published in the last hour 17:2 : Quantum Computing Moves Closer to Real-World Use as Researchers Push Past Major Technical Limits 17:2 : China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services 16:34 : CrowdStrike…
Quantum Computing Moves Closer to Real-World Use as Researchers Push Past Major Technical Limits
The technology sector is preparing for another major transition, and this time the shift is not driven by artificial intelligence. Researchers have been investing in quantum computing for decades because it promises to handle certain scientific and industrial problems…
China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services
The China-linked advanced persistent threat (APT) group known as APT31 has been attributed to cyber attacks targeting the Russian information technology (IT) sector between 2024 and 2025 while staying undetected for extended periods of time. “In the period from 2024…
CrowdStrike Fires Worker Over Insider Leak to Scattered Lapsus Hunters
CrowdStrike fired an insider for selling internal screenshots to Scattered Lapsus$ Hunters for $25,000. Read how the security team detected the activity and protected customers. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto…
How to Block Ads Across Your Entire Home Network and Reduce Online Threats
In today’s hyper-connected world, ads have become nearly impossible to escape. From phones and laptops to smart TVs, every screen you own is constantly serving you promotional content. And while most ads are simply irritating, some can be genuinely…
Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities
Rapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining two security flaws to achieve unauthenticated remote code execution with root privileges.​ CVE ID Vulnerability Type Affected Product Impact CVE-2025-64446…
CrowdStrike Fires Employee for Leaking Internal System Info to Hackers
Cybersecurity giant CrowdStrike has terminated an employee who allegedly shared sensitive internal system information with a notorious hacking collective. The incident involved the leak of internal screenshots posted on a public Telegram channel operated by the threat group known as…
Hackers Use Salesforce Gainsight Breach to Access Data from More Than 200 Companies
Salesforce has disclosed a significant security incident involving unauthorized access to customer data through compromised Gainsight-published applications. The breach, detected in mid-November 2025, potentially exposed sensitive information from over 200 organizations that use the customer success platform integrated with Salesforce.…
CISA Issues Warning as Hackers Target Oracle Identity Manager RCE Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new Oracle vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that attackers are already exploiting it in real-world attacks. The bug, tracked as CVE-2025-61757, affects Oracle Identity Manager,…
GlobalLogic Moves to Protect Workforce After Oracle-related Data Theft
A new disclosure that underscores the increasing sophistication of enterprise-level cyberattacks underscores the need to take proactive measures against them. GlobalLogic has begun notifying more than ten thousand of its current and former employees that their personal information was…
DanaBot Malware Resurfaces With New Variant After Operation Endgame Disruption
Despite a coordinated international takedown earlier this year, the DanaBot malware has returned with a newly upgraded version, signaling yet another resurgence of a threat that has repeatedly evaded permanent shutdown. The fresh discovery comes roughly six months after…
GlobalLogic Moves to Protect Workforce After Oracle-Related Data Theft
A new disclosure that underscores the increasing sophistication of enterprise-level cyberattacks underscores the need to take proactive measures against them. GlobalLogic has begun notifying more than ten thousand of its current and former employees that their personal information was…
65% of Top AI Companies Leak Secrets on GitHub
Leading AI companies continue to face significant cybersecurity challenges, particularly in protecting sensitive information, as highlighted in recent research from Wiz. The study focused on the Forbes top 50 AI firms, revealing that 65% of them were found to…
The Security Landscape of Mobile Apps in Africa
CyLab-Africa researchers partner with mobile security provider for summer collaboration experience Researchers from CyLab-Africa and the Upanzi Network recently partnered with the mobile security provider Approov to explore the security of common financial services apps used across Africa. After surveying 224 popular financial applications,…
US Border Patrol Is Spying on Millions of American Drivers
Plus: The SEC lets SolarWinds off the hook, Microsoft stops a historic DDoS attack, and FBI documents reveal the agency spied on an immigration activist Signal group in New York City. This article has been indexed from Security Latest Read…
U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a an Oracle Fusion Middleware flaw, tracked as CVE-2025-61757  (CVSS score of 9.8), to its Known…
ShinyHunters Claims Data Theft from 200+ Companies via Salesforce Gainsight Breach
A sophisticated supply chain attack has reportedly compromised data across hundreds of organizations, linking the breach to a critical integration between customer success platform Gainsight and CRM giant Salesforce. The notorious hacking collective ShinyHunters is claiming responsibility for the intrusion,…