Remcos, a commercial remote access tool distributed by Breaking-Security and marketed as “Remote Administration Software,” continues to pose a significant threat to organizations worldwide. Despite its administrative positioning, the tool’s capabilities are routinely weaponized for unauthorized access and data theft,…
Imunify AI-Bolit Flaw Allows Arbitrary Code Execution and Root Privilege Escalation
A critical vulnerability was discovered in the AI-Bolit component of Imunify security products, raising concerns across the web hosting and Linux server communities. This flaw could let attackers execute arbitrary code and escalate their privileges to root, risking the integrity…
Threat Actors Use Compromised RDP to Deploy Lynx Ransomware After Deleting Backups
A sophisticated threat actor has orchestrated a multi-stage ransomware attack spanning nine days, leveraging compromised Remote Desktop Protocol (RDP) credentials to infiltrate a corporate network, exfiltrate sensitive data, and deploy Lynx ransomware across critical infrastructure. The attack initiated with a…
W3 Total Cache Security Vulnerability Exposes One Million WordPress Sites to RCE
A critical security flaw has been discovered in the widely used W3 Total Cache WordPress plugin, putting over 1 million websites at serious risk. The vulnerability allows attackers to take complete control of affected websites without needing any login credentials.…
What if your romantic AI chatbot can’t keep a secret?
Does your chatbot know too much? Think twice before you tell your AI companion everything. This article has been indexed from WeLiveSecurity Read the original article: What if your romantic AI chatbot can’t keep a secret?
Microsoft Mitigates Record 5.72 Tbps DDoS Attack Driven by AISURU Botnet
Microsoft on Monday disclosed that it automatically detected and neutralized a distributed denial-of-service (DDoS) attack targeting a single endpoint in Australia that measured 5.72 terabits per second (Tbps) and nearly 3.64 billion packets per second (pps). The tech giant said…
CISA Warns of Critical Lynx+ Gateway Vulnerability Exposes Data in Cleartext
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about a severe vulnerability in Lynx+ Gateway devices that could expose sensitive information in clear text during transmission. The flaw allows attackers to catch network traffic and obtain…
Google Reveals Public Preview of Alert Triage and Investigation Agent for Security Operations
Google has announced the public preview of its Alert Triage and Investigation agent, a significant advancement in artificial intelligence-driven security operations. The intelligent agent is now embedded directly within Google Security Operations, helping security teams process alerts faster and more effectively.…
Azure hit by DDoS, Kenyan government sites recover, EVALUSION emerges
Azure hit by DDoS using 500K IPs Kenyan government websites back online EVALUSION emerges Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn’t catching everything — and cybercriminals know it. That’s why there’s KnowBe4’s Cloud Email Security platform.…
IT Security News Hourly Summary 2025-11-18 09h : 2 posts
2 posts were published in the last hour 7:38 : KongTuke activity, (Tue, Nov 18th) 7:38 : Chrome 142 Update Patches Exploited Zero-Day
KongTuke activity, (Tue, Nov 18th)
Introduction This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: KongTuke activity, (Tue, Nov 18th)
Chrome 142 Update Patches Exploited Zero-Day
The flaw was reported by Google’s Threat Analysis Group and was likely exploited by a commercial spyware vendor. The post Chrome 142 Update Patches Exploited Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Dutch police takes down bulletproof hosting hub linked to 80+ cybercrime cases
Dutch police seized 250 servers running a bulletproof hosting service tied to cybercriminals and linked to over 80 investigations since 2022. Dutch police Politie, seized 250 servers running an unnamed bulletproof hosting service used solely by cybercriminals. Active since 2022,…
Threat Actors Leveraging Compromised RDP Logins to Deploy Lynx Ransomware After Deleting Server Backups
Lynx ransomware has emerged as a significant threat to enterprise environments, with recent intrusions demonstrating sophisticated attack strategies that prioritize data exfiltration and infrastructure destruction. The malware campaign combines compromised credentials with careful planning to ensure maximum impact on target…
How attackers use patience to push past AI guardrails
Most CISOs already assume that prompt injection is a known risk. What may come as a surprise is how quickly those risks grow once an attacker is allowed to stay in the conversation. A new study from Cisco AI Defense…
What security pros should know about insurance coverage for AI chatbot wiretapping claims
AI-powered chatbots raise profound concerns under federal and state wiretapping and eavesdropping statutes that is being tested by recent litigation, creating greater exposure to the companies and developers that use this technology. Security professionals that integrate AI-chatbots into their business…
Agentic AI puts defenders on a tighter timeline to adapt
Security teams know that attackers rarely wait for defenders to be ready. The latest AI Maturity in Cybersecurity Report from Arkose Labs shows how quickly the threat landscape is shifting and how slowly organizations can respond in comparison. Attackers test…
Azure Cloud Mitigates Record 15.7 Tbps DDoS Attack From Aisuru Botnet Threat
In a stark display of modern cyber warfare capabilities, Microsoft Azure successfully deflected the largest distributed denial-of-service (DDoS)… The post Azure Cloud Mitigates Record 15.7 Tbps DDoS Attack From Aisuru Botnet Threat appeared first on Hackers Online Club. This article…
The privacy panic around machine learning is overblown
We often hear warnings about how machine learning (ML) models may expose sensitive information tied to their training data. The concern is understandable. If a model was trained on personal records, it may seem reasonable to assume that releasing it…
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 (CVSS score: 8.8), a type confusion vulnerability in…
IBM AIX Vulnerabilities Let Remote Attacker Execute Arbitrary Commands
IBM has released critical security updates addressing two severe vulnerabilities in its AIX operating system that could allow remote attackers to execute arbitrary commands on affected systems. Both vulnerabilities stem from improper process controls in essential IBM AIX services. Critical…
Cybersecurity jobs available right now: November 18, 2025
Application Security Engineer Vim | Israel | Hybrid – View job details As an Application Security Engineer, you will conduct internal penetration testing against Vim’s applications and APIs. Design, build, and implement the Secure SDLC process, integrating security into all…
IT Security News Hourly Summary 2025-11-18 06h : 1 posts
1 posts were published in the last hour 4:40 : Landfall Spyware Exploited a Samsung Image Flaw to Secretly Target Users For Nearly a Year
Landfall Spyware Exploited a Samsung Image Flaw to Secretly Target Users For Nearly a Year
Security specialists at Palo Alto Networks’ Unit 42 have uncovered a complex spyware tool named Landfall that silently infiltrated certain Samsung Galaxy phones for close to a year. The operation relied on a serious flaw in Samsung’s Android image-processing system,…