Cybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that’s targeting Windows users. Active since mid-2025, the threat is designed to execute arbitrary JavaScript code retrieved from a command-and-control (C2) server, Kaspersky researcher Lisandro Ubiedo said in an…
ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet. The activity, codenamed ShadowRay 2.0, is an…
Emerson Appleton UPSMON-PRO
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: Appleton UPSMON-PRO Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on affected…
ICAM365 CCTV Camera Multiple Models
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: iCam365 Equipment: P201 and QC021 Vulnerabilities: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in unauthorized exposure of camera video…
Opto 22 GRV-EPIC and groov RIO
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.5 ATTENTION: Exploitable remotely Vendor: Opto 22 Equipment: GRV-EPIC-PR1, GRV-EPIC-PR2, groov RIO Vulnerability: Improper Neutralization of Special Elements used in an OS Command 2. RISK EVALUATION Successful exploitation of this vulnerability could result…
NDSS 2025 – Detecting And Interpreting Inconsistencies In App Behaviors
SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Chang Yue (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Kai Chen (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Zhixiu Guo (Institute of Information…
How to update CRLs without public access using AWS Private CA
Certificates and the hierarchy of trust they create are the backbone of a secure infrastructure. AWS Private Certificate Authority is a highly available certificate authority (CA) that you can use to create private CA hierarchies, secure your applications and devices…
IT Security News Hourly Summary 2025-11-20 18h : 17 posts
17 posts were published in the last hour 17:4 : Oracle Identity Manager Exploit Observation from September (CVE-2025-61757), (Thu, Nov 20th) 17:4 : Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image 17:4 : What the Flock…
Oracle Identity Manager Exploit Observation from September (CVE-2025-61757), (Thu, Nov 20th)
Searchlight Cyber today released a blog detailing CVE-2025-61757, a vulnerability they reported to Oracle. Oracle released a patch for the vulnerability as part of its October Critical Patch Update, which was released on October 21st. This article has been indexed…
Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image
A critical remote code execution flaw in Microsoft’s Windows Graphics Component allows attackers to seize control of systems using specially crafted JPEG images. With a CVSS score of 9.8, this vulnerability poses a severe threat to Windows users worldwide, as…
What the Flock is happening with license plate readers?
What Flock’s ALPR cameras really collect, how they’re used in neighborhoods, and what you can do to stay in control. This article has been indexed from Malwarebytes Read the original article: What the Flock is happening with license plate readers?
Fired techie admits sabotaging ex-employer, causing $862K in damage
PowerShell script locked thousands of workers out of their accounts An Ohio IT contractor has pleaded guilty to breaking into his former employer’s systems and causing nearly $1 million worth of damage after being fired.… This article has been indexed…
FCC eliminates cybersecurity requirements for telecom companies
Commissioners sharply disagreed over whether the rules were appropriate and necessary. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: FCC eliminates cybersecurity requirements for telecom companies
Wordfence Intelligence Weekly WordPress Vulnerability Report (November 10, 2025 to November 16, 2025)
📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 📁 The LFInder Challenge: Refine your LFI hunting skills with an expanded scope. Now through November 24, 2025, all LFI vulnerabilities in software with at least 25 active installs are…
Bot Management for the Agentic Era
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: Bot Management for the Agentic Era
What Is Bloatware? + How to Remove It
Bloatware is unwanted software that comes pre-installed on your device and takes up space, slows performance or adds little real value. The post What Is Bloatware? + How to Remove It appeared first on Panda Security Mediacenter. This article has…
TP-Link accuses rival Netgear of ‘smear campaign’ over alleged China ties
Networking vendor claims rival helped portray it as a national-security risk in the US TP-Link is suing rival networking vendor Netgear, alleging that the rival and its CEO carried out a smear campaign by falsely suggesting, it says, that the…
New Ransomware Variants Targeting Amazon S3 Services Leveraging Misconfigurations and Access Controls
A new wave of ransomware attacks is targeting cloud storage environments, specifically focusing on Amazon Simple Storage Service (S3) buckets that contain critical business data. Unlike traditional ransomware that encrypts files using malicious software, these attacks exploit weak access controls…
Samourai Wallet Cryptocurrency Mixing Founders Jailed for Laundering Over $237 Million
The U.S. Attorney’s Office, Southern District of New York, has announced the sentencing of Keonne Rodriguez and William Lonergan Hill, co-founders of Samourai Wallet, a cryptocurrency mixing application designed specifically to hide illegal financial transactions. Rodriguez, who served as the…
Sturnus Banking Malware Steals Communications from Signal and WhatsApp, Gaining Full Control of The Device
A new banking malware called Sturnus has emerged as a significant threat to mobile users across Europe. Security researchers have discovered that this sophisticated Android trojan can capture encrypted messages from popular messaging apps like WhatsApp, Telegram, and Signal by…
Tsundere Botnet Abusing Popular Node.js and Cryptocurrency Packages to Attack Windows, Linux, and macOS Users
Tsundere represents a significant shift in botnet tactics, leveraging the power of legitimate Node.js packages and blockchain technology to distribute malware across multiple operating systems. First identified around mid-2025 by Kaspersky GReAT researchers, this botnet demonstrates the evolving sophistication of…
New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages
The Android malware is in development and appears to be mainly aimed at users in Europe. The post New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Security gap in Perplexity’s Comet browser exposed users to system-level attacks
There is a serious security problem inside Comet, the AI-powered agentic browser made by Perplexity, SquareX researchers say: Comet’s MCP API allows the browser’s built-in (but hidden from the user) extensions to issue commands directly to a user’s device, and…
UNC2891 Money Mule Network Reveals Full Scope of ATM Fraud Operation
A multi-year ATM fraud campaign by UNC2891 targeted two Indonesian banks, cloning cards, recruiting money mules and coordinating cash withdrawals This article has been indexed from www.infosecurity-magazine.com Read the original article: UNC2891 Money Mule Network Reveals Full Scope of ATM…