Latest Cybersecurity News and Articles
04 November 2025
Threat actors engage in elaborate attack chains to infect trucking and logistics companies with remote access tools.
The post Transportation Companies Hacked to Steal Cargo appeared first on SecurityWeek.
04 November 2025
Details have emerged about a now-patched critical security flaw in the popular "@react-native-community/cli" npm package that could be potentially exploited to run malicious operating system (OS) commands under certain conditions.
"The vulnerability allows remote unauthenticated attackers to easily trigger arbitrary OS command execution on the machine running react-native-community/cli's
04 November 2025
Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious impersonation and social engineering attacks.
The vulnerabilities "allowed attackers to manipulate conversations, impersonate colleagues, and exploit notifications," Check Point said in a report shared with The Hacker News.
Following responsible disclosure in March
04 November 2025
For Agarwal, being a hacker is not what you do, but who you are; that is, someone who always questions the status quo and questions how it could be different.
The post Hacker Conversations: Kunal Agarwal and the DNA of a Hacker appeared first on SecurityWeek.
04 November 2025
A component of the newly discovered SesameOp backdoor uses the API to store and relay commands from the C&C server.
The post SesameOp Malware Abuses OpenAI API appeared first on SecurityWeek.
04 November 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Nov. 4, 2025 – Read the full story in AuthoredUp Last last year Ivana Todorović named the top 24 cybersecurity influencers on LinkedIn to follow in 2025. Todoric has deep experience on LinkedIn
The post Top Cybersecurity Influencers on LinkedIn in 2025 appeared first on Cybercrime Magazine.
04 November 2025
Bugcrowd said the acquisition of Mayhem has nearly doubled its valuation — previously reported at over $1 billion.
The post Bugcrowd Acquires Application Security Firm Mayhem appeared first on SecurityWeek.
04 November 2025
Apple has released iOS 26.1 and macOS Tahoe 26.1 with patches for over 100 vulnerabilities, including critical flaws.
The post Apple Patches 19 WebKit Vulnerabilities appeared first on SecurityWeek.
04 November 2025
Ransomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the digital landscape, affecting individuals, businesses, and critical infrastructure worldwide.
A ransomware attack typically begins when the malware infiltrates a system through various vectors such as
04 November 2025
Threat actors are leveraging weaponized attachments distributed via phishing emails to deliver malware likely targeting the defense sector in Russia and Belarus.
According to multiple reports from Cyble and Seqrite Labs, the campaign is designed to deploy a persistent backdoor on compromised hosts that uses OpenSSH in conjunction with a customized Tor hidden service that employs obfs4 for
04 November 2025
SPLX red teaming, asset management, and threat inspection technology will enable Zscaler to expand its Zero Trust Exchange platform.
The post Zscaler Acquires AI Security Company SPLX appeared first on SecurityWeek.
04 November 2025
The November 2025 Android patches resolve two vulnerabilities, both in the platform’s System component.
The post Android Update Patches Critical Remote Code Execution Flaw appeared first on SecurityWeek.
04 November 2025
Google's artificial intelligence (AI)-powered cybersecurity agent called Big Sleep has been credited by Apple for discovering as many as five different security flaws in the WebKit component used in its Safari web browser that, if successfully exploited, could result in a browser crash or memory corruption.
The list of vulnerabilities is as follows -
CVE-2025-43429 - A buffer overflow
04 November 2025
Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat (aka ALPHV) ransomware between May and November 2023 and extorting them.
Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co–conspirator (aka "Co-Conspirator 1") based in Florida, all U.S. nationals, are said to have used the ransomware strain against a medical
04 November 2025
Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface (API) for command-and-control (C2) communications.
"Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised
03 November 2025
Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck.
According to Secure Annex's John Tuckner, the extension in question, juan-bianco.solidity-vlang (version 0.0.7), was first published on October 31, 2025, as a completely benign library that was subsequently updated to version 0.0.8 on November 1 to
03 November 2025
Yuriy Igorevich Rybtsov, aka MrICQ, was arrested in Italy and lost his appeal to avoid extradition to the US.
The post Ukrainian Extradited to US Faces Charges in Jabber Zeus Cybercrime Case appeared first on SecurityWeek.
03 November 2025
To deploy AI tools securely and ethically, teams must balance innovation with accountability—establishing strong governance, upskilling developers, and enforcing rigorous code reviews.
The post How Software Development Teams Can Securely and Ethically Deploy AI Tools appeared first on SecurityWeek.
03 November 2025
CISO burnout is increasing. Are we simply more aware of the condition? Or have demands on the CISO grown and burnout is now the inevitable result?
The post CISO Burnout – Epidemic, Endemic, or Simply Inevitable? appeared first on SecurityWeek.
03 November 2025
Kolter leads a panel at OpenAI that has the authority to halt the ChatGPT maker’s release of new AI systems if it finds them unsafe.
The post Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases appeared first on SecurityWeek.