Cybersecurity

Weekly Update 478

CybersecurityNovember 18, 2025

This week, it was an absolute privilege to be at Europol in The Hague, speaking about cyber offenders and at the InterCOP conference and...

November Patch Tuesday does its chores – Sophos News

CybersecurityNovember 17, 2025

Microsoft on Tuesday announced 63 patches affecting 13 product families. Four of the addressed issues are considered by Microsoft to be of Critical severity,...

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

CybersecurityNovember 16, 2025

Nov 15, 2025Ravie LakshmananMalware / Vulnerability The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that...

Phundamental or pholly? – Sophos News

CybersecurityNovember 15, 2025

On paper, it sounds so simple: you prepare for the real thing by running simulations. After all, the same principle applies to countless disciplines:...

The BetterBank DeFi protocol exploited for reward minting

CybersecurityNovember 14, 2025

Executive summary From August 26 to 27, 2025, BetterBank, a decentralized finance (DeFi) protocol operating on the PulseChain network, fell victim to a sophisticated exploit...

Formbook Delivered Through Multiple Scripts

CybersecurityNovember 13, 2025

When I’m teachning FOR610, I always say to my students that reverse engineering does not only apply to “executable files” (read: PE or ELF...

Russian hacker admits helping Yanluowang ransomware infect companies

CybersecurityNovember 12, 2025

A Russian hacker accused of helping ransomware gangs break into businesses across the United States is set to plead guilty, according to recently filed...

Tanya – Darknet Diaries

CybersecurityNovember 11, 2025

Full Transcript Tanya Janca is a globally recognized AppSec (application security) expert and founder of We Hack Purple. In this episode,...

In memoriam: David Harley

CybersecurityNovember 10, 2025

Former colleagues and friends remember the cybersecurity researcher, author, and mentor whose...

2 Billion Email Addresses Were Exposed, and We Indexed Them All in Have I Been Pwned

CybersecurityNovember 9, 2025

I hate hyperbolic news headlines about data breaches, but for the "2...

Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data – Sophos News

CybersecurityNovember 8, 2025

Counter Threat Unit™ (CTU) researchers are investigating exploitation of a remote code execution vulnerability (CVE-2025-59287) in Microsoft’s Windows Server Update Service (WSUS), a native...

Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp

CybersecurityNovember 7, 2025

Nov 07, 2025Ravie LakshmananMobile Security / Vulnerability A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a "commercial-grade"...

1 234 5 Page 3 of 5

Cybersecurity

Recent articles

State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns

Grifter – Darknet Diaries

What parents should know to protect their children from doxxing

Weekly Update 479

WhatsApp compromise leads to Astaroth deployment – Sophos News

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys