Meta on Tuesday said it has made available a tool called WhatsApp Research Proxy to some of its long-time bug bounty researchers to help improve the program and more effectively research the messaging platform’s network protocol. The idea is to make it easier to delve into WhatsApp-specific technologies as the application continues to be a lucrative attack surface for state-sponsored actors and

The second Release Candidate (“RC2”) for WordPress 6.9 is ready for download and testing! This version of the WordPress software is under development . Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it’s recommended that you evaluate RC2 on a test server and site. Reaching this phase of the release cycle is an important milestone

Cybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the use of a nascent command-and-control (C2) and red teaming framework known as Tuoni. “The campaign leveraged the emerging Tuoni C2 framework, a relatively new, command-and-control (C2) tool (with a free license) that delivers stealthy, in-memory payloads,”

Suspected espionage-driven threat actors from Iran have been observed deploying backdoors like TWOSTROKE and DEEPROOT as part of continued attacks aimed at aerospace, aviation, and defense industries in the Middle East. The activity has been attributed by Google-owned Mandiant to a threat cluster tracked as UNC1549 (aka Nimbus Manticore or Subtle Snail), which was first documented by the threat

You’ve probably already moved some of your business to the cloud—or you’re planning to. That’s a smart move. It helps you work faster, serve your customers better, and stay ahead. But as your cloud setup grows, it gets harder to control who can access what. Even one small mistake—like the wrong person getting access—can lead to big problems. We’re talking data leaks, legal trouble, and serious

Identity security fabric (ISF) is a unified architectural framework that brings together disparate identity capabilities. Through ISF, identity governance and administration (IGA), access management (AM), privileged access management (PAM), and identity threat detection and response (ITDR) are all integrated into a single, cohesive control plane. Building on Gartner’s definition of “identity

Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a cloaking service called Adspect to differentiate between real victims and security researchers to ultimately redirect them to sketchy crypto-themed sites. The malicious npm packages, published by a threat actor named “dino_reborn” between September and November 2025, are

? Nov 18, 2025 ? Ravie Lakshmanan Browser Security / Vulnerability Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 (CVSS score: 8.8), a type confusion vulnerability in the V8 JavaScript and WebAssembly engine that could be exploited to

Welcome to DEV, your fortnightly dose of WordPress news. Here’s your round-up of precious new tools, clever dev tricks, fresh features and community creations. One newsletter to rule them all, forged in the fires of WPMU DEV. Stick around to the end to see a Weakest Link answer that had the other contestants weak in the knees with giggles. In today’s edition: Crocoblock wants your thoughts: Take

On October 24, 2025, Microsoft Azure weathered the largest Distributed-Denial-of-Service ( DDoS ) attack ever recorded in the cloud. This massive digital assault, peaking at 15.72 Terabits per second (Tbps) and nearly 3.64 billion packets per second (pps), targeted a single endpoint in Australia. Fortunately, according to Microsoft, its Azure global protection system automatically caught and filt

Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 (CVSS score: 8.8), a type confusion vulnerability in the V8 JavaScript and WebAssembly engine that could be exploited to achieve arbitrary code execution or program crashes. “Type

Pierluigi Paganini November 17, 2025 Microsoft says the Aisuru botnet launched a 15.7 Tbps DDoS on Azure from 500k IPs, using massive UDP floods peaking at 3.6 B pps. On October 24, 2025, Azure DDoS Protection detected and mitigated a massive multi-vector attack peaking at 15.72 Tbps and 3.64 billion pps, the largest cloud DDoS ever recorded, aimed at a single Australian endpoint. Azure’s global

The police in the Netherlands have seized around 250 physical servers powering a bulletproof hosting service in the country used exclusively by cybercriminals for providing complete anonymity. Politie, the police force in the Netherlands, did not name the service but said that it has been used for illicit activities since 2022, and has emerged in more than 80 cybercrime investigations, both domes

A Princeton University database was compromised in a cyberattack on November 10, exposing the personal information of alumni, donors, faculty members, and students. According to a FAQ page issued on Saturday, the threat actors breached Princeton’s systems by targeting a University employee in a phishing attack. This allowed them to gain access to “biographical information pertaining to University

Eurofiber France disclosed a data breach it discovered late last week when hackers gained access to its ticket management system by exploiting a vulnerability and exfiltrated information. Eurofiber France SAS is the French unit of the Eurofiber Group N.V., a Dutch telecommunications service provider that operates a fiber network of 76,000 km across the Netherlands, Belgium, France, and Germany.

Everest ransomware gang is claiming to have breached Under Armour , the American sportswear giant, and stolen 343 GB of internal company data, employee information, along with personal data of millions from various countries. The claims were published earlier today on the group’s official dark web leak site. Sample Data Includes Sensitive Customer and Product Information As seen by Hackread.com,

New research from the AI security firm HiddenLayer has exposed a vulnerability in the safety systems of today’s most popular Large Language Models (LLMs) like GPT-5.1, Claude , and Gemini . This flaw, discovered in early 2025 and dubbed EchoGram, allows simple, specially chosen words or code sequences to completely trick the automated defences, or guardrails, meant to keep the AI safe. What is Ec

Choosing between WordPress, Wix, and Squarespace in 2025 comes down to how much control you want, how fast you need to launch, and whether you care more about customization or convenience. All three can produce a professional site. The right pick depends on your goals. Short answer WordPress is best […] The post appeared first on .

This week showed just how fast things can go wrong when no one’s watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms. It’s not just about hacking anymore. Criminals are building systems to make money, spy, or spread malware like it’s a business. And in some cases, they’re using the same

Phishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps. LinkedIn in particular has become a hotbed for phishing attacks, and for good reason. Attackers are running sophisticated spear-phishing attacks against company executives, with recent campaigns seen targeting

The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT. The campaign, which is primarily aimed at Chinese-speaking users, employs trojanized NSIS installers masquerading as legitimate like Google Chrome and Microsoft Teams, according to Elastic Security Labs. “The

Back in 2023, I announced that our WPBeginner Growth Fund had taken an investment stake in Seahawk Media, a promising WordPress services company. Our goal was to combine their service expertise with our platform to launch WPBeginner Pro Services and offer our users high-quality development and maintenance solutions across our product brands. During our partnership, we are proud to have helped Sea

Marshall Sahlins and others showed that early hunter gatherer societies generally didn’t work very hard. Two or three hours a day were spent gathering food, and the rest of the time was for social engagement and family. With all the technology and innovation that has followed, why do we work four times as hard? One reason is leverage. The tools we have offer apparently bigger prizes in exchange f

Google has disclosed that the company’s continued adoption of the Rust programming language in Android has resulted in the number of memory safety vulnerabilities falling below 20% of total vulnerabilities for the first time. “We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android’s C and C++ code. But the biggest surprise was

AIPAC (American Israel Public Affairs Committee) has announced a data breach linked to an external system breach that involved an unknown third-party company. The disclosure appeared in a notification submitted to the Maine attorney general’s office on November 14 2025. 4 Months of Access The filing states that the data breach was identified on August 28, 2025, when files stored on AIPAC systems

Every one of the pings, dings and clicks on this page gives me the hives. Run them in a quick sequence and I need to leave the room. They are our Pavlovian bells, designed to trigger us into action. At the bottom right is a button that says ‘stop all.’ That’s a useful idea. We didn’t sign up for this all at once. We were seduced into becoming trained seals gradually, fish by fish. Important work

The decades-old “finger” command is making a comeback,, with threat actors using the protocol to retrieve remote commands to execute on Windows devices. In the past, people used the finger command to look up information about local and remote users on Unix and Linux systems via the Finger protocol, a command later added to Windows. While still supported, it’s rarely used today compared to its pop

Pierluigi Paganini November 15, 2025 Researchers found a critical vulnerability in GoSign Desktop: TLS Certificate Validation Disabled and Unsigned Update Mechanism. GoSign is an advanced and qualified electronic signature solution developed by Tinexta InfoCert S.p.A., used by public administrations, businesses, and professionals to manage approval workflows with traceability and security.

Hardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July. Logitech International S.A. is a Swiss multinational electronics company that sells hardware and software solutions, including computer peripherals, gaming, video collaboration, music, and smart home prod

Executive Summary We have identified two interconnected malware campaigns active throughout 2025, using large-scale brand impersonation to deliver Gh0st remote access Trojan (RAT) variants to Chinese-speaking users. From the first campaign to the second, the adversary advanced from simple droppers to complex, multi-stage infection chains that misuse legitimate, signed software to bypass modern de

Pierluigi Paganini November 15, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiWeb flaw, tracked as CVE-2025-64446 (CVSS score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog . The vulnerability is a re

The U.S. Department of Justice (DoJ) on Friday announced that five individuals have pleaded guilty to assisting North Korea’s illicit revenue generation schemes by enabling information technology (IT) worker fraud in violation of international sanctions. The five individuals are listed below – Audricus Phagnasay, 24 Jason Salazar, 30 Alexander Paul Travis, 34 Oleksandr Didenko, 28, and Erick Ntek

The U.S. Department of Justice (DoJ) on Friday announced that five individuals have pleaded guilty to assisting North Korea’s illicit revenue generation schemes by enabling information technology (IT) worker fraud in violation of international sanctions. The five individuals are listed below – Audricus Phagnasay, 24 Jason Salazar, 30 Alexander Paul Travis, 34 Oleksandr Didenko, 28, and Erick

If someone hands you a deck, you can be sure there are 52 cards covering four suits. The universe is finite. The cards are the cards, and games work precisely for that reason. Every deck is the same, and all the players have the same options. Some of the systems we compete in have a limited number of cards, known to all. More often, though, there is the possibility of surprise. Options that weren

Have you ever thought about how a WordPress theme can shape your website’s look and feel? Picking the right one isn’t just about color or design; it’s about creating a website that feels natural, loads fast, and gives your visitors the best experience. If you’re planning to start your site or thinking of changing your […] Read More… The post appeared first on Learn WordPress with WPLift .

The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign. The activity, detected in early September 2025 and assessed to be ongoing, has been codenamed SpearSpecter by the Israel National Digital Agency (INDA). “The campaign has

Pierluigi Paganini November 14, 2025 A vulnerability affecting Imunify360 lets attackers run code via malicious file uploads, risking millions of websites. A vulnerability in ImunifyAV/Imunify360 allows attackers to upload malicious files to shared servers and execute arbitrary code, potentially exposing millions of websites, cybersecurity firm Patchstack warns. The flaw in Imunify360 AV before

UK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom. The company says that although the stolen data affects a significant portion of its merchant base, it will not pay a ransom and will instead invest in strengthening its security. Checkout operates checkout.com and

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. “These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ (ZMQ) and Python’s pickle deserialization,”

The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign. The activity, detected in early September 2025 and assessed to be ongoing, has been codenamed SpearSpecter by the Israel National Digital Agency (INDA). “The

Germany’s Pierluigi Paganini November 14, 2025 Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems. Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems and mitigate related risks. A significant and evolving threat to AI systems based on large language

ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models. Tracked as CVE-2025-59367 , this vulnerability allows remote, unauthenticated attackers to log into unpatched devices exposed online in low-complexity attacks that don’t require user interaction. ASUS has released firmware version 1.1.2.3_1010 to address this vulnerab

Key Takeaways: 85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date. 1,590 victims disclosed across 85 leak sites, showing high, sustained activity despite law-enforcement pressure. 14 new ransomware brands launched this quarter, proving how quickly affiliates reconstitute after takedowns. LockBit’s reappearance with

You update WordPress expecting everything to run more smoothly, but instead…your website seems broken. Maybe the layout has shifted, a plugin stopped working, or you’re suddenly seeing error messages. It’s frustrating, but it’s also very common. Most WordPress crashes look worse than they actually are and can usually be fixed in just a few minutes. Plus, you don’t need to be a developer to get th

State-sponsored threat actors from China used artificial intelligence (AI) technology developed by Anthropic to orchestrate automated cyber attacks as part of a “highly sophisticated espionage campaign” in mid-September 2025. “The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree – using AI not just as an advisor, but to execute the cyber attacks themselves,” the AI upstart

DoorDash has disclosed a data breach that hit the food delivery platform this October. Beginning yesterday evening, DoorDash, which serves millions of customers across the U.S., Canada, Australia, and New Zealand, started emailing those impacted by the newly discovered security incident. Your personal information affected “On October 25, 2025, our team identified a cybersecurity incident that inv

I’m not sure this is the right word for it, but we certainly need one. Not ‘entrepreneurship’ which is a distinct skill. That term is usually reserved for people who start at zero and get to one, and mostly for people who operate in small businesses creating financial value through assets and equity. But what about the person who navigates an important non-profit through changing times? Or a prod

“It’s not enough to be a hospitality business anymore,” small-business owner Shelley Pippin says. “You need to be an event business.” Here’s why Brewnuts has been so successful at using events to carve out a niche for themselves, and what small- and medium-sized business marketers can learn from “Ohio’s first and only doughnut bar,” regardless of your industry . Meet the Master Shelley Pippin Fou

Cybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet FortiWeb Web Application Firewall (WAF) that could allow an attacker to take over admin accounts and completely compromise a device. “The watchTowr team is seeing active, indiscriminate in-the-wild exploitation of what appears to be a silently patched vulnerability in Fortinet’s FortiWeb

The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack. The news organization is one of the largest daily newspapers in the U.S. with approximately 2.5 million digital subscribers. Between July 10 and August 22, threat actors accessed parts of its network. They leveraged a vulnerabili

The ImunifyAV malware scanner for Linux servers, used by tens of millions of websites, is vulnerable to a remote code execution vulnerability that could be exploited to compromise the hosting environment. The issue affects versions of the AI-bolit malware scanning component prior to 32.7.4.0. The component is present in the Imunify360 suite, the paid ImunifyAV+, and in ImunifyAV, the free version

Starting a business in Arizona can be an exciting venture, but creating a marketing campaign that resonates with your audience is essential for your success. Whether you’re based in Phoenix, Tucson, or any other part of the state, understanding your local market and crafting a strategic marketing plan is crucial. This guide will walk you through the process, providing actionable insights that wil

Encountering the ERR_TOO_MANY_REDIRECTS error (also called a redirect loop error) can be frustrating, especially when your website was working fine just moments ago. This issue is common across browsers such as Chrome, Firefox, and Edge and it typically means your site has entered a redirection loop. In this post, you’ll learn what the error means, why it occurs, ways to identify where the redire

A Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year. The activity, per Netcraft security researcher Andrew Brandt, is designed to target customers of the hospitality industry, specifically hotel guests who may have travel reservations with spam emails. The campaign is said to have begun in earnest around

Picking web hosting should not feel like learning a new language. You can make a confident choice in minutes by matching your situation to the right plan type, then following a simple setup and upgrade path. This plain English guide for first-timers is here to help you decide what is […] The post appeared first on .

A fast-spreading threat, known as the screen-sharing scam, is using a simple feature on WhatsApp to steal money and personal data, according to an analysis from the research firm ESET (published on November 5, 2025). This scam, which takes advantage of the screen-sharing tool available since 2023 , has already led to massive losses worldwide, including a case in Hong Kong where a victim lost appr

Monthly brief which contains analysis of several recent cyber threats posed by China, Russia, Iran, and North Korea. One of which involved novel malware that interacts with LLMs. submitted by /u/Due_Search_8040 [link] [comments]

In a massive global operation called Operation Endgame , police forces have taken down the core systems of three major online crime groups, including the Rhadamanthys infostealer, the VenomRAT remote control tool, and the Elysium botnet. The operation took place between November 10 and 13, 2025, and was managed from Europol’s main office in The Hague, Netherlands. The operation was also supported

The Race for Every New CVE Based on multiple 2025 industry reports: roughly 50 to 61 percent of newly disclosed vulnerabilities saw exploit code weaponized within 48 hours. Using the CISA Known Exploited Vulnerabilities Catalog as a reference, hundreds of software flaws are now confirmed as actively targeted within days of public disclosure. Each new announcement now triggers a global race

Malware families like Rhadamanthys Stealer, Venom RAT, and the Elysium botnet have been disrupted as part of a coordinated law enforcement operation led by Europol and Eurojust. The activity, which took place between November 10 and 13, 2025, marks Please remove image compression the latest phase of Operation Endgame, an ongoing operation designed to take down criminal infrastructures and combat

Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort. “The packages were systematically published over an extended period, flooding the npm registry with junk packages that survived in the ecosystem for almost two years,” Endor Labs research

Want to tap into an overlooked advertising platform that delivers strong results? Wondering how to leverage Pinterest ads to reach new customers and scale your revenue? In this article, you’ll discover how to create and optimize Pinterest ad campaigns that convert Why Marketers Should Consider Pinterest Ads Pinterest offers a significant opportunity that most marketers […] The post appeared firs

Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us. But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger systems to keep people safe. It’s a constant race — every

When the long-term cost of our situation is uncomfortably linked to the short-term expense and pain of changing the situation, it’s easy to feel stuck. One way to deal with the feeling is to insist that there’s no way to change the situation. That the price we’ll have to pay upfront is so big, we simply have to live with the day to day consequences, forever. An alternative is to realize that we m

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including

Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort. “The packages were systematically published over an extended period, flooding the npm registry with junk packages that survived in the ecosystem for almost two years,”