IT Security Weekend Catch Up – November 21, 2025

Comments
close searching

21.11.2025 | 17:54

IT Security Weekend Catch Up – November 21, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – November 21, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. The GDPR proposal unveiled officially
  2. Lawmakers want to ban VPNs—and they have no idea what they're doing
  3. Dutch police seizes 250 servers used by “bulletproof hosting” service
  4. Defending the cloud: Azure neutralized a record-breaking 15 Tbps DDoS attack
  5. Logitech confirms data breach after Clop extortion attack
  6. Surveillance tech provider Protei was hacked, its data stolen, and its website defaced

For the more technical

  1. Google fixes new Chrome zero-day flaw exploited in attacks
  2. Native Sysmon functionality coming to Windows
  3. XWiki under increased attack
  4. Operation WrtHug, the global espionage campaign hiding in your home router
  5. When the impersonation function gets used to impersonate users (Fortinet FortiWeb auth. bypass CVE-2025-64446)
  6. Cloudflare outage on November 18, 2025 post mortem
  7. Cloud abuse at scale. TruffleNet, AWS SES, and Business Email Compromise
  8. Breaking down S3 ransomware: Variants and attack paths
  9. Cat’s got your files: Lynx ransomware
  10. License to encrypt: “The Gentlemen” make their move
  11. Hide me again: The updated multi-payload .NET steganography loader that includes Lokibot
  12. DarkComet RAT malware hidden inside fake Bitcoin tool
  13. RoningLoader: DragonBreath’s new path to PPL abuse
  14. Maverick and Coyote: Analyzing the link between two evolving Brazilian banking trojans
  15. SpiderLabs IDs new banking trojan distributed through WhatsApp
  16. Sturnus: Mobile banking malware bypassing WhatsApp, Telegram and Signal encryption
  17. Cooking up trouble: How TamperedChef uses signed apps to deliver stealthy payloads
  18. Digital doppelgangers: Anatomy of evolving impersonation campaigns distributing Gh0st RAT
  19. DigitStealer: a JXA-based infostealer that leaves little footprint
  20. ClickFix: Tricking users into installing infostealers
  21. Evalusion campaign delivers Amatera stealer and NetSupport RAT
  22. Distribution of malware abusing LogMeIn and PDQ Connect
  23. PlushDaemon compromises network devices for adversary-in-the-middle attacks
  24. Analysis of UNC1549 TTPs, custom tools, and malware targeting the aerospace and defense ecosystem
  25. How North Korea hacked South Korea: Dark Seoul
  26. New DPRK remote IT worker insights
  27. A pain in the mist: Navigating operation DreamJob’s arsenal
  28. Lazarus group targets Aerospace and Defense with new Comebacker variant

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical The GDPR proposal unveiled officially Lawmakers want to ban VPNs—and they have no idea what they' 2025-11-21T17:54:25+01:00

Comments