IT Security Weekend Catch Up – November 28, 2025

Comments
close searching

28.11.2025 | 16:51

IT Security Weekend Catch Up – November 28, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – November 28, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. OUCH! November 2025: ‘Tis the season to be skeptical - shopping online securely
  2. CrowdStrike catches insider feeding information to hackers
  3. Founders of Samourai Wallet cryptocurrency mixing service sentenced to five and four years in prison
  4. Ransomware attack disrupts local emergency alert system across US
  5. OpenAI: What to know about a recent Mixpanel security incident

For the more technical

  1. How macOS file metadata exposes authentication tokens
  2. Thick client penetration testing guide 2025
  3. Desktop application security testing checklist 2025
  4. Counter Galois Onion: Improved encryption for Tor circuit traffic
  5. The unpowered SSDs in your drawer are slowly losing your data
  6. When updates backfire: RCE in Windows Update Health Tools
  7. Grafana warns of max severity admin spoofing vulnerability
  8. Critical vulnerabilities in FluentBit expose cloud environments to remote takeover
  9. Stop putting your passwords into random websites (yes, seriously, you are the problem)
  10. HashJack – novel indirect prompt injection against AI browser assistants
  11. The dual-use dilemma of AI: Malicious LLMs
  12. Analyzing the latest Sneaky2FA Browser-in-the-Browser phishing page
  13. ClickFix gets creative: Malware buried in images
  14. Russian-linked StealC V2 campaign targeting Blender users via malicious .blend files
  15. Fake Battlefield 6 pirated versions and game trainers used to deploy stealers and C2 agents
  16. WhatsApp compromise leads to Astaroth deployment
  17. Brazilian campaign: Spreading the malware via WhatsApp
  18. FlexibleFerret malware continues to strike
  19. Shai-Hulud 2.0 supply chain attack: 25K+ repos exposing secrets
  20. ShadowV2 casts a shadow over IoT devices
  21. Beyond the watering hole: APT24's pivot to multi-vector attacks
  22. Kimsuky’s ongoing evolution of KimJongRAT and expanding threats
  23. APT35 internal leak of hacking campaigns against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and domestic Iranian targets
  24. A sophisticated Water Gamayun APT group attack

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical OUCH! November 2025: ‘Tis the season to be skeptical - shopping online securely CrowdStrike catch 2025-11-28T16:51:14+01:00

Comments