Month: November 2025

Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel. The company’s Detection and Response Team (DART) discovered the new malware, named SesameOp, during an investigation into a July 2025 cyberattack, which revealed that the malware allowed attackers to gain persistent access to the compromised

Hackers are abusing LinkedIn to target finance executives with direct-message phishing attacks that impersonate executive board invitations, aiming to steal their Microsoft credentials. The campaign was spotted by Push Security, which says it recently blocked one of these phishing attacks that began with a LinkedIn message containing a malicious link. BleepingComputer has learned that these

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance to help IT administrators harden Microsoft Exchange servers on their networks against attacks. Recommended best practices include hardening user authentication and access, minimizing application attack surfaces, and ensuring strong network encryption. The agencies also advise network defenders to decommission

A hacker has taken responsibility for last week’s University of Pennsylvania “We got hacked” email incident, saying it was a far more extensive breach that exposed data on 1.2 million donors and internal documents. On Friday, University of Pennsylvania alumni and students began receiving multiple offensive emails from Penn.edu addresses claiming the university had been

Peter Williams, an Australian national and a former general manager at U.S. defense contractor L3Harris Trenchant, has pleaded guilty in U.S. District Court to stealing and selling confidential cybersecurity information to a Russian vulnerability exploit broker. The illegal activity took place between 2022 and 2025, when Williams stole at least eight protected exploit components from

The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in a supply chain attack. The leak was discovered by Wiz researchers two weeks ago, when they reported an exposure of over 550 secrets across Microsoft VSCode and Open VSX

American business services giant Conduent has confirmed that a 2024 data breach has impacted over 10.5 million people, according to notifications filed with the US Attorney General’s offices. Conduent is an American business process outsourcing (BPO) company that provides digital platforms and services for governments and enterprises. The company was spun off from Xerox in 2017

A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. According to Arctic Wolf Labs, the attack chain begins with spearphishing emails that lead to the delivery of malicious LNK files themed around NATO defense procurement workshops, European Commission border facilitation meetings, and various

CISA confirmed on Thursday that a high-severity privilege escalation flaw in the Linux kernel is now being exploited in ransomware attacks. While the vulnerability (tracked as CVE-2024-1086) was disclosed on January 31, 2024, as a use-after-free weakness in the netfilter: nf_tables kernel component and was fixed via a commit submitted in January 2024, it was

The Russian authorities have arrested three individuals in Moscow who are believed to be the creators and operators of the Meduza Stealer information-stealing malware. The action was announced on Telegram by Irina Volk, a police general and official from the Russian Ministry of Internal Affairs. “A group of hackers who created the infamous ‘Meduza’ virus have been