The Friday Wrap up
@thefwu.com
Your daily, and weekly, cybersecurity digest. I curate and categorize the day's and week's top security incidents, vulnerabilities, and threats. Essential intelligence without the overwhelm.
Discover the latest in cybersecurity: new zero-day exploits, LinkedIn scams, and evolving digital threats that demand our vigilance. Stay informed to protect your digital life. #CyberAwareness
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
Discover the latest edition packed with expert insights, tech trends, and strategic analysis across cybersecurity, AI, and innovation — all in one pow
thehackernews.com
November 21, 2025 at 2:05 PM
Discover the latest in cybersecurity: new zero-day exploits, LinkedIn scams, and evolving digital threats that demand our vigilance. Stay informed to protect your digital life. #CyberAwareness
A hacker claims to have stolen 23TB of sensitive data from Italian rail company Almaviva, including personal and financial info. The breach highlights growing cyber threats to critical infrastructure. #databreach
Hacker claims to steal 2.3TB data from Italian rail group, Almavia
Data from Italy's national railway operator, the FS Italiane Group, has been exposed after a threat actor breached the organization's IT services provider, Almaviva.
www.bleepingcomputer.com
November 21, 2025 at 11:05 AM
A hacker claims to have stolen 23TB of sensitive data from Italian rail company Almaviva, including personal and financial info. The breach highlights growing cyber threats to critical infrastructure. #databreach
A new Python-based worm is spreading on WhatsApp through deceptive messages, posing security risks. Protect your data by being cautious with suspicious links and messages. #CyberSafety
Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices
Eternidade Stealer spreads via WhatsApp hijacking, using Python scripts and IMAP-driven C2 updates to target Brazilian users.
thehackernews.com
November 20, 2025 at 2:05 PM
A new Python-based worm is spreading on WhatsApp through deceptive messages, posing security risks. Protect your data by being cautious with suspicious links and messages. #CyberSafety
A critical flaw in the W3 Total Cache WordPress plugin lets attackers run harmful PHP code remotely. Over 1M sites using this plugin could be at risk if left unpatched. #WordPressSecurity
W3 Total Cache WordPress plugin vulnerable to PHP command injection
A critical flaw in the W3 Total Cache (W3TC) WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.
www.bleepingcomputer.com
November 20, 2025 at 11:05 AM
A critical flaw in the W3 Total Cache WordPress plugin lets attackers run harmful PHP code remotely. Over 1M sites using this plugin could be at risk if left unpatched. #WordPressSecurity
Explore how top companies shield against rising cyber threats using advanced security strategies. Stay informed about industry best practices for safeguarding data and systems. #CyberSecurityEssentials
Learn How Leading Companies Secure Cloud Workloads and Infrastructure at Scale
Learn how CyberArk experts help businesses secure multi-cloud access, reduce identity risks, and stay compliant.
thehackernews.com
November 19, 2025 at 2:05 PM
Explore how top companies shield against rising cyber threats using advanced security strategies. Stay informed about industry best practices for safeguarding data and systems. #CyberSecurityEssentials
Microsoft is adding Sysmon directly into Windows 11 and Server 2025, making it easier to detect threats and monitor system activity without extra setup. A big step for built-in security features. #WindowsSecurity
Microsoft to integrate Sysmon directly into Windows 11, Server 2025
Microsoft announced today that it will integrate Sysmon natively into Windows 11 and Windows Server 2025 next year, making it unnecessary to deploy the standalone Sysinternals tools.
www.bleepingcomputer.com
November 19, 2025 at 11:05 AM
Microsoft is adding Sysmon directly into Windows 11 and Server 2025, making it easier to detect threats and monitor system activity without extra setup. A big step for built-in security features. #WindowsSecurity
This week's highlight: Fortinet vulnerabilities exploited, China's digital espionage, and cybersecurity challenges. Stay informed and secure as cyber threats evolve. #CyberAwareness
⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More
Fortinet CVE exploited, China-linked AI attacks exposed, PhaaS platform dismantled, and fake crypto apps deploy RATs. Catch this week’s top threats.
thehackernews.com
November 18, 2025 at 2:05 PM
This week's highlight: Fortinet vulnerabilities exploited, China's digital espionage, and cybersecurity challenges. Stay informed and secure as cyber threats evolve. #CyberAwareness
A massive DDoS attack hit Microsoft Azure using the AiSuRu botnet, leveraging 500,000 IPs to reach 15.3 Tbps—one of the largest ever. The event reveals growing threats to cloud infrastructure. #CyberThreats
Microsoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses
Microsoft said today that the Aisuru botnet hit its Azure network with a 15.72 terabits per second (Tbps) DDoS attack, launched from over 500,000 IP addresses.
www.bleepingcomputer.com
November 18, 2025 at 11:05 AM
A massive DDoS attack hit Microsoft Azure using the AiSuRu botnet, leveraging 500,000 IPs to reach 15.3 Tbps—one of the largest ever. The event reveals growing threats to cloud infrastructure. #CyberThreats
Claims that Claude AI can launch cyberattacks on its own are being challenged. Experts say AI still needs human help and can’t act independently. The debate highlights growing concerns around AI misuse and media hype. #AIMisuse
Anthropic claims of Claude AI-automated cyberattacks met with doubt
Anthropic reports that a Chinese state-sponsored threat group, tracked as GTG-1002, carried out a cyber-espionage operation that was largely automated through the abuse of the company's Claude Code AI...
www.bleepingcomputer.com
November 17, 2025 at 11:05 AM
Claims that Claude AI can launch cyberattacks on its own are being challenged. Experts say AI still needs human help and can’t act independently. The debate highlights growing concerns around AI misuse and media hype. #AIMisuse
FWU: PhaaS targets M365, Cl0p lists Oracle victims, Russian IAB pleads guilty, 67K fake npm packages, Iranian APT42 spy ops, FortiWeb actively exploited, & more! #FWU #cybersecurity #infosec
Friday Wrap Up: 14 November 2025
Another wild week in cybersecurity!
open.substack.com
November 14, 2025 at 8:00 PM
FWU: PhaaS targets M365, Cl0p lists Oracle victims, Russian IAB pleads guilty, 67K fake npm packages, Iranian APT42 spy ops, FortiWeb actively exploited, & more! #FWU #cybersecurity #infosec
Researchers uncover significant bugs in AI systems that could be exploited for cyberattacks, emphasizing the importance of strengthening AI security. Stay informed on potential risks and safeguard your systems. #AIBugAlert
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
Researchers reveal RCE flaws in AI inference engines and Cursor IDE from unsafe code reuse.
thehackernews.com
November 14, 2025 at 6:54 PM
Researchers uncover significant bugs in AI systems that could be exploited for cyberattacks, emphasizing the importance of strengthening AI security. Stay informed on potential risks and safeguard your systems. #AIBugAlert
A fake Chrome extension named Safery is stealing data from thousands of users. It imitates a security feature but instead collects browsing details. Stay cautious about what you install. #cybersecurityconcerns
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases Using Sui Blockchain
A fake Chrome wallet “Safery” is stealing Ethereum seed phrases using hidden Sui blockchain transactions.
thehackernews.com
November 14, 2025 at 2:05 PM
A fake Chrome extension named Safery is stealing data from thousands of users. It imitates a security feature but instead collects browsing details. Stay cautious about what you install. #cybersecurityconcerns
The Washington Post experienced a data breach affecting nearly 10,000 employees and contractors, exposing sensitive personal information due to a third-party vendor compromise. #databreach
Washington Post data breach impacts nearly 10K employees, contractors
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack.
www.bleepingcomputer.com
November 14, 2025 at 11:05 AM
The Washington Post experienced a data breach affecting nearly 10,000 employees and contractors, exposing sensitive personal information due to a third-party vendor compromise. #databreach
Amazon identified a cyberattack exploiting a vulnerability in Cisco devices, revealing risks in tech infrastructure security. Understanding these threats is key to safeguarding systems. #CyberThreats
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
Amazon reports dual zero-day exploits in Cisco ISE and Citrix ADC used to deploy custom malware.
thehackernews.com
November 13, 2025 at 2:05 PM
Amazon identified a cyberattack exploiting a vulnerability in Cisco devices, revealing risks in tech infrastructure security. Understanding these threats is key to safeguarding systems. #CyberThreats
Windows 11 now lets third-party apps handle passkeys, making it easier to manage secure, passwordless logins with more flexibility and app support. It’s a step toward simpler, safer digital access. #PasskeySecurity
Windows 11 now supports 3rd-party apps for native passkey management
Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party passkey managers, the first ones supported being 1Password and Bitwarden.
www.bleepingcomputer.com
November 13, 2025 at 11:05 AM
Windows 11 now lets third-party apps handle passkeys, making it easier to manage secure, passwordless logins with more flexibility and app support. It’s a step toward simpler, safer digital access. #PasskeySecurity
GootLoader, a malware used for hacking, is active again. This time, it uses a sneaky trick involving computer fonts to infect systems without being detected. Stay informed on these emerging cybersecurity threats. #CyberSafety
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
Huntress finds three GootLoader infections since Oct 27, 2025; two led to domain controller compromise within 17 hours.
thehackernews.com
November 12, 2025 at 2:05 PM
GootLoader, a malware used for hacking, is active again. This time, it uses a sneaky trick involving computer fonts to infect systems without being detected. Stay informed on these emerging cybersecurity threats. #CyberSafety
Microsoft’s November 2025 Patch Tuesday update fixes 63 security flaws, including 1 actively exploited zero-day vulnerability. This update is key to keeping systems secure from known threats. #CyberSecurityUpdate
Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws
Today is Microsoft's November 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited zero-day vulnerability.
www.bleepingcomputer.com
November 12, 2025 at 11:05 AM
Microsoft’s November 2025 Patch Tuesday update fixes 63 security flaws, including 1 actively exploited zero-day vulnerability. This update is key to keeping systems secure from known threats. #CyberSecurityUpdate
Hyper-V malware is targeting cloud infrastructure, while malicious browser extensions steal sensitive data. Stay informed about these emerging cybersecurity threats to protect your digital assets. #CybersecurityAwareness
⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Explore this week’s top cyber stories: stealthy virtual machine attacks, AI side-channel leaks, spyware on Samsung phones, and new ransomware threats.
thehackernews.com
November 11, 2025 at 2:05 PM
Hyper-V malware is targeting cloud infrastructure, while malicious browser extensions steal sensitive data. Stay informed about these emerging cybersecurity threats to protect your digital assets. #CybersecurityAwareness
A critical bug in the popular JavaScript library expr-eval could let attackers run malicious code remotely. If your app uses this library, it may be at risk. #Cybersecurity
Popular JavaScript library expr-eval vulnerable to RCE flaw
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input.
www.bleepingcomputer.com
November 11, 2025 at 11:05 AM
A critical bug in the popular JavaScript library expr-eval could let attackers run malicious code remotely. If your app uses this library, it may be at risk. #Cybersecurity
Malware with "logic bombs" can activate under certain conditions, making them hard to detect. They pose risks by delivering harmful payloads at specific triggers. These hidden threats highlight the need for advanced cybersecurity measures. #CyberThreatsSummary
Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation
Malicious NuGet packages downloaded 9,488 times hide time-delayed payloads targeting databases and PLCs.
thehackernews.com
November 10, 2025 at 2:05 PM
Malware with "logic bombs" can activate under certain conditions, making them hard to detect. They pose risks by delivering harmful payloads at specific triggers. These hidden threats highlight the need for advanced cybersecurity measures. #CyberThreatsSummary
QNAP patched 7 zero-day flaws in its NAS devices after hackers showed how to exploit them at Pwn2Own. These bugs could let attackers get full control, so updating is key for device security. #CyberSecurity
QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own
QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition.
www.bleepingcomputer.com
November 10, 2025 at 11:05 AM
QNAP patched 7 zero-day flaws in its NAS devices after hackers showed how to exploit them at Pwn2Own. These bugs could let attackers get full control, so updating is key for device security. #CyberSecurity
This week: insider ransomware operators, AI malware that rewrites itself, ChatGPT memory hacks, & 3 major cybercrime gangs merged. The FWU breakdown you need. #FWU #CyberSecurity #InfoSec
Friday Wrap Up: 7 November 2025
Another wild week in cybersecurity where insider threats meet nation-state attacks, AI-powered malware rewrites itself hourly, and even our security pros are allegedly moonlighting with ransomware…
open.substack.com
November 7, 2025 at 8:00 PM
This week: insider ransomware operators, AI malware that rewrites itself, ChatGPT memory hacks, & 3 major cybercrime gangs merged. The FWU breakdown you need. #FWU #CyberSecurity #InfoSec
Hackers are using fake ESET installers to spread malware that steals banking details and more. Be wary of downloading software from untrusted sources. Always ensure your antivirus is from a legitimate vendor. #CybersecurityAlert
Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine
Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and...
thehackernews.com
November 7, 2025 at 2:05 PM
Hackers are using fake ESET installers to spread malware that steals banking details and more. Be wary of downloading software from untrusted sources. Always ensure your antivirus is from a legitimate vendor. #CybersecurityAlert
Continuous purple teaming blends red (attack) and blue (defense) teams to improve cybersecurity by working together instead of competing. This approach boosts real-time defense and better prepares organizations for real threats. #CyberDefense
Continuous Purple Teaming: Turning Red-Blue Rivalry into Real Defense
Red and blue teams often operate independently, but attackers don't. Picus Security shows how continuous purple teaming and BAS turn red-blue rivalry into real defense, validating controls and closing...
www.bleepingcomputer.com
November 7, 2025 at 11:05 AM
Continuous purple teaming blends red (attack) and blue (defense) teams to improve cybersecurity by working together instead of competing. This approach boosts real-time defense and better prepares organizations for real threats. #CyberDefense
Researchers discover vulnerabilities in ChatGPT, exposing sensitive data risks. Important to keep AI tools secure and aware of potential misuse. Stay informed on advancements and challenges in AI safety. #AISecurity
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks...
thehackernews.com
November 6, 2025 at 2:05 PM
Researchers discover vulnerabilities in ChatGPT, exposing sensitive data risks. Important to keep AI tools secure and aware of potential misuse. Stay informed on advancements and challenges in AI safety. #AISecurity