Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-04 02:00 PST
- Google’s AI ‘Big Sleep’ Finds 5 New Vulnerabilities in Apple’s Safari WebKit
The Hacker News • 2025-11-04 00:10 • thehackernews.com
Google’s artificial intelligence (AI)-powered cybersecurity agent called Big Sleep has been credited by Apple for discovering as many as five different security flaws in the WebKit component used in its Safari web browser that, if successfully exploited, could result in a browser crash or memory corruption.
The list of vulnerabilities is as follows –CVE-2025-43429 – A buffer overflow
https://thehackernews.com/2025/11/googles-ai-big-sleep-finds-5-new.html - 165: Tanya
Darknet Diaries • 2025-11-04 00:00 • darknetdiaries.comTanya Janca is a globally recognized AppSec (application security) expert and founder of We Hack Purple. In this episode, she shares wild stories from the front lines of cybersecurity. She shares stories of when she was a penetration tester to an incident responder.
You can sign up for her newsletter at https://newsletter.shehackspurple.ca/
Sponsors
Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Prote…
https://darknetdiaries.com/episode/165/ - Hackers exploit critical auth bypass flaw in JobMonster WordPress theme
BleepingComputer • 2025-11-03 23:49 • www.bleepingcomputer.com
Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme that allows hijacking of administrator accounts under certain conditions. […]
https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-auth-bypass-flaw-in-jobmonster-wordpress-theme/ - U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
The Hacker News • 2025-11-03 23:45 • thehackernews.com
Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat (aka ALPHV) ransomware between May and November 2023 and extorting them.
Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co–conspirator (aka “Co-Conspirator 1”) based in Florida, all U.S. nationals, are said to have used the ransomware strain against a medical
https://thehackernews.com/2025/11/us-prosecutors-indict-cybersecurity.html - Microsoft Detects "SesameOp" Backdoor Using OpenAI's API as a Stealth Command Channel
The Hacker News • 2025-11-03 21:58 • thehackernews.com
Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface (API) for command-and-control (C2) communications.
“Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised
https://thehackernews.com/2025/11/microsoft-detects-sesameop-backdoor.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
