Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-19 07:00 PST
- New WrtHug campaign hijacks thousands of end-of-life ASUS routers
BleepingComputer • 2025-11-19 06:35 • www.bleepingcomputer.com
Thousands of ASUS WRT routers, mostly end-of-life or outdated devices, have been hijacked in a global campaign called Operation WrtHug that exploits six vulnerabilities. […]
https://www.bleepingcomputer.com/news/security/new-wrthug-campaign-hijacks-thousands-of-end-of-life-asus-routers/ - The hidden risks in your DevOps stack data—and how to address them
BleepingComputer • 2025-11-19 06:20 • www.bleepingcomputer.com
DevOps repos on GitHub, GitLab, Bitbucket, and Azure DevOps face risks from weak access controls, misconfigurations, outages, and accidental deletions. GitProtect provides automated, immutable backups and fast recovery to secure your DevOps data. […]
https://www.bleepingcomputer.com/news/security/the-hidden-risks-in-your-devops-stack-data-and-how-to-address-them/ - The Cloudflare Outage May Be a Security Roadmap
KrebsOnSecurity • 2025-11-19 06:07 • krebsonsecurity.com
An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet’s top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform temporarily so that visitors could still access their websites. But security experts say doing so may have also triggered an impromptu network penetration test for organizations that have come to rely on Cloudflare to block many types of abusive and malicious traffic.
https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/ - CISA gives govt agencies 7 days to patch new Fortinet flaw
BleepingComputer • 2025-11-19 05:44 • www.bleepingcomputer.com
CISA has ordered U.S. government agencies to secure their systems within a week against another vulnerability in Fortinet’s FortiWeb web application firewall, which was exploited in zero-day attacks. […]
https://www.bleepingcomputer.com/news/security/cisa-gives-govt-agencies-7-days-to-patch-new-fortinet-flaw/ - Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters
BleepingComputer • 2025-11-19 05:01 • www.bleepingcomputer.com
An in-development build of the upcoming ShinySp1d3r ransomware-as-a-service platform has surfaced, offering a preview of the upcoming extortion operation. […]
https://www.bleepingcomputer.com/news/security/meet-shinysp1d3r-new-ransomware-as-a-service-created-by-shinyhunters/ - WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide
The Hacker News • 2025-11-19 05:00 • thehackernews.com
A newly discovered campaign has compromised tens of thousands of outdated or end-of-life (EoL) ASUS routers worldwide, predominantly in Taiwan, the U.S., and Russia, to rope them into a massive network.
The router hijacking activity has been codenamed Operation WrtHug by SecurityScorecard’s STRIKE team. Southeast Asia and European countries are some of the other regions where infections have
https://thehackernews.com/2025/11/wrthug-exploits-six-asus-wrt-flaws-to.html - California man admits to laundering crypto stolen in $230M heist
BleepingComputer • 2025-11-19 04:13 • www.bleepingcomputer.com
A 45-year-old from Irvine, California, has pleaded guilty to laundering at least $25 million stolen in a massive $230 million cryptocurrency heist. […]
https://www.bleepingcomputer.com/news/security/california-man-admits-to-laundering-crypto-stolen-in-230m-heist/ - Legal Restrictions on Vulnerability Disclosure
Schneier on Security • 2025-11-19 04:04 • www.schneier.comKendra Albert gave an excellent talk at USENIX Security this year, pointing out that the legal agreements surrounding vulnerability disclosure muzzle researchers while allowing companies to not fix the vulnerabilities—exactly the opposite of what the responsible disclosure movement of the early 2000s was supposed to prevent. This is the talk.
Thirty years ago, a debate raged over whether vulnerability disclosure was good for computer security. On one side, full disclosure advocates argued that software bug…
https://www.schneier.com/blog/archives/2025/11/legal-restrictions-on-vulnerability-disclosure.html - Application Containment: How to Use Ringfencing to Prevent the Weaponization of Trusted Software
The Hacker News • 2025-11-19 03:55 • thehackernews.com
The challenge facing security leaders is monumental: Securing environments where failure is not an option. Reliance on traditional security postures, such as Endpoint Detection and Response (EDR) to chase threats after they have already entered the network, is fundamentally risky and contributes significantly to the half-trillion-dollar annual cost of cybercrime.
Zero Trust fundamentally shifts
https://thehackernews.com/2025/11/application-containment-how-to-use.html - Cloudflare blames this week's massive outage on database issues
BleepingComputer • 2025-11-19 02:54 • www.bleepingcomputer.com
On Tuesday, Cloudflare experienced its worst outage in 6 years, blocking access to many websites and online platforms for almost 6 hours after a change to database access controls triggered a cascading failure across its Global Network. […]
https://www.bleepingcomputer.com/news/technology/cloudflare-blames-this-weeks-massive-outage-on-database-issues/ - IT threat evolution in Q3 2025. Mobile statistics
Securelist • 2025-11-19 02:00 • securelist.com
The report features statistics on mobile threats for the third quarter of 2025, along with interesting findings and trends from the quarter, including an increase in ransomware activity in Germany, and more.
https://securelist.com/malware-report-q3-2025-mobile-statistics/118013/ - IT threat evolution in Q3 2025. Non-mobile statistics
Securelist • 2025-11-19 02:00 • securelist.com
The report presents key trends and statistics on malware that targets personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during the third quarter of 2025.
https://securelist.com/malware-report-q3-2025-pc-iot-statistics/118020/ - ‘PlushDaemon’ hackers hijack software updates in supply-chain attacks
BleepingComputer • 2025-11-19 02:00 • www.bleepingcomputer.com
The China-aligned advanced persistent threat (APT) tracked as ‘PlushDaemon’ is hijacking software update traffic to deliver malicious payloads to its targets. […]
https://www.bleepingcomputer.com/news/security/plushdaemon-hackers-hijack-software-updates-in-supply-chain-attacks/ - EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates
The Hacker News • 2025-11-19 02:00 • thehackernews.com
The threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper to facilitate adversary-in-the-middle (AitM) attacks.
EdgeStepper “redirects all DNS queries to an external, malicious hijacking node, effectively rerouting the traffic from legitimate infrastructure used for software updates to attacker-controlled infrastructure
https://thehackernews.com/2025/11/edgestepper-implant-reroutes-dns.html - ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts
The Hacker News • 2025-11-19 01:59 • thehackernews.com
Malicious actors can exploit default configurations in ServiceNow’s Now Assist generative artificial intelligence (AI) platform and leverage its agentic capabilities to conduct prompt injection attacks.
The second-order prompt injection, according to AppOmni, makes use of Now Assist’s agent-to-agent discovery to execute unauthorized actions, enabling attackers to copy and exfiltrate sensitive
https://thehackernews.com/2025/11/servicenow-ai-agents-can-be-tricked.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
