Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-20 07:00 PST
- TV streaming piracy service with 26M yearly visits shut down
BleepingComputer • 2025-11-20 05:31 • www.bleepingcomputer.com
Photocall, a TV piracy streaming platform with over 26 million users annually, has ceased operations following a joint investigation by the Alliance for Creativity and Entertainment (ACE) and DAZN. […]
https://www.bleepingcomputer.com/news/security/tv-streaming-piracy-service-photocall-with-26m-yearly-visits-shut-down/ - ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
The Hacker News • 2025-11-20 04:29 • thehackernews.com
This week has been crazy in the world of hacking and online security. From Thailand to London to the US, we’ve seen arrests, spies at work, and big power moves online. Hackers are getting caught. Spies are getting better at their jobs. Even simple things like browser add-ons and smart home gadgets are being used to attack people.
Every day, there’s a new story that shows how quickly things are
https://thehackernews.com/2025/11/threatsday-bulletin-0-days-linkedin.html - Scam USPS and E-Z Pass Texts and Websites
Schneier on Security • 2025-11-20 04:07 • www.schneier.comGoogle has filed a complaint in court that details the scam:
In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale phishing campaign,” tricking hordes of unsuspecting people into “disclosing sensitive information like passwords, credit card numbers, or banking information, often by impe…
https://www.schneier.com/blog/archives/2025/11/scam-usps-and-e-z-pass-texts-and-websites.html - Inside the dark web job market
Securelist • 2025-11-20 03:37 • securelist.com
This report examines how employment and recruitment function on the dark web, based on over 2,000 job-related posts collected from shadow forums between January 2023 and June 2025.
https://securelist.com/dark-web-job-market-2023-2025/118057/ - CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat
The Hacker News • 2025-11-20 03:30 • thehackernews.com
CTM360 has identified a rapidly expanding WhatsApp account-hacking campaign targeting users worldwide via a network of deceptive authentication portals and impersonation pages. The campaign, internally dubbed HackOnChat, abuses WhatsApp’s familiar web interface, using social engineering tactics to trick users into compromising their accounts.
Investigators identified thousands of malicious URLs
https://thehackernews.com/2025/11/ctm360-exposes-global-whatsapp.html - New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices
The Hacker News • 2025-11-20 03:04 • thehackernews.com
Cybersecurity researchers have disclosed details of a new Android banking trojan called Sturnus that enables credential theft and full device takeover to conduct financial fraud.
“A key differentiator is its ability to bypass encrypted messaging,” ThreatFabric said in a report shared with The Hacker News. “By capturing content directly from the device screen after decryption, Sturnus can monitor
https://thehackernews.com/2025/11/new-sturnus-android-trojan-quietly.html - Crypto mixer founders sent to prison for laundering over $237 million
BleepingComputer • 2025-11-20 02:49 • www.bleepingcomputer.com
The founders of the Samourai Wallet (Samourai) cryptocurrency mixing service have been sent to prison for helping criminals launder over $237 million. […]
https://www.bleepingcomputer.com/news/security/samourai-cryptomixer-founders-sent-to-prison-for-laundering-over-237-million/ - Wind farm worker sentenced after turning turbines into a secret crypto mine
Graham Cluley • 2025-11-20 02:31 • www.bitdefender.com
A technical manager at a Dutch wind farm operator has been sentenced after it was discovered he had secretly installed cryptocurrency mining rigs at two wind farm sites – just as the company was recovering from a ransomware attack.Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/wind-farm-worker-sentenced-after-turning-turbines-into-a-secret-crypto-mine - Blockchain and Node.js abused by Tsundere: an emerging botnet
Securelist • 2025-11-20 02:00 • securelist.com
Kaspersky GReAT experts discovered a new campaign featuring the Tsundere botnet. Node.js-based bots abuse web3 smart contracts and are spread via MSI installers and PowerShell scripts.
https://securelist.com/tsundere-node-js-botnet-uses-ethereum-blockchain/117979/ - Multi-threat Android malware Sturnus steals Signal, WhatsApp messages
BleepingComputer • 2025-11-20 02:00 • www.bleepingcomputer.com
A new Android banking trojan named Sturnus can capture communication from end-to-end encrypted messaging platforms like Signal, WhatsApp, and Telegram, as well as take complete control of the device. […]
https://www.bleepingcomputer.com/news/security/multi-threat-android-malware-sturnus-steals-signal-whatsapp-messages/ - Smashing Security podcast #444: We’re sorry. Wait, did a company actually say that?
Graham Cluley • 2025-11-20 01:29 • grahamcluley.com
Stop the press – a company has actually said “sorry” after a data breach, and hotels are helping hackers phish their own guests.We examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware campaign that abuses trust in apps and CAPTCHAs, and chat about autonomous pen testing, AI-turbocharged cybercrime, and what CISOs should really be asking on Monday morning.
And lost Doctor Who is brought back to life by one very dedicated animator, and we take a look at Eddie Murphy’s career.
All this and more is d…
https://grahamcluley.com/smashing-security-podcast-444/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
