Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-26 12:00 PST
- Popular Forge library gets fix for signature verification bypass flaw
BleepingComputer • 2025-11-26 11:32 • www.bleepingcomputer.com
A vulnerability in the ‘node-forge’ package, a popular JavaScript cryptography library, could be exploited to bypass signature verifications by crafting data that appears valid. […]
https://www.bleepingcomputer.com/news/security/popular-forge-library-gets-fix-for-signature-verification-bypass-flaw/ - Comcast to pay $1.5M fine for vendor breach affecting 270K customers
BleepingComputer • 2025-11-26 10:30 • www.bleepingcomputer.com
Comcast will pay a $1.5 million fine to settle a Federal Communications Commission investigation into a February 2024 vendor data breach that exposed the personal information of nearly 275,000 customers. […]
https://www.bleepingcomputer.com/news/security/comcast-to-pay-15-million-fine-after-a-vendor-data-breach-affecting-270-000-customers/ - Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets
The Hacker News • 2025-11-26 10:08 • thehackernews.com
The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry.
The Socket Research Team said it identified a Maven Central package named org.mvnpm:posthog-node:4.18.1 that embeds the same two components associated with Sha1-Hulud: the “setup_bun.js” loader and the main payload “bun_environment.js.”
“
https://thehackernews.com/2025/11/shai-hulud-v2-campaign-spreads-from-npm.html - Multiple London councils' IT systems disrupted by cyberattack
BleepingComputer • 2025-11-26 09:26 • www.bleepingcomputer.com
The Royal Borough of Kensington and Chelsea (RBKC) and the Westminster City Council (WCC) announced that they are experiencing service disruptions following a cybersecurity issue. […]
https://www.bleepingcomputer.com/news/security/multiple-london-councils-it-systems-disrupted-by-cyberattack/ - Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’
KrebsOnSecurity • 2025-11-26 09:22 • krebsonsecurity.com
A prolific cybercriminal group that calls itself “Scattered LAPSUS$ Hunters” made headlines regularly this year by stealing data from and publicly mass extorting dozens of major corporations. But the tables seem to have turned somewhat for “Rey,” the moniker chosen by the technical operator and public face of the hacker group: Earlier this week, Rey confirmed his real life identity and agreed to an interview after KrebsOnSecurity tracked him down and contacted his father.
https://krebsonsecurity.com/2025/11/meet-rey-the-admin-of-scattered-lapsus-hunters/ - Shadow AI security breaches will hit 40% of all companies by 2030, warns Gartner
Graham Cluley • 2025-11-26 06:48 • www.fortra.com
Shadow AI – the use of artificial intelligence tools by employees without a company’s approval and oversight – is becoming a significant cybersecurity risk.Read more in my article on the Fortra blog.
https://www.fortra.com/blog/shadow-ai-security-breaches-will-hit-40-companies-2030-warns-gartner - Microsoft: Security keys may prompt for PIN after recent updates
BleepingComputer • 2025-11-26 06:43 • www.bleepingcomputer.com
Microsoft warned users on Tuesday that FIDO2 security keys may prompt them to enter a PIN when signing in after installing Windows updates released since the September 2025 preview update. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fido2-security-keys-may-prompt-for-pin-after-recent-windows-updates/ - Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim 'Korean Leaks' Data Heist
The Hacker News • 2025-11-26 06:31 • thehackernews.com
South Korea’s financial sector has been targeted by what has been described as a sophisticated supply chain attack that led to the deployment of Qilin ransomware.
“This operation combined the capabilities of a major Ransomware-as-a-Service (RaaS) group, Qilin, with potential involvement from North Korean state-affiliated actors (Moonstone Sleet), leveraging Managed Service Provider (MSP)
https://thehackernews.com/2025/11/qilin-ransomware-turns-south-korean-msp.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
