Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-04 07:00 PST
- Russian hackers abuse Hyper-V to hide malware in Linux VMs
BleepingComputer • 2025-11-04 06:00 • www.bleepingcomputer.com
The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run malware. […]
https://www.bleepingcomputer.com/news/security/russian-hackers-abuse-hyper-v-to-hide-malware-in-linux-vms/ - Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed
The Hacker News • 2025-11-04 06:00 • thehackernews.com
Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious impersonation and social engineering attacks.
The vulnerabilities “allowed attackers to manipulate conversations, impersonate colleagues, and exploit notifications,” Check Point said in a report shared with The Hacker News.
Following responsible disclosure in March
https://thehackernews.com/2025/11/microsoft-teams-bugs-let-attackers.html - Windows 10 update bug triggers incorrect end-of-support alerts
BleepingComputer • 2025-11-04 05:31 • www.bleepingcomputer.com
Microsoft says the October 2025 updates trigger incorrect end-of-support warnings on Windows 10 systems with active security coverage or still under active support. […]
https://www.bleepingcomputer.com/news/microsoft/windows-10-update-bug-triggers-incorrect-end-of-support-alerts/ - Apple Patches Everything, Again, (Tue, Nov 4th)
SANS ISC Diary (full) • 2025-11-04 04:10 • isc.sans.eduApple released its expected set of operating system upgrades. This is a minor feature upgrade that also includes fixes for 110 different vulnerabilities. As usual for Apple, many of the vulnerabilities affect multiple operating systems. None of the vulnerabilities is marked as already exploited. Apple only offers very sparse vulnerability descriptions. Here are some vulnerabilities that may be worth watching:
- Cybercriminals Targeting Payroll Sites
Schneier on Security • 2025-11-04 04:05 • www.schneier.comMicrosoft is warning of a scam involving online payroll systems. Criminals use social engineering to steal people’s credentials, and then divert direct deposits into accounts that they control. Sometimes they do other things to make it harder for the victim to realize what is happening.
I feel like this kind of thing is happening everywhere, with everything. As we move more of our personal and professional lives online, we enable criminals to subver…
https://www.schneier.com/blog/archives/2025/11/cybercriminals-targeting-payroll-sites.html - Ransomware Defense Using the Wazuh Open Source Platform
The Hacker News • 2025-11-04 03:06 • thehackernews.com
Ransomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the digital landscape, affecting individuals, businesses, and critical infrastructure worldwide.
A ransomware attack typically begins when the malware infiltrates a system through various vectors such as
https://thehackernews.com/2025/11/ransomware-defense-using-wazuh-open.html - Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors
The Hacker News • 2025-11-04 02:49 • thehackernews.com
Threat actors are leveraging weaponized attachments distributed via phishing emails to deliver malware likely targeting the defense sector in Russia and Belarus.
According to multiple reports from Cyble and Seqrite Labs, the campaign is designed to deploy a persistent backdoor on compromised hosts that uses OpenSSH in conjunction with a customized Tor hidden service that employs obfs4 for
https://thehackernews.com/2025/11/operation-skycloak-deploys-tor-enabled.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
