Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-10 12:00 PST
- Yanluowang initial access broker to plead guilty to ransomware attacks
BleepingComputer • 2025-11-10 11:12 • www.bleepingcomputer.com
A Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between July 2021 and November 2022. […]
https://www.bleepingcomputer.com/news/security/yanluowang-initial-access-broker-to-plead-guilty-to-ransomware-attacks/ - Popular JavaScript library expr-eval vulnerable to RCE flaw
BleepingComputer • 2025-11-10 10:32 • www.bleepingcomputer.com
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. […]
https://www.bleepingcomputer.com/news/security/popular-javascript-library-expr-eval-vulnerable-to-rce-flaw/ - It isn't always defaults: Scans for 3CX usernames, (Mon, Nov 10th)
SANS ISC Diary (full) • 2025-11-10 07:23 • isc.sans.eduToday, I noticed scans using the username “FTP_3cx” showing up in our logs. 3CX is a well-known maker of business phone system software [1]. My first guess was that this was a default user for one of their systems. But Google came up empty for this particular string. The 3CX software does not appear to run an FTP server, but it offers a feature to back up configurations to an FTP server [2]. The example user used in the documentation is “3cxftpuser”, not “FTP_3cx”. Additionally, the documentation notes that the FTP server can run on a different system from t…
https://isc.sans.edu/diary/rss/32464 - 5 reasons why attackers are phishing over LinkedIn
BleepingComputer • 2025-11-10 07:01 • www.bleepingcomputer.com
Attackers are increasingly phishing over LinkedIn to reach executives and bypass email security tools. Push Security explains how real-time browser protection detects and blocks phishing across apps and channels as users load malicious pages. […]
https://www.bleepingcomputer.com/news/security/5-reasons-why-attackers-are-phishing-over-linkedin/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
