Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-15 12:00 PST
- Decades-old ‘Finger’ protocol abused in ClickFix malware attacks
BleepingComputer • 2025-11-15 10:46 • www.bleepingcomputer.com
The decades-old “finger” command is making a comeback,, with threat actors using the protocol to retrieve remote commands to execute on Windows devices. […]
https://www.bleepingcomputer.com/news/security/decades-old-finger-protocol-abused-in-clickfix-malware-attacks/ - RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet
The Hacker News • 2025-11-15 08:35 • thehackernews.com
The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code execution.
The vulnerability in question is CVE-2025-24893 (CVSS score: 9.8), an eval injection bug that could allow any guest user to perform arbitrary remote code execution through a request to the “/bin/get/Main/
https://thehackernews.com/2025/11/rondodox-exploits-unpatched-xwiki.html - Jaguar Land Rover cyberattack cost the company over $220 million
BleepingComputer • 2025-11-15 07:09 • www.bleepingcomputer.com
Jaguar Land Rover (JLR) published its financial results for July 1 to September 30, warning that the cost of a recent cyberattack totaled £196 million ($220 million) in the quarter. […]
https://www.bleepingcomputer.com/news/security/jaguar-land-rover-cyberattack-cost-the-company-over-220-million/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
