Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-18 12:00 PST
- Windows 11 gets new Cloud Rebuild, Point-in-Time Restore tools
BleepingComputer • 2025-11-18 11:29 • www.bleepingcomputer.com
Microsoft announced two new Windows 11 recovery features today at the Ignite developer conference, called Cloud Rebuild and Point-in-Time Restore (PITR), that aim to reduce downtime and make it easier to recover from system failures or faulty updates. […]
https://www.bleepingcomputer.com/news/microsoft/windows-11-gets-new-cloud-rebuild-point-in-time-restore-tools/ - Fortinet warns of new FortiWeb zero-day exploited in attacks
BleepingComputer • 2025-11-18 11:01 • www.bleepingcomputer.com
Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks. […]
https://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-fortiweb-zero-day-exploited-in-attacks/ - Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar
The Hacker News • 2025-11-18 10:31 • thehackernews.com
The malware authors associated with a Phishing-as-a-Service (PhaaS) kit known as Sneaky 2FA have incorporated Browser-in-the-Browser (BitB) functionality into their arsenal, underscoring the continued evolution of such offerings and further making it easier for less-skilled threat actors to mount attacks at scale.
Push Security, in a report shared with The Hacker News, said it observed the use
https://thehackernews.com/2025/11/sneaky-2fa-phishing-kit-adds-bitb-pop.html - Microsoft to integrate Sysmon directly into Windows 11, Server 2025
BleepingComputer • 2025-11-18 09:25 • www.bleepingcomputer.com
Microsoft announced today that it will integrate Sysmon natively into Windows 11 and Windows Server 2025 next year, making it unnecessary to deploy the standalone Sysinternals tools. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-to-integrate-sysmon-directly-into-windows-11-server-2025/ - Microsoft Teams to let users report messages wrongly flagged as threats
BleepingComputer • 2025-11-18 09:14 • www.bleepingcomputer.com
Microsoft says that Teams users will be able to report false-positive threat alerts triggered by messages incorrectly flagged as malicious. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-to-let-users-report-messages-wrongly-flagged-as-threats/ - French agency Pajemploi reports data breach affecting 1.2M people
BleepingComputer • 2025-11-18 08:59 • www.bleepingcomputer.com
Pajemploi, the French social security service for parents and home-based childcare providers, has suffered a data breach that may have exposed personal information of 1.2 million individuals. […]
https://www.bleepingcomputer.com/news/security/french-agency-pajemploi-reports-data-breach-affecting-12m-people/ - Advancing Cybersecurity for Microsoft Environments
Sophos Security Ops • 2025-11-18 08:31 • news.sophos.com
From certified MDR services to open threat intelligence frameworks, Sophos is delivering the clarity, context, and confidence organizations need to stay ahead of evolving threats.
https://news.sophos.com/en-us/2025/11/18/advancing-cybersecurity-for-microsoft-environments/ - Meta Expands WhatsApp Security Research with New Proxy Tool and $4M in Bounties This Year
The Hacker News • 2025-11-18 07:56 • thehackernews.com
Meta on Tuesday said it has made available a tool called WhatsApp Research Proxy to some of its long-time bug bounty researchers to help improve the program and more effectively research the messaging platform’s network protocol.
The idea is to make it easier to delve into WhatsApp-specific technologies as the application continues to be a lucrative attack surface for state-sponsored actors and
https://thehackernews.com/2025/11/meta-expands-whatsapp-security-research.html - The AI Fix #77: Genome LLM makes a super-virus, and should AI decide if you live?
Graham Cluley • 2025-11-18 07:35 • grahamcluley.com
In episode 77 of The AI Fix, a language model trained on genomes that creates a super-virus, Graham wonders whether AI should be allowed to decide if we live or die, and a woman marries ChatGPT (and calls it “Klaus”).Also in this episode: In Russia a robot staggers, falls over, and breaks; MIT quietly withdraws a ludicrously bad cybersecurity paper; the founder of a $1 billion AI company reveals his first AI was just two dudes on a Zoom call, and a futurologist reveals eight things we’ll be doing with humanoid robots by 2040.
All this and much more is discussed in the latest edition of “…
https://grahamcluley.com/the-ai-fix-77/ - Learn How Leading Companies Secure Cloud Workloads and Infrastructure at Scale
The Hacker News • 2025-11-18 07:25 • thehackernews.com
You’ve probably already moved some of your business to the cloud—or you’re planning to. That’s a smart move. It helps you work faster, serve your customers better, and stay ahead.
But as your cloud setup grows, it gets harder to control who can access what.
Even one small mistake—like the wrong person getting access—can lead to big problems. We’re talking data leaks, legal trouble, and serious
https://thehackernews.com/2025/11/learn-how-leading-companies-secure.html - The Tycoon 2FA Phishing Platform and the Collapse of Legacy MFA
BleepingComputer • 2025-11-18 07:01 • www.bleepingcomputer.com
Tycoon 2FA enables turnkey real-time MFA relays behind 64,000+ attacks this year, proving legacy MFA collapses the moment a phishing kit targets it. Learn from Token Ring how biometric, phishing-proof FIDO2 hardware blocks these relay attacks before they succeed. […]
https://www.bleepingcomputer.com/news/security/the-tycoon-2fa-phishing-platform-and-the-collapse-of-legacy-mfa/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
