Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-21 07:00 PST
- Google begins showing ads in AI Mode (AI answers)
BleepingComputer • 2025-11-21 05:02 • www.bleepingcomputer.com
Google has started rolling out ads in AI mode, which is the company’s “answer engine,” not a search engine. […]
https://www.bleepingcomputer.com/news/artificial-intelligence/google-begins-showing-ads-in-ai-mode-ai-answers/ - Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security
The Hacker News • 2025-11-21 05:00 • thehackernews.com
In a surprise move, Google on Thursday announced that it has updated Quick Share, its peer-to-peer file transfer service, to work with Apple’s equipment AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.
The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad, and macOS devices, with plans to expand
https://thehackernews.com/2025/11/google-adds-airdrop-compatibility-to.html - AI as Cyberattacker
Schneier on Security • 2025-11-21 04:01 • www.schneier.comFrom Anthropic:
In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree—using AI not just as an advisor, but to execute the cyberattacks themselves.
The threat actor—whom we assess with high confidence was a Chinese state-sponsored group—manipulated our Claude Code tool into attempting infiltration into roughly thirty …
https://www.schneier.com/blog/archives/2025/11/ai-as-cyberattacker.html - Why IT Admins Choose Samsung for Mobile Security
The Hacker News • 2025-11-21 03:00 • thehackernews.com
Ever wonder how some IT teams keep corporate data safe without slowing down employees? Of course you have.
Mobile devices are essential for modern work—but with mobility comes risk. IT admins, like you, juggle protecting sensitive data while keeping teams productive. That’s why more enterprises are turning to Samsung for mobile security.
Hey—you’re busy, so here’s a quick-read article on what
https://thehackernews.com/2025/11/why-it-admins-choose-samsung-for-mobile.html - APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains
The Hacker News • 2025-11-21 02:42 • thehackernews.com
A China-nexus threat actor known as APT24 has been observed using a previously undocumented malware dubbed BADAUDIO to establish persistent remote access to compromised networks as part of a nearly three-year campaign.
“While earlier operations relied on broad strategic web compromises to compromise legitimate websites, APT24 has recently pivoted to using more sophisticated vectors targeting
https://thehackernews.com/2025/11/apt24-deploys-badaudio-in-years-long.html - ToddyCat: your hidden email assistant. Part 1
Securelist • 2025-11-21 02:00 • securelist.com
Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealing access tokens from Outlook.
https://securelist.com/toddycat-apt-steals-email-data-from-outlook/118044/ - Use of CSS stuffing as an obfuscation technique?, (Fri, Nov 21st)
SANS ISC Diary (full) • 2025-11-21 01:48 • isc.sans.eduFrom time to time, it can be instructive to look at generic phishing messages that are delivered to one's inbox or that are caught by basic spam filters. Although one usually doesn't find much of interest, sometimes these little excursions into what should be a run-of-the-mill collection of basic, commonly used phishing techniques can lead one to find something new and unusual. This was the case with one of the messages delivered to our handler inbox yesterday…
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
