Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-22 02:00 PST
- Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks
The Hacker News • 2025-11-21 22:47 • thehackernews.com
Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control (C2) platform called Matrix Push C2.
“This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target victims across operating systems,” Blackfog researcher Brenda Robb said in a Thursday report.
In
https://thehackernews.com/2025/11/matrix-push-c2-uses-browser.html - CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability
The Hacker News • 2025-11-21 22:45 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability in question is CVE-2025-61757 (CVSS score: 9.8), a case of missing authentication for a critical function that can result in pre-authenticated
https://thehackernews.com/2025/11/cisa-warns-of-actively-exploited.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
