Breaking News – Cyber Threats (last 6h)
Generated: 2025-11-24 07:00 PST
- Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub
BleepingComputer • 2025-11-24 06:32 • www.bleepingcomputer.com
Hundreds of trojanized versions of well-known packages such as Zapier, ENS Domains, PostHog, and Postman have been planted in the npm registry in a new Shai-Hulud supply-chain campaign. […]
https://www.bleepingcomputer.com/news/security/shai-hulud-malware-infects-500-npm-packages-leaks-secrets-on-github/ - Harvard University discloses data breach affecting alumni, donors
BleepingComputer • 2025-11-24 06:06 • www.bleepingcomputer.com
Harvard University disclosed over the weekend that its Alumni Affairs and Development systems were compromised in a voice phishing attack, exposing the personal information of students, alumni, donors, staff, and faculty members. […]
https://www.bleepingcomputer.com/news/security/harvard-university-discloses-data-breach-affecting-alumni-donors/ - Microsoft tests File Explorer preloading for faster performance
BleepingComputer • 2025-11-24 05:08 • www.bleepingcomputer.com
Microsoft is testing a new optional feature that preloads File Explorer in the background to improve launch times on Windows 11 systems. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-tests-file-explorer-preloading-for-faster-launches/ - Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft
The Hacker News • 2025-11-24 05:03 • thehackernews.com
Multiple security vendors are sounding the alarm about a second wave of attacks targeting the npm registry in a manner that’s reminiscent of the Shai-Hulud attack.
The new supply chain campaign, dubbed Sha1-Hulud, has compromised hundreds of npm packages, according to reports from Aikido, HelixGuard, Koi Security, Socket, and Wiz.
“The campaign introduces a new variant that executes malicious
https://thehackernews.com/2025/11/second-sha1-hulud-wave-affects-25000.html - ⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More
The Hacker News • 2025-11-24 04:32 • thehackernews.com
This week saw a lot of new cyber trouble. Hackers hit Fortinet and Chrome with new 0-day bugs. They also broke into supply chains and SaaS tools. Many hid inside trusted apps, browser alerts, and software updates.
Big firms like Microsoft, Salesforce, and Google had to react fast — stopping DDoS attacks, blocking bad links, and fixing live flaws. Reports also showed how fast fake news, AI
https://thehackernews.com/2025/11/weekly-recap-fortinet-exploit-chrome-0.html - To buy or not to buy: How cybercriminals capitalize on Black Friday
Securelist • 2025-11-24 04:30 • securelist.com
How cybercriminals prepare for Black Friday: phishing, scams and malware targeting online shoppers and gamers, fake sales in spam and real sales on the dark web.
https://securelist.com/black-friday-threat-report-2025/118083/ - IACR Nullifies Election Because of Lost Decryption Key
Schneier on Security • 2025-11-24 04:03 • www.schneier.comThe International Association of Cryptologic Research—the academic cryptography association that’s been putting conferences like Crypto (back when “crypto” meant “cryptography”) and Eurocrypt since the 1980s—had to nullify an online election when trustee Moti Yung lost his decryption key.
For this election and in accordance with the bylaws of the IACR, the three members of the IACR 2025 Election Committee acted as independent trustees, each holding a portion of the cryptographi…
https://www.schneier.com/blog/archives/2025/11/iacr-nullifies-election-because-of-lost-decryption-key.html - Microsoft to remove WINS support after Windows Server 2025
BleepingComputer • 2025-11-24 03:47 • www.bleepingcomputer.com
Microsoft has warned IT administrators to prepare for the removal of Windows Internet Name Service (WINS) from Windows Server releases starting in November 2034. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-to-remove-wins-support-after-windows-server-2025/ - Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs
The Hacker News • 2025-11-24 03:07 • thehackernews.com
New research from CrowdStrike has revealed that DeepSeek’s artificial intelligence (AI) reasoning model DeepSeek-R1 produces more security vulnerabilities in response to prompts that contain topics deemed politically sensitive by China.
“We found that when DeepSeek-R1 receives prompts containing topics the Chinese Communist Party (CCP) likely considers politically sensitive, the likelihood of it
https://thehackernews.com/2025/11/chinese-ai-model-deepseek-r1-generates.html - Microsoft: Windows 11 24H2 bug crashes Explorer and Start Menu
BleepingComputer • 2025-11-24 02:41 • www.bleepingcomputer.com
Microsoft has confirmed a critical Windows 11 24H2 bug that causes the File Explorer, the Start Menu, and other key system components to crash when provisioning systems with cumulative updates released since July 2025. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-11-24h2-bug-crashes-key-system-components/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
