Cyber Security Week in Review: November 14, 2025
In brief: Microsoft patches Windows kernel zero-day, hackers exploit vulnerabilities in Cisco and NetScaler products, and more.
Cybersecurity News - Page 42
Operation Endgame takes down over 1K servers linked to Rhadamanthys, VenomRAT, and Elysium malware
The main suspect behind VenomRAT was arrested in Greece.
Thousands of domains target hotel guests in massive phishing campaign
The campaign employs a phishing kit that customizes the page presented to the site visitor depending on a unique string in the URL path.
Hackers exploit Citrix and Cisco zero-days to deploy custom malware
Attackers leveraged the Cisco flaw to gain pre-authentication admin access and installed a custom web shell called “IdentityAuditAction,” masquerading as a legitimate ISE component.
Russian hacker to plead guilty for role in Yanluowang ransomware attacks
Volkov acted as an initial access broker for the Yanluowang ransomware group breaking into company networks and selling access to other hackers.
Microsoft’s November 2025 update fixes over 60 flaws, including Windows kernel zero-day
The has been exploited in the wild to gain SYSTEM-level privileges on affected Windows devices.
New WhisperLeak side-channel attack lets eavesdrop on sensitive LLM conversations
he attack exploits subtle metadata patterns in network traffic to deduce a user’s discussion topics.
Threat actors exploiting Triofox flaw to upload malicious files
Attackers abused the unauthenticated access to run the setup process and create a new admin account.
North Korean hackers exploit Google’s Find Hub to track and wipe Android devices
Using stolen Google credentials, the hackers log into victims’ accounts to access Find Hub, where they can query GPS data and issue remote wipe commands.
Landfall Android spyware abused Samsung zero-day in targeted Middle East campaign
The attackers delivered the spyware via malicious DNG (Digital Negative) image files, typically sent over WhatsApp.
Showing elements 411 - 420