-
Microsoft has rolled out enhanced remediation capabilities in Defender for Office 365 (O365), enabling security teams to initiate automated investigations and other actions directly from the Advanced Hunting interface. This feature, launched on November 10, 2025, empowers admins and analysts to respond to email threats more swiftly without requiring policy modifications. The new actions Submit […] The post Microsoft Defender for O365 New Feature Allows Security Teams to Trigger Automated Investigations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about the active exploitation of a new zero-day vulnerability in Microsoft Windows. This security flaw, tracked as CVE-2025-62215, affects the Windows Kernel and c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Palo Alto Networks has disclosed a critical denial-of-service vulnerability in its PAN-OS firewall software that allows unauthenticated attackers to remotely reboot firewalls by sending specially crafted packets. Tracked as CVE-2025-4619, the vulnerability poses significant risks to organizations relying on Palo Alto firewalls for network security. The flaw, identified as CWE-754 (Improper Check for Unusual or […] The post Palo Alto PAN-OS Firewall Vulnerability Let Attackers Reboot Firewall by Sending Malicious Packet appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Reports of a possible law enforcement operation against Rhadamanthys Stealer infrastructure have created waves in the cybersecurity community. The information stealer, which has been active in the threat landscape for several months, appears to have suffered a major disruption to its command and control servers. Users of the malware-as-a-service platform have reported difficulties accessing their […] The post Rhadamanthys Stealer Servers Possibly Seized – Admin Urges to Reinstall Servers appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The English-speaking cybercriminal ecosystem, commonly known as “The COM,” has transformed from a niche community of social media account traders into a sophisticated, organized operation fueling some of the world’s most damaging cyberattacks. What started as simple forums for trading rare social media handles has evolved into a professional, service-driven criminal marketplace targeting multinational corporations, […] The post English-Speaking Cybercriminal Ecosystem ‘The COM’ Drives a Wide Spectrum of Cyberattacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Law enforcement agencies disrupted a vast network of cybercrime tools between November 10 and 14, 2025, coordinated from Europol’s headquarters in The Hague, Netherlands. Dubbed the latest phase of Operation Endgame, the effort targeted three notorious malware families: the infostealer Rhadamanthys, the Remote Access Trojan (RAT) VenomRAT, and the Elysium botnet. These stealers and botnets […] The post Operation Endgame – 1,000+ Servers Used by Rhadamanthys, VenomRAT, and Elysium Dismantled appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in recent history. Operation Endgame, coordinated from Europol’s headquarters in The Hague, successfully…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Elastic has released a security advisory addressing an origin validation error in Kibana that could expose systems to Server-Side Request Forgery (SSRF) attacks. The vulnerability, tracked as CVE-2025-37734, affects multiple versions of the popular dat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new ClickFix campaign is tricking users with a fake Windows update that runs in their browser. Called “Fake OS Update,” this scam takes advantage of people’s trust in the familiar blue screen of death (BSOD) from Microsoft. It delivers malware and shows how social engineering can be more effective than technical tricks. Cybersecurity researcher […] The post New ClickFix Attack Tricks Users with ‘Fake OS Update’ to Execute Malicious Commands appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a sophisticated supply chain attack disguised as a legitimate cryptocurrency wallet. Socket’s Threat Research Team discovered a malicious Chrome extension called “Safery: Ethereum Wallet,” published…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
