News

• CIS Benchmarks Update November 2025 Wed, 19 Nov 2025 16:39:00 -0500
  The November 2025 CIS Benchmarks monthly update highlights the CIS Benchmarks and CIS Build Kits that have been updated or recently released.

Looking Glass Cyber

Malware Patrol

SecList

• Shai Hulud 2.0, now with a wiper flavor
  Kaspersky researchers uncover a new version of the Shai Hulud npm worm, which is attacking targets in Russia, India, Brazil, China, and other countries, and has wiper features.

securingtomorrow.mcafee.com

Quick Heal

Threat Post

• Student Loan Breach Exposes 2.5M Records
• Watering Hole Attacks Push ScanBox Keylogger
• Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
• Ransomware Attacks are on the Rise
• Cybercriminals Are Selling Access to Chinese Surveillance Cameras
• Twitter Whistleblower Complaint: The TL;DR Version
• Firewall Bug Under Active Attack Triggers CISA Warning
• Fake Reservation Links Prey on Weary Travelers
• iPhone Users Urged to Update to Patch 2 Zero-Days
• Google Patches Chrome’s Fifth Zero-Day of the Year

Naked Security

Security Affairs

• SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74
• Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION
• Porsche outage in Russia serves as a reminder of the risks in connected vehicle security
• Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs
• Maximum-severity XXE vulnerability discovered in Apache Tika
• JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability
• BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions
• U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog
• Marquis data breach impacted more than 780,000 individuals
• ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

Security Awareness Tips of the week

Exploits

• [webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)
• [webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery (CSRF)
• [webapps] MaNGOSWebV4 4.0.6 - Reflected XSS
• [webapps] Django 5.1.13 - SQL Injection
• [webapps] phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF)
• [webapps] MobileDetect 2.8.31 - Cross-Site Scripting (XSS)
• [webapps] phpIPAM 1.4 - SQL-Injection
• [webapps] OpenRepeater 2.1 - OS Command Injection
• [webapps] phpMyAdmin 5.0.0 - SQL Injection
• [webapps] RosarioSIS 6.7.2 - Cross Site Scripting (XSS)
• [webapps] RosarioSIS 6.7.2 - Cross-Site Scripting (XSS)
• [webapps] PluckCMS 4.7.10 - Unrestricted File Upload
• [webapps] openSIS Community Edition 8.0 - SQL Injection
• [webapps] YOURLS 1.8.2 - Cross-Site Request Forgery (CSRF)
• [webapps] phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)
• [webapps] phpIPAM 1.5.1 - SQL Injection
• [webapps] Piwigo 13.6.0 - SQL Injection
• [webapps] phpIPAM 1.6 - Reflected-Cross-Site Scripting (XSS)
• [webapps] phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)
• [webapps] Flowise 3.0.4 - Remote Code Execution (RCE)
• [webapps] Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
• [remote] Ilevia EVE X1/X5 Server 4.7.18.0.eden - Reverse Rootshell
• [local] Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP - Elevation of Privilege
• [remote] ClipBucket 5.5.0 - Arbitrary File Upload
• [remote] ClipBucket 5.5.2 Build #90 - Server-Side Request Forgery (SSRF)
• [webapps] Tourism Management System 2.0 - Arbitrary Shell Upload
• [webapps] Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)
• [webapps] dotCMS 25.07.02-1 - Authenticated Blind SQL Injection
• [webapps] ELEX WooCommerce WordPress Plugin 1.4.3 - SQL Injection
• [webapps] XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)
• [webapps] Concrete CMS 9.4.3 - Stored XSS
• [local] Mbed TLS 3.6.4 - Use-After-Free
• [remote] HTTP/2 2.0 - Denial Of Service (DOS)
• [remote] HTMLDOC 1.9.13 - Stack Buffer Overflow
• [remote] GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution (RCE)
• [local] GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure
• [webapps] StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload
• [remote] Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass
• [webapps] Lingdang CRM 8.6.4.7 - SQL Injection
• [webapps] Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure
• [remote] Tenda AC20 16.03.08.12 - Command Injection
• [webapps] Lantronix Provisioning Manager 7.10.3 - XML External Entity Injection (XXE)
• [webapps] Soosyze CMS 2.0 - Brute Force Login
• [remote] Microsoft Windows 10.0.19045 - NTLMv2 Hash Disclosure
• [remote] PHPMyAdmin 3.0 - Bruteforce Login Bypass
• [webapps] RiteCMS 3.0.0 - Reflected Cross Site Scripting (XSS)

Last 20 Website Defacements - Zone-h

Advisories

Symantec Packet Stoem Security