Russian hackers abuse Hyper-V to hide malware in Linux VMs
The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine Linux-based virtual machine to run malware. Inside the virtual environment, the threat actor hosted its custom tools, the CurlyShell reverse shell and the CurlCat reverse proxy, which enabled operational stealth and communication. Curly COMrades is a cyber-espionage threat group believed to be active since mid-2024. READ MORE...
Hackers Weaponize Remote Tools to Hijack Cargo Freight
Threat actors are using remote monitoring and management (RMM) tools to compromise trucking and freight companies, all in an effort to steal physical cargo. That's according to researchers from Proofpoint, which today published research describing how unnamed attackers compromise trucking and freight companies to bid on cargo shipments before stealing them. The hackers then ship this cargo overseas or sell it online, working with organized crime groups all the while. READ MORE...
Android Update Patches Critical Remote Code Execution Flaw
Google on Monday announced a fresh set of security updates for the Android platform, to address two vulnerabilities in the System component. The November 2025 Android fixes mark another shift from the monthly updates the internet giant has been rolling out since 2015, as they come with a single security patch level, the 2025-11-01 patch level. For nearly a decade, the update was split into two security patch levels. READ MORE...
Attack of the clones: Fake ChatGPT apps are everywhere
The mobile AI gold rush has flooded app stores with lookalikes-shiny, convincing apps promising "AI image generation," "smart chat," or "instant productivity." But behind the flashy logos lurks a spectrum of fake apps, from harmless copycats to outright spyware. Spoofing trusted brands like OpenAI's ChatGPT has become the latest tactic for opportunistic developers and cybercriminals to sell their "inventions" and spread malware. READ MORE...
"Sneaky" new Android malware takes over your phone, hiding in fake news and ID apps
Researchers at Cyfirma have investigated Android Trojans capable of stealing sensitive data from compromised devices. The malware spreads by pretending to be trusted apps-like a news reader or even digital ID apps-tricking users into downloading it by accident. In reality, it's Android-targeting malware that preys on people who use banking and cryptocurrency apps. And a sneaky one. Once installed it quietly works in the background to steal information such as login details and money.? READ MORE...
SesameOp Malware Abuses OpenAI API
A threat actor has abused the OpenAI Assistants API as a communication mechanism between its command-and-control (C&C) server and a stealthy backdoor, Microsoft reports. Dubbed SesameOp, the backdoor was deployed as part of a sophisticated attack in which the threat actor maintained access to the compromised environment for months, relying on a complex network of web shells for command execution. READ MORE...
LLMs show a "highly unreliable" capacity to describe their own internal processes
If you ask an LLM to explain its own reasoning process, it may well simply confabulate a plausible-sounding explanation for its actions based on text found in its training data. To get around this problem, Anthropic is expanding on its previous research into AI interpretability with a new study that aims to measure LLMs' actual so-called "introspective awareness" of their own inference processes. READ MORE...
AN0M, the backdoored 'secure' messaging app for criminals, is still producing arrests after four years
Australian police last week made 55 arrests using evidence gathered with a backdoored messaging app that authorities distributed in the criminal community. This story starts in 2018, when US authorities charged the operator of a Canadian company called "Phantom Secure" for facilitating encrypted communications among criminals. Once Phantom Secure went offline, authorities guessed that criminals would look for alternatives. READ MORE...
Invasion of the message body snatchers! Teams flaw allowed crims to impersonate the boss
Microsoft Teams, one of the world's most widely used collaboration tools, contained serious, now-patched vulnerabilities that could have let attackers impersonate executives, rewrite chat history, and fake notifications or calls - all without users suspecting a thing. Researchers at Check Point this week revealed four flaws in Teams that, if exploited, could have fundamentally broken the trust that underpins communication inside organizations. READ MORE...
- ...in 1916, American broadcast journalist Walter Cronkite, known as "the most trusted man in America", is born in Saint Joseph, MO.
- ...in 1922, archaeologist Howard Carter's expedition finds the entrance to the tomb of of the Egyptian pharaoh Tutankhamun.
- ...in 1979, the Iran hostage crisis begins when supporters of the Ayatollah Khomeini overrun the US embassy in Tehran, taking more than 90 hostages.
- ...in 2010, former Cincinnati Reds manager George "Sparky" Anderson, who led the team to two consecutive championships in 1975 and 1976, passes away at his home.
