U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog... 2025-11-15 06:58:38 | 阅读: 9 | 收藏 | Security Affairs - securityaffairs.com fortiweb exploited catalog

Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely... 2025-11-14 19:16:1 | 阅读: 8 | 收藏 | Security Affairs - securityaffairs.com dsl asus routers firmware recommends

Millions of sites at risk from Imunify360 critical flaw exploit Millions of sites at risk from Imunify360 critical flaw exploit... 2025-11-14 14:58:49 | 阅读: 8 | 收藏 | Security Affairs - securityaffairs.com imunify360 php attacker bolit patchstack

Critical FortiWeb flaw under attack, allowing complete compromise Critical FortiWeb flaw under attack, allowing complete compromise... 2025-11-14 12:41:5 | 阅读: 15 | 收藏 | Security Affairs - securityaffairs.com fortiweb bypass payload defused unclear

Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs... 2025-11-14 09:32:50 | 阅读: 6 | 收藏 | Security Affairs - securityaffairs.com llms bsi germany developers

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft Washington Post notifies 10,000 individuals affected in Oracle-linked data theft... 2025-11-14 08:30:5 | 阅读: 10 | 收藏 | Data Breach - securityaffairs.com washington contractors paganini claimed american

Chrome extension “Safery” steals Ethereum wallet seed phrases Chrome extension “Safery” steals Ethereum wallet seed phrases P... 2025-11-13 18:25:13 | 阅读: 9 | 收藏 | Security Affairs - securityaffairs.com chrome safery mnemonic malicious sui

A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and El... 2025-11-13 15:19:40 | 阅读: 5 | 收藏 | Security Affairs - securityaffairs.com endgame ransomware europol worldwide greece

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to i... 2025-11-13 11:29:10 | 阅读: 11 | 收藏 | Security Affairs - securityaffairs.com triofox catalog watchguard exploited

Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days... 2025-11-13 08:42:58 | 阅读: 12 | 收藏 | Security Affairs - securityaffairs.com ise citrix netscaler exploited maintained

Google sues cybercriminal group Smishing Triad Google sues cybercriminal group Smishing Triad Pierluigi Pagani... 2025-11-12 20:25:9 | 阅读: 7 | 收藏 | Security Affairs - securityaffairs.com smishing phishing lighthouse triad sues

New Danabot Windows version appears in the threat landscape after May disruption New Danabot Windows version appears in the threat landscape after May disruption... 2025-11-12 19:18:29 | 阅读: 7 | 收藏 | Security Affairs - securityaffairs.com danabot endgame zscaler windows threatlabz

Australia’s spy chief warns of China-linked threats to critical infrastructure Australia’s spy chief warns of China-linked threats to critical infrastructure... 2025-11-12 14:21:36 | 阅读: 17 | 收藏 | Security Affairs - securityaffairs.com typhoon officials volt taiwan meeting

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025 Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025... 2025-11-12 10:2:0 | 阅读: 13 | 收藏 | Security Affairs - securityaffairs.com beestation pwn2own ireland 12686 65648

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK $7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK... 2025-11-12 07:42:7 | 阅读: 8 | 收藏 | Security Affairs - securityaffairs.com laundering police crime met qian

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploite... 2025-11-12 06:14:9 | 阅读: 9 | 收藏 | Security Affairs - securityaffairs.com windows microsoft attacker tuesday exploited

SAP fixed a maximum severity flaw in SQL Anywhere Monitor SAP fixed a maximum severity flaw in SQL Anywhere Monitor Pierl... 2025-11-11 21:2:24 | 阅读: 8 | 收藏 | Security Affairs - securityaffairs.com security addressed remote

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS Fantasy Hub是一款俄罗斯开发的Android远程控制木马（RAT），作为恶意软件即服务（MaaS）提供。它通过Telegram实现设备间谍、数据窃取和远程控制功能。攻击者可获取短信、联系人、通话记录等信息，并伪造银行登录界面进行诈骗。该恶意软件利用Telegram集成和隐蔽技术逃避检测，在企业BYOD和移动金融环境中构成严重威胁。... 2025-11-11 15:21:49 | 阅读: 5 | 收藏 | Security Affairs - securityaffairs.com fantasy attackers maas byod contacts

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors 好的，我现在需要帮用户总结这篇文章的内容，控制在100个字以内。首先，我得通读整篇文章，抓住主要信息。 文章讲的是朝鲜相关的KONNI APT组织利用Google Find Hub服务来清除数据和间谍活动。他们伪装成心理咨询师，通过KakaoTalk传播恶意软件。攻击链包括钓鱼邮件、恶意安装包、远程控制以及数据清除。 接下来，我需要将这些要点浓缩到100字以内。要注意不要使用“文章内容总结”之类的开头，直接描述即可。 可能的结构是：朝鲜相关组织伪装成咨询师，利用Google服务清除数据和间谍活动，通过KakaoTalk传播恶意软件。 检查一下字数是否符合要求，并确保所有关键点都被涵盖。 </think> 朝鲜相关APT组织KONNI伪装成心理咨询师，利用Google Find Hub服务清除数据并实施间谍活动。攻击者通过KakaoTalk传播恶意软件，并远程重置设备以窃取信息。... 2025-11-11 11:37:16 | 阅读: 10 | 收藏 | Security Affairs - securityaffairs.com konni north korea kakaotalk attackers

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog 好的，我现在需要帮用户总结这篇文章的内容，控制在100个字以内。首先，我得快速浏览文章，抓住主要信息。 文章讲的是美国CISA将三星手机的一个漏洞加入已知被利用的漏洞目录。这个漏洞是CVE-2025-21042，CVSS评分8.8。这个漏洞被用来部署LANDFALL间谍软件，在中东的定向攻击中被利用。三星在4月修复了这个漏洞，但研究人员发现它在几个月前就被利用了。间谍软件通过WhatsApp发送的DNG图片传播，可以在零点击的情况下安装，窃取数据和监控位置。 接下来，我需要把这些关键点浓缩到100字以内。要包括CISA的动作、漏洞编号、影响、攻击方式和后果。同时，语言要简洁明了，不需要复杂的结构。 可能会这样组织：CISA将三星手机漏洞加入目录，该漏洞被用于部署间谍软件，通过WhatsApp传播图片文件，在用户不知情下安装，窃取数据和监控位置。 检查一下字数是否符合要求，并确保没有遗漏重要信息。 </think> 美国网络安全与基础设施安全局（CISA）将三星手机漏洞CVE-2025-21042加入已知被利用的漏洞目录。该漏洞被用于部署LANDFALL间谍软件，在中东地区的定向攻击中通过WhatsApp发送的DNG图片文件传播，在零点击情况下安装并窃取数据、监控位置。... 2025-11-11 08:59:43 | 阅读: 16 | 收藏 | Security Affairs - securityaffairs.com samsung exploited landfall spyware