Security Affairs
- Get link
- X
- Other Apps
"Germany's BSI issues guidelines to counter evasion attacks targeting LLMs."
Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 15 November 2025, 1437 UTC.
Content and Source provided by email subscription from https://feedly.com.
https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed
Please check subscription link or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
Security Affairs
Most popular
by Pierluigi Paganini / 1dGermany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems. Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems and mitigate related risks. A significant and evolving threat to AI systems based on large language models (LLMs) arises from evasion attacks, malic Synology fixed a critical BeeStation RCE flaw (CVE-2025-12686) shown at Pwn2Own, caused by unchecked buffer input allowing code execution. Synology patched a critical remote code execution (RCE) flaw, tracked as CVE-2025-12686 (CVSS score 9.8), in BeeStation, demonstrated during the hacking competition Pwn2Own Ireland 2025 . BeeStation is a plug-and-play device that turns traditional storage into “Bitcoin Queen” Zhimin Qian gets 11 years in London for laundering $7.3B from a crypto scam that defrauded 128K victims in China. A British court sentenced a Chinese woman, Zhimin Qian (47), also known as the “Bitcoin Queen,” to 11 years and eight months in jail for laundering $7.3B from a crypto scam that defrauded 128K victims in China. In September, UK authorities raided the London home of Chi
by Pierluigi Paganini / 1d
Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems. Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems and mitigate related risks. A significant and evolving threat to AI systems based on large language models (LLMs) arises from evasion attacks, malic
Synology fixed a critical BeeStation RCE flaw (CVE-2025-12686) shown at Pwn2Own, caused by unchecked buffer input allowing code execution. Synology patched a critical remote code execution (RCE) flaw, tracked as CVE-2025-12686 (CVSS score 9.8), in BeeStation, demonstrated during the hacking competition Pwn2Own Ireland 2025 . BeeStation is a plug-and-play device that turns traditional storage into
“Bitcoin Queen” Zhimin Qian gets 11 years in London for laundering $7.3B from a crypto scam that defrauded 128K victims in China. A British court sentenced a Chinese woman, Zhimin Qian (47), also known as the “Bitcoin Queen,” to 11 years and eight months in jail for laundering $7.3B from a crypto scam that defrauded 128K victims in China. In September, UK authorities raided the London home of Chi
Yesterday
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiWeb flaw, tracked as CVE-2025-64446 (CVSS score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog . The vulnerability is a relative path traversal issue in Fortine ASUS fixed a critical auth-bypass flaw (CVE-2025-59367) in DSL routers that let remote, unauthenticated attackers access devices with ease. ASUS patched a critical auth-bypass flaw, tracked as CVE-2025-59367 (CVSS score of 9.3), in multiple DSL routers that allows remote, unauthenticated attackers to easily access unpatched devices. The vulnerability impacts DSL-AC51, DSL-N16, DSL-AC750 router fa 7 TTPs•by Pierluigi Paganini / 23hA vulnerability affecting Imunify360 lets attackers run code via malicious file uploads, risking millions of websites. A vulnerability in ImunifyAV/Imunify360 allows attackers to upload malicious files to shared servers and execute arbitrary code, potentially exposing millions of websites, cybersecurity firm Patchstack warns. The flaw in Imunify360 AV before v32.7.4.0 lets attacker‑supplied malwa 2 TTPs•by Pierluigi Paganini / 1dA Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to hijack admin accounts and fully compromise devices. Researchers warn of an authentication bypass flaw in Fortinet FortiWeb WAF that allows full device takeover. The cybersecurity vendor addressed the vulnerability with the release version 8.0.2 . A security flaw lets anyone break into FortiWeb devices and get
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiWeb flaw, tracked as CVE-2025-64446 (CVSS score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog . The vulnerability is a relative path traversal issue in Fortine
ASUS fixed a critical auth-bypass flaw (CVE-2025-59367) in DSL routers that let remote, unauthenticated attackers access devices with ease. ASUS patched a critical auth-bypass flaw, tracked as CVE-2025-59367 (CVSS score of 9.3), in multiple DSL routers that allows remote, unauthenticated attackers to easily access unpatched devices. The vulnerability impacts DSL-AC51, DSL-N16, DSL-AC750 router fa
7 TTPs
by Pierluigi Paganini / 23h
A vulnerability affecting Imunify360 lets attackers run code via malicious file uploads, risking millions of websites. A vulnerability in ImunifyAV/Imunify360 allows attackers to upload malicious files to shared servers and execute arbitrary code, potentially exposing millions of websites, cybersecurity firm Patchstack warns. The flaw in Imunify360 AV before v32.7.4.0 lets attacker‑supplied malwa
2 TTPs
by Pierluigi Paganini / 1d
A Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to hijack admin accounts and fully compromise devices. Researchers warn of an authentication bypass flaw in Fortinet FortiWeb WAF that allows full device takeover. The cybersecurity vendor addressed the vulnerability with the release version 8.0.2 . A security flaw lets anyone break into FortiWeb devices and get
Nov 13, 2025
3 TTPs•by Pierluigi Paganini / 1dThe Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors that personal and financial data was exposed in the Oracle breach. The popular newspaper has approximately 2.5M digital subscribers. Between July 10 and August 22, threat actors exploited a then-zero-day Malicious Chrome extension “Safery: Ethereum Wallet” steals users’ seed phrases while posing as a legit crypto wallet still available online. Socket’s Threat Research Team discovered a malicious Chrome extension called “ Safery: Ethereum Wallet ,” posing as a legitimate crypto wallet but designed to steal users’ seed phrases. The Chrome extension was uploaded to the Chrome Web Store on September 3 TTPs•by Pierluigi Paganini / 1dEuropol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Operation Endgame , carried out between November 10 and 13, 2025, dismantling major malware families including Rhadamanthys Stealer , Venom RAT , and the Elysium botnet as part of a global effort to disrupt cyb U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog . Below are the flaws added t
3 TTPs
by Pierluigi Paganini / 1d
The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors that personal and financial data was exposed in the Oracle breach. The popular newspaper has approximately 2.5M digital subscribers. Between July 10 and August 22, threat actors exploited a then-zero-day
Malicious Chrome extension “Safery: Ethereum Wallet” steals users’ seed phrases while posing as a legit crypto wallet still available online. Socket’s Threat Research Team discovered a malicious Chrome extension called “ Safery: Ethereum Wallet ,” posing as a legitimate crypto wallet but designed to steal users’ seed phrases. The Chrome extension was uploaded to the Chrome Web Store on September
3 TTPs
by Pierluigi Paganini / 1d
Europol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Operation Endgame , carried out between November 10 and 13, 2025, dismantling major malware families including Rhadamanthys Stealer , Venom RAT , and the Elysium botnet as part of a global effort to disrupt cyb
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog . Below are the flaws added t
Nov 12, 2025
11 TTPs•by Pierluigi Paganini / 2dAmazon warns that an advanced threat actor exploited zero-days in Cisco ISE and Citrix NetScaler to deploy custom malware. Amazon’s threat intelligence researchers spotted an advanced threat actor exploiting two previously undisclosed zero-day flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC to deliver custom malware. Attackers also exploited multiple undisclosed vulnerabilit Google sues China-based group using “Lighthouse” phishing kit in large-scale smishing attacks to steal victims’ financial data. Google filed a lawsuit against a cybercriminal group largely based in China that is behind a massive text message phishing operation, or “smishing.” The organization uses a phishing-as-a-service kit named “ Lighthouse ” to steal sensitive financial information by sending DanaBot returns after 6 months with a new Windows variant (v669), marking its comeback after being disrupted by Operation Endgame in May. DanaBot has resurfaced with a new variant (version 669) targeting Windows systems, six months after Operation Endgame disrupted its activity in May, according to Zscaler ThreatLabz. The researchers identified a set of command and control servers used in the lat Australia’s spy chief warns China-linked actors are probing critical infrastructure and preparing for cyber sabotage and espionage. Australia’s intelligence chief Mike Burgess warned that China-linked threat actors are probing critical infrastructure and, in some cases, have gained access. He said at least two Chinese state-sponsored groups are positioning themselves for future sabotage and espio
11 TTPs
by Pierluigi Paganini / 2d
Amazon warns that an advanced threat actor exploited zero-days in Cisco ISE and Citrix NetScaler to deploy custom malware. Amazon’s threat intelligence researchers spotted an advanced threat actor exploiting two previously undisclosed zero-day flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC to deliver custom malware. Attackers also exploited multiple undisclosed vulnerabilit
Google sues China-based group using “Lighthouse” phishing kit in large-scale smishing attacks to steal victims’ financial data. Google filed a lawsuit against a cybercriminal group largely based in China that is behind a massive text message phishing operation, or “smishing.” The organization uses a phishing-as-a-service kit named “ Lighthouse ” to steal sensitive financial information by sending
DanaBot returns after 6 months with a new Windows variant (v669), marking its comeback after being disrupted by Operation Endgame in May. DanaBot has resurfaced with a new variant (version 669) targeting Windows systems, six months after Operation Endgame disrupted its activity in May, according to Zscaler ThreatLabz. The researchers identified a set of command and control servers used in the lat
Australia’s spy chief warns China-linked actors are probing critical infrastructure and preparing for cyber sabotage and espionage. Australia’s intelligence chief Mike Burgess warned that China-linked threat actors are probing critical infrastructure and, in some cases, have gained access. He said at least two Chinese state-sponsored groups are positioning themselves for future sabotage and espio
Nov 11, 2025
Microsoft fixed over 60 flaws, including an actively exploited Windows kernel zero-day, in its latest Patch Tuesday updates. Microsoft’s Patch Tuesday security updates for November 2025 addressed 63 vulnerabilities impacting Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure Monitor Agent, Dynamics 365, Hyper-V, SQL Server, and the Windows Subsyst
Microsoft fixed over 60 flaws, including an actively exploited Windows kernel zero-day, in its latest Patch Tuesday updates. Microsoft’s Patch Tuesday security updates for November 2025 addressed 63 vulnerabilities impacting Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure Monitor Agent, Dynamics 365, Hyper-V, SQL Server, and the Windows Subsyst
End of feed
- Get link
- X
- Other Apps
Comments
Post a Comment
Please leave a comment about our recent post.