A surge of malicious activity has been observed across the cyber landscape. Maverick malware is targeting Brazil’s largest banks, hijacking browser sessions and propagating through WhatsApp Web. Meanwhile, researchers have uncovered a new Android malware dubbed Fantasy Hub, sold as a Malware-as-a-Service (MaaS) offering on Russian-speaking Telegram channels, allowing threat actors to remotely control devices and steal sensitive data. In a positive development, the Rhadamanthys infostealer operation, previously known for stealing credentials and authentication cookies via its malware-as-a-service platform, has been disrupted after cybercriminals lost access to their servers. Keep reading for more news.
01
Maverick malware has emerged as a serious threat targeting Brazil’s largest banks by hijacking browser sessions and spreading through WhatsApp Web.
02
Researchers revealed a new Android malware called Fantasy Hub sold as Malware-as-a-Service (MaaS) on Russian-speaking Telegram channels, enabling remote device control and data theft.
03
A new Ransomware-as-a-Service (RaaS) operation called VanHelsing has emerged, posing a major threat with multi-platform attacks targeting Windows, Linux, BSD, ARM, and ESXi systems.
04
The Rhadamanthys infostealer operation, a malware-as-a-service platform that steals credentials and authentication cookies, has been disrupted after cybercriminals lost access to their servers.
05
Microsoft’s November 2025 Patch Tuesday update addresses 63 vulnerabilities, including a critical zero-day (CVE-2025-62215) affecting the Windows Kernel. It involves a race condition that allows attackers to gain system privileges.
06
Monsta FTP has a critical pre-authentication flaw (CVE-2025-34299) enabling full server takeovers via RCE. The vulnerability allows hackers to upload malicious files to servers without needing login credentials.
07
Mandiant discovered CVE-2025-12480, an unauthenticated access vulnerability in Triofox, allowing attackers to bypass authentication and execute arbitrary payloads.
08
Tor Browser 15.0.1 has been released. This update incorporates important security patches from the Firefox Extended Support Release and backports additional fixes from Firefox version 145.
09
Industrial cybersecurity giants Siemens, Schneider Electric, Rockwell Automation, and Aveva have released Patch Tuesday advisories addressing critical vulnerabilities in their ICS/OT products.
10
Japan Cyber Defense, a cybersecurity platform developer, secured approximately $6.5 million in seed funding from Incubate Fund, MPower Partners, and DBJ Capital.
