A critical vulnerability has been identified in the Hitachi Energy Asset Suite, specifically within the Jasper Report component. This vulnerability, identified as CVE-2025-10492, allows for remote code execution (RCE) attacks.

A new campaign, codenamed Boto Cor-de-Rosa, is using WhatsApp to distribute the Astaroth banking trojan across Brazil. This malware targets users by automatically sending malicious messages to their WhatsApp contacts.

The GoBruteforcer botnet is aggressively targeting Linux servers worldwide, exploiting weak and reused credentials to gain access. Over 50,000 servers are at risk due to exposed infrastructure.

AuraStealer is a sophisticated MaaS infostealer targeting Windows systems. It employs advanced evasion techniques and social engineering to steal sensitive data, posing significant risks to both individual users and enterprise environments.

The FBI issued a warning regarding Kimsuky that is using malicious QR codes in spearphishing campaigns. These campaigns target U.S. organizations involved in North Korea-related policy, research, and analysis.

Zscaler ThreatLabz identified three malicious npm packages in November 2025—bitcoin-main-lib, bitcoin-lib-js, and bip40—that deliver NodeCordRAT, a remote access trojan (RAT) with data-stealing capabilities.

Microsoft is investigating a bug in classic Outlook that prevents recipients from opening encrypted emails with "Encrypt Only" permissions after a recent update. Affected users see a message_v2.rpmsg attachment instead of readable content.

Attackers are abusing misconfigured email routing and spoof protections to send phishing emails that appear to be from within an organization. These emails often use themes like HR notices, password resets, and shared documents to deceive recipients.

A major data breach has impacted Gulshan Management Services, a Texas-based company operating over 150 gas stations under the Handi Plus and Handi Stop brands. The breach exposed sensitive personal information of more than 377,000 individuals

Veeam has released patches for multiple vulnerabilities in its Backup & Replication software, including a critical remote code execution (RCE) vulnerability, CVE-2025-59470, with a CVSS score of 9.0.