Two critical flaws in Cisco Snort 3, identified as CVE-2026-20026 and CVE-2026-20027, pose significant risks to network inspection processes. These vulnerabilities allow unauthenticated attackers to disrupt inspection or leak sensitive data.

The Equal Employment Opportunity Commission (EEOC) experienced a security incident involving unauthorized access by a contractor's employees. This breach affected the EEOC's Public Portal system.

Chinese state-aligned hacking group, Salt Typhoon, has allegedly targeted the email systems of U.S. congressional staff. This breach is part of a broader pattern of cyber threats against U.S. government entities.

A critical vulnerability has been identified in the Hitachi Energy Asset Suite, specifically within the Jasper Report component. This vulnerability, identified as CVE-2025-10492, allows for remote code execution (RCE) attacks.

A new campaign, codenamed Boto Cor-de-Rosa, is using WhatsApp to distribute the Astaroth banking trojan across Brazil. This malware targets users by automatically sending malicious messages to their WhatsApp contacts.

The GoBruteforcer botnet is aggressively targeting Linux servers worldwide, exploiting weak and reused credentials to gain access. Over 50,000 servers are at risk due to exposed infrastructure.

AuraStealer is a sophisticated MaaS infostealer targeting Windows systems. It employs advanced evasion techniques and social engineering to steal sensitive data, posing significant risks to both individual users and enterprise environments.

The FBI issued a warning regarding Kimsuky that is using malicious QR codes in spearphishing campaigns. These campaigns target U.S. organizations involved in North Korea-related policy, research, and analysis.

Zscaler ThreatLabz identified three malicious npm packages in November 2025—bitcoin-main-lib, bitcoin-lib-js, and bip40—that deliver NodeCordRAT, a remote access trojan (RAT) with data-stealing capabilities.

Microsoft is investigating a bug in classic Outlook that prevents recipients from opening encrypted emails with "Encrypt Only" permissions after a recent update. Affected users see a message_v2.rpmsg attachment instead of readable content.