November 8, 2025

Hello All,

I’ve been on vacation this week and away from the studio, so this video is going to be quite different from the usual report. Here are some notable items from last week to be aware of.

• Apple patched or fixed over 100 vulnerabilities with their release of iOS 26.1 and 18.7.2
• Google released an emergency update of Chrome to fix more vulnerabilities that enable Remote Code Execution
• Cisco patched critical defects in their Unified Contact Center Express
• Two, possibly three US ransomware negotiators decided to dip their toes in the world of evil and engaged in ransomware attacks themselves – and got caught. Bury them UNDER the jail please.
• China isn’t playing when it comes to criminal fraud that touches their citizens. They’ve been executing criminals they catch.
• The US Congressional Budget Office was hacked – sigh.
• AI is enabling brain-scans to reveal what a person is thinking. Creepy.

And there’s lots more at the full listing of links below. Make sure you check them out.

Keep the shields up!

Viscount Jan Broucinek
RedDotSecurity.news

Headline NEWS

• Apple addresses more than 100 vulnerabilities in security updates for iPhones, Macs and iPads
• iOS 26.1 and iPadOS 26.1 bring multiple critical security fixes
• iOS 18.7.2 now available for iPhone
• Chrome Emergency Update to Patch Multiple Vulnerabilities that Enable Remote Code Execution
• Google Issues Emergency Chrome Update to Fix Critical RCE Flaw
• Critical Cisco UCCX flaw lets attackers run commands as root
• Cisco Patches Critical Vulnerabilities in Contact Center Appliance 

Ransomware, Malware, and Vulnerabilities News

• Good News, Government News, and Interesting
• CISA: High-severity Linux flaw now exploited by ransomware gangs
• Congressional Budget Office had a cyber ‘security incident’
• Alleged Jabber Zeus Coder ‘MrICQ’ in U.S. Custody
• DOJ accuses US ransomware negotiators of launching their own ransomware attacks
• US Traces Ransomware Attacks to 2 People Working for Cybersecurity Firms
• How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia
• Data breach blows cover on Iran’s elite hacker academy
• China sentences 5 to death for building, running criminal gang fraud centers in Myanmar’s lawless borderlands
• Violent cybercrime surges in Europe amid big payouts
• Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions
• Preparing for Threats to Come: Cybersecurity Forecast 2026
• Vulnerabilities and Exploits
• Critical UniFi OS Flaw Enables Remote Code Execution
• Critical Control Web Panel vulnerability is actively exploited
• China-linked hackers exploited Lanscope flaw as a zero-day in attacks
• QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own
• Norway’s Hidden Bus Backdoor: China’s Remote Control Sparks Cybersecurity Crisis
• Europe’s energy grid faces growing cyber threat
• Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation
• Google’s AI ‘Big Sleep’ Finds 5 New Vulnerabilities in Apple’s Safari WebKit
• Windows Graphics Vulnerabilities Allow Remote Attackers to Execute Arbitrary Code
• Australia warns of BadCandy infections on unpatched Cisco devices
• Next-gen firewalls, VPNs can increase security risks: At-Bay
• Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed
• Windows Cloud Files Mini Filter Driver Vulnerability Exploited to Escalate Privileges
• Critical Android 0-Click Vulnerability in System Component Allows RCE Attacks
• The race to defend satellites from cyberattacks
• Cisco Identity Services Engine Vulnerability Allows Attackers to Restart ISE unexpectedly
• Hackers exploit WordPress plugin Post SMTP to hijack admin accounts
• Hackers Exploit OneDrive.exe Through DLL Sideloading to Execute Arbitrary Code
• Sun unleashes 2 colossal X-class solar flares, knocking out radio signals across the Americas and Pacific
• Astronomers Are Tracking a Giant Sunspot Cluster That’s Already Causing Problems
• From Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage Tools
• HackedGPT – 7 New Vulnerabilities in GPT-4o and GPT-5 Enables 0-Click Attacks
• Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362
• VulnRisk: Open-source vulnerability risk assessment platform
• Multiple Django Vulnerabilities Enable SQL injection and DoS Attack
• Critical RCE Vulnerabilities in Claude Desktop Let Attackers Execute Malicious Code
• NVIDIA NVApp for Windows Vulnerability Let Attackers Execute Malicious Code
• When Your Calendar Becomes the Compromise
• Hackers Can Attack Active Directory Sites to Escalate Privileges and Compromise the Domain
• Redis Critical Remote Code Execution Vulnerability Discovered After 13 Years
• Phishing, Malware, and similar
• Meta is earning a fortune on a deluge of fraudulent ads, documents show
• Meta reportedly projected 10% of 2024 sales came from scam, fraud ads
• Anatomy of Tycoon 2FA Phishing: Tactics Targeting M365 and Gmail
• ‘TruffleNet’ Attack Uses Stolen Credentials Against AWS
• Credentials and Misconfigurations Behind Most Cloud Breaches, Says AWS
• Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly
• New Linux Singularity Rootkit using Sophisticated Technique to Evade Elastic EDR Detection
• Hackers Deliver SSH-Tor Backdoor Via Weaponized Military Documents in ZIP Files
• Russian hackers abuse Hyper-V to hide malware in Linux VMs
• Weaponized Putty and Teams Ads Deliver Malware Allowing Hackers to Access Network
• Gootloader malware is back with new tricks after 7-month break
• Scam centers in southeast Asia are on the rise despite crackdowns to root out the illegal industry
• SesameOp: Novel backdoor uses OpenAI Assistants API for command and control
• Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine
• Wipers from Russia’s most cut-throat hackers rain destruction on Ukraine
• ClickFix malware attacks evolve with multi-OS support, video tutorials
• ClickFix Attacks Against macOS Users Evolving
• Russian hackers use fake CAPTCHA tests to spread dangerous malware
• Commercial spyware “Landfall” ran rampant on Samsung phones for almost a year
• Microsoft Teams “Chat with Anyone” Feature Raises Security Concerns Over Phishing Risks
• Couple loses $180,000 from retirement savings after accounts hacked
• Breaches, Leaks, and Ransomware
• A Cybercrime Merger Like No Other — Scattered Spider, LAPSUS$, and ShinyHunters Join Forces
• SonicWall says state-sponsored hackers behind September security breach
• How a ransomware gang encrypted Nevada government’s systems
• Apache OpenOffice disputes data breach claims by ransomware gang
• Hyundai AutoEver America data breach exposes SSNs, drivers licenses
• Hacker claiming responsibility for scam Penn emails stole data from 1.2 million people
• ‘We got hacked’ emails threaten to leak University of Pennsylvania data
• Alleged U Penn hacker claims they’re in it for money, not ‘primarily “anti-DEI”’
• Remote access, real cargo: cybercriminals targeting trucking and logistics
• Hackers use RMM tools to breach freighters and steal cargo shipments
• Government hackers breached telecom giant Ribbon for months before getting caught
• Theft at the Louvre: The surveillance system’s password “LOUVRE” has put the museum in crisis
• Europe Sees Increase in Ransomware, Extortion Attacks
• Data breach at major Swedish software supplier impacts 1.5 million
• Nikkei Suffers Breach Via Slack Compromise
• MIT Sloan shelves paper about AI-driven ransomware
• Washington Post says it is among victims of cyber breach tied to Oracle software
• Clop Ransomware Actors Exploiting the Latest 0-Day Exploits in the Wild
• Microsoft Uncovers ‘Whisper Leak’ Attack That Identifies AI Chat Topics in Encrypted Traffic 

Other News Events of Note and Interest

• Cool Tool: Meet ProxMenux Monitor: The New Way to Monitor Proxmox Servers
• 37 years ago this week, the Morris worm infected 10% of the Internet within 24 hours
• Linux Mint is getting an improved Cinnamon menu and new troubleshooting tools
• Internet Archive’s legal fights are over, but its founder mourns what was lost
• com Archive Facing Shutdown Due To Financing Issues
• Google Cloud suspended customer’s account three times
• Google-Wiz $32B deal cleared by DOJ
• Google Drive’s Shared Drives just got a critical, long-overdue security feature
• Meet Project Suncatcher, Google’s plan to put AI data centers in space
• Ionos and Nextcloud Launch Cloud-Based Alternative to Microsoft Office
• DRAM prices skyrocket 171% year-over-year, outpacing the rate of gold price increases
• Amazon Equips Next Underwater Cable With ‘Robust Armoring’ to Prevent Cuts
• Security Leadership Master Class 1 : Leveling up your leadership
• AI, LLM’s, and Skynet
• Microsoft AI’s first in-house image generator MAI-Image-1 is now available
• OpenAI, Amazon Sign $38 Billion Cloud Deal
• OpenAI’s Sora Video Generator App Finally Available on Android
• New Version of Siri to ‘Lean’ on Google Gemini
• Why do AI models use so many em-dashes?
• These AI ‘Singers’ Charting On Billboard Are Actually AI Generated
• Introducing Aardvark: OpenAI’s agentic security researcher
• AI Turns Brain Scans Into Full Sentences and It’s Eerie To Say The Least
• New data shows companies are rehiring former employees as AI falls short of expectations
• Microsoft
• Intel confirms Windows 11 25H2 is now fully supported by its drivers
• How to avoid the most common threats that compromise Windows
• Microsoft removing Defender Application Guard from Office
• Microsoft Edge introduces passkey saving and syncing with Microsoft Password Manager
• Microsoft quietly makes a requirement mandatory for Windows 11 25H2 24H2 installations
• Windows 11 24H2/25H2 Update Causes Task Manager to be Active After Closure
• Microsoft: Patch for WSUS flaw disabled Windows Server hotpatching
• Microsoft admits that Windows 10 is wrongly telling users they’re out of support — here’s the fix
• Microsoft clarifies it is not actually ending support for many Windows 10 PCs
• Microsoft: October Windows updates trigger BitLocker recovery
• Microsoft finally makes passkeys viable thanks to Edge on Windows 11
• Microsoft offers in-country data processing to 15 countries to strengthen sovereign controls for Microsoft 365 Copilot
• Microsoft apologizes over Copilot plan confusion
• How to improve Windows 11 security using Administrator Protection — shielding your PC with a switch buried in its settings
• Microsoft testing faster Quick Machine Recovery in Windows 11
• Microsoft Entra Credentials in the Authenticator App on Jail-Broken Devices to be Wiped Out
• Microsoft’s lack of quality control is out of control
• Microsoft shares Windows 10 extended security updates requirements and activation IDs