ShadyPanda strikes again! This time, they’ve weaponized Chrome and Edge extensions, turning them into malicious tools that snoop on every click, swipe, and typo. With 4.3 million users affected, ShadyPanda has turned browser security into a comedy of errors. Who knew browsing history could be this dangerous?

Marquis Software Solutions experienced a ransomware attack impacting over 400,000 customers across 74 banks and credit unions. The breach involved a SonicWall firewall, with hackers stealing personal data. Despite no evidence of misuse, Marquis paid a ransom and is enhancing security measures. The Akira ransomware gang is suspected of exploiting the vulnerability.

A max-severity bug in React and Next.js allows remote attackers to execute malicious code. With easy exploitation, mass attacks are “imminent,” warn researchers. The flaw affects many internet giants and 39% of cloud environments. So, update now or brace for a cyber apocalypse starring CVE-2025-55182!

Arizona Attorney General Kris Mayes is suing Temu, claiming the app collects user data like it’s on a scavenger hunt. Allegations include unlawful data collection and privacy breaches. While Temu denies the claims, Arizona seeks a permanent data injunction, civil penalties, and all available legal relief.

Attackers are exploiting a critical-severity privilege escalation vulnerability, CVE-2025-8489, in the King Addons for Elementor plugin, giving them admin permissions faster than you can say “Oops, I did it again.” Wordfence has blocked over 48,400 attempts. For peace of mind, update to the latest version of King Addons.

Dark web intelligence is your organization’s secret weapon against cyber threats lurking in the internet’s murky depths. With platforms like Lunar and ZeroFox, executives can stay steps ahead of cybercriminals, turning dark web chatter into actionable insights. Remember, in the digital age, knowledge is power, and the dark web is full of it!

Leroy Merlin’s French customers got a not-so-fun surprise: their personal info has been exposed in a data breach. While no banking data was leaked, names, emails, and loyalty details were. The company urges vigilance against phishing, though thankfully, no ransom demands are in sight. Keep your garden tools handy, just in case!

Freedom Mobile, now part of Québecor, has revealed a data breach involving its customer account management platform. Attackers accessed personal information using a subcontractor’s account. While no misuse is reported, customers should stay vigilant for suspicious messages. Freedom’s quick response included blocking suspicious accounts and boosting security measures.

The University of Pennsylvania and the University of Phoenix have been schooled by hackers in the Oracle E-Business Suite debacle. Both institutions have confirmed data breaches, with personal information accessed. It’s a cyber-class no one wanted to attend, but at least they’re offering free credit monitoring as a study guide.

Attention React users: A flaw in React Server Components can lead to remote code execution. This vulnerability, CVE-2025-55182, is a ten on the “Oops” scale. Even if your app doesn’t use React Server Function endpoints, you might still be vulnerable. Update those npm packages stat, before your server becomes a hacker’s playground!

Roskomnadzor has blocked Roblox in Russia, citing the game’s “extremist and LGBT propaganda” content. It’s unclear if they plan to block Minecraft next, just in case players start building rainbow castles or organizing virtual protests!

Microsoft finally fixed a security flaw that made Windows Shortcut files the sneakiest ninjas since 2017. This bug, CVE-2025-9491, allowed bad guys to hide malicious commands like a cat under a sofa. Fortunately, Microsoft’s November 2025 Patch Tuesday update ensures these shortcuts can’t sneak around like they’re auditioning for a spy movie.

The ClickFix attack, a sneaky online threat, is causing havoc with a 517% surge. Hackers use fake ChatGPT Atlas installers to trick users into running password-stealing software. This attack, a crafty mix of site cloning and social engineering, can bypass top security tools. Beware of command-line instructions from sketchy websites!

Google is expanding Android’s in-call scam protection to include popular apps like Cash App and JPMorgan Chase. This feature warns users when sharing screens during calls from unknown numbers, helping them dodge cybercriminals impersonating banks. With panic-busting alerts, Google’s got your back—because nothing ruins a day like unwanted financial drama!

King Addons for Elementor’s security flaw lets hackers play admin for a day. This WordPress plugin vulnerability, CVE-2025-8489, allows attackers to register as site administrators, potentially turning your website into malware central. Update to version 51.1.35 and keep an eye out for any suspicious admin activity to stay secure.

Cybersecurity researchers have detected new spear-phishing attempts by Star Blizzard, a group linked to Russia’s FSB. Known for targeting Western entities, they impersonate trusted contacts to lure victims. Recently, they targeted Reporters Without Borders, using fake ProtonMail addresses to trick recipients into downloading malware.

Microsoft has “mitigated” a Windows LNK vulnerability by allowing users to see more than 260 characters in the Target field. While this isn’t a perfect fix, it does mean users can now spot malicious commands, provided they have superhuman attention spans and a magnifying glass handy. CVE-2025-9491 just got a little less sneaky!

The UK has thwarted nearly one billion cyber-attacks in a year thanks to the National Cyber Security Agency’s Share and Defend service. It blocks access to scam sites, making the UK a hard target for cybercriminals. Minister Jarvis applauded this shield of digital armor during the Cyber Resilience Summit.

Water Saci is upping the cybercrime ante in Brazil, swapping PowerShell for Python in their malware tactics. This villainous worm wriggles through WhatsApp, tricking users into opening PDFs and HTAs. Think of it as the bad guy who politely knocks before robbing you blind. Stay alert, Brazil, this isn’t your average phishing expedition!

Check Point Research reveals a flaw in Yearn Finance’s yETH pool allowed an attacker to mint 235 septillion yETH tokens after depositing just 16 wei, worth $0.000000000000000045. Exploiting desynchronized virtual balances, the perpetrator creatively turned a tiny deposit into $9 million in assets, proving crime sometimes does pay—if you’re a coding genius.