CrowdStrike fired an employee for leaking confidential data to the hacking group Scattered Lapsus$ Hunters. The insider, dubbed “suspicious,” shared internal images online, but CrowdStrike insists their systems remain uncompromised. The company detected the breach quickly, preventing any real damage, and has escalated the matter to law enforcement.

CISA adds Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities Catalog. This vulnerability allows remote code execution, effectively handing over the keys to your digital kingdom. It’s like leaving your door wide open with a welcome mat for hackers. Update now or prepare to roll out the red carpet for cyber intruders!

WhatsApp’s discovery feature is like a nosy neighbor still peeking over the fence. Researchers found they could extract user phone numbers en masse, eight years after the first warning. Meanwhile, Cisco’s throwing shade at outdated tech, and Microsoft just played whack-a-mole with the largest DDoS attack. Who knew cybersecurity could be so… eventful?

Browser notifications have gone rogue! Leveraging the cunning Matrix Push C2 platform, bad actors are using them as a phishing vector faster than you can say “click here.” This browser-native, fileless framework is the new kid on the block, tricking users into a web of deceit across all operating systems.

CISA has added a critical security flaw, CVE-2025-61757, affecting Oracle Identity Manager to its Known Exploited Vulnerabilities catalog. This vulnerability allows unauthenticated remote attackers to take over systems, thanks to a faulty filter bypass. Agencies must patch up by December 12, or risk becoming the punchline in a cyber-attack joke.

CISA urges agencies to patch a vulnerability in Oracle Identity Manager, CVE-2025-61757, which has been exploited, likely as a zero-day. This flaw allows attackers to bypass security filters with URL tweaks and execute remote code. Remember, folks: patching isn’t just for tires.

Hackers linked to the ShinyHunters group have breached Salesforce again, exploiting third-party app integrations like Gainsight. They’ve swiped OAuth tokens, triggering a supply chain breach across numerous organizations. Salesforce’s swift response, while effective, erased crucial records needed for investigation. It’s a reminder that SaaS security shouldn’t rely on trust alone!

CrowdStrike denies any system breach after an insider sold screenshots to hackers. They emphasize no customer data was exposed, even as hackers offered $25,000 for network access. The insider was promptly terminated, proving that crime doesn’t pay—unless you’re looking for a quick exit from your job.

Advanced persistent threat groups are no longer just hacking code—they’re hacking logic! Mohammed Almunajam of Tuwaiq Academy warns that governance and compliance frameworks can become attack surfaces. Almunajam’s “6 Black Hat Laws” aim to help enterprises anticipate these threats by thinking like attackers. Time to outsmart the smarties!

LINE’s encryption protocol, Letter Sealing v2, is under scrutiny for its vulnerabilities, making it a potential goldmine for cybercriminals. Researchers found flaws allowing message replay, plaintext leakage, and impersonation attacks, turning LINE into a “super app” with super-sized security concerns. It’s like leaving the vault open and putting up a “Take What You Need” sign.

Nvidia has confirmed that its security updates are causing gaming performance issues on Windows 11 systems. To tackle this, they’ve released the GeForce Hotfix Display Driver version 581.94. Just remember, it’s a beta driver—so if it acts like a moody teenager and doesn’t always follow the rules, don’t say we didn’t warn you!

ShinyHunters claimed responsibility for the Gainsight breach, snarfing data from Salesforce customers. With stolen OAuth tokens, they accessed several Salesforce instances. Gainsight, a customer success platform, is probing the breach with Google’s Mandiant. Salesforce and Zendesk have revoked access while investigations continue. ShinyHunters, despite a brief rage-quit, is reportedly back in action.

Grafana Labs has issued an alert about a critical flaw (CVE-2025-41115) in its Enterprise product. This vulnerability can make new users unintended administrators, but only when SCIM provisioning is enabled. Grafana urges users to update to a patched version or disable SCIM to avoid potential exploits.

Microsoft has released the KB5072753 update to stop the KB5068966 hotpatch from playing peek-a-boo with Windows 11 users. This update resolves the issue of the hotpatch reinstalling itself repeatedly. Now, your system will only update when necessary, not when it feels like it!

CrowdStrike insider captures screenshots for hackers, but the breach was foiled before any data was compromised. ShinyHunters claimed they offered $25,000 for access, but CrowdStrike quickly pulled the plug. While the hackers regroup under “Scattered Lapsus$ Hunters,” CrowdStrike’s systems remain unscathed, leaving the bad guys empty-handed and a bit red-faced.

Sturnus, the Android banking malware, is as tricky as a starling’s song. It bypasses encryption to read your chats, steals your bank details, and even fakes login screens. It’s a digital Houdini, hiding its actions with a black screen while pilfering your data. Beware of unofficial APKs or face a symphony of cyber chaos.

A judge blew the fuse on a decade-long surveillance program that turned 650,000 Sacramento residents into suspects based on their electrical usage. Apparently, using too much electricity makes you a potential criminal, but fear not, privacy prevailed! The court ruled that SMUD’s dragnet was less investigation and more “Watt were you thinking?”

In a move that has some scratching their heads, the FCC decided to ditch its stricter cybersecurity measures. Despite Salt Typhoon’s notorious hack, telecom firms found the rules too much to handle. Commissioner Gomez calls it “a hope and a dream,” but maybe the FCC just dreams of hackers taking a vacation.

SecurityWeek’s cybersecurity news roundup highlights a 40x surge in Palo Alto Networks scanning, a guilty plea from a hacker who locked out his former employer, and NSO’s appeal against a WhatsApp hacking ban. Meanwhile, ATM jackpotting persists, and CISA plans aggressive hiring to bolster defenses against China.

Beware of Matrix Push C2, the malware maestro fooling users with fake system notifications! This cyber trickster uses browser notifications to deliver malware, phish for data, and even scan for crypto wallets—all without ever needing a traditional file. Talk about a pushy malware!