Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud.
The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private to you and is not accessible to anyone else, not

Artificial Intelligence / Encryption

Google on Tuesday unveiled a new privacy-enhancing technology called **Private AI Compute** to process artificial intelligence (AI) queries in a secure platform in the cloud.

The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private to you and is not accessible to anyone else, not even Google."

Private AI Compute has been described as a "secure, fortified space" for processing sensitive user data in a manner that's analogous to on-device processing but with extended AI capabilities. It's powered by Trillium Tensor Processing Units (TPUs) and Titanium Intelligence Enclaves (TIE), allowing the company to use its frontier models without sacrificing on security and privacy.

In other words, the privacy infrastructure is designed to take advantage of the computational speed and power of the cloud while retaining the security and privacy assurances that come with on-device processing.

Google's CPU and TPU workloads (aka trusted nodes) rely on an AMD-based hardware Trusted Execution Environment (TEE) that encrypts and isolates memory from the host. The tech giant noted that only attested workloads can run on the trusted nodes, and that administrative access to the workloads is cut off. Furthermore, the nodes are secured against potential physical data exfiltration attacks.

The infrastructure also supports peer-to-peer attestation and encryption between the trusted nodes to ensure that user data is decrypted and processed only within the confines of a secure environment and is shielded from broader Google infrastructure.

"Each workload requests and cryptographically validates the workload credentials of the other, ensuring mutual trust within the protected execution environment," Google explained. "Workload credentials are provisioned only upon successful validation of the node's attestation against internal reference values. Failure of validation prevents connection establishment, thus safeguarding user data from untrusted components."

The overall process flow works like this: A user client establishes a Noise protocol encryption connection with a frontend server and establishes bi-directional attestation. The client also validates the server's identity using an Oak end-to-end encrypted attested session to confirm that it's genuine and not modified.

Following this step, the server sets up an Application Layer Transport Security (ALTS) encryption channel with other services in the scalable inference pipeline, which then communicates with model servers running on the hardened TPU platform. The entire system is "ephemeral by design," meaning an attacker who manages to gain privileged access to the system cannot obtain past data, as the inputs, model inferences, and computations are discarded as soon as the user session is completed.

Google Private AI Compute Architecture

Google has also touted the various protections baked into the system to maintain its security and integrity and prevent unauthorized modifications. These include -

*   Minimizing the number of components and entities that must be trusted for data confidentiality
*   Using Confidential Federated Compute for collecting analytics and aggregate insights
*   Encryption for client-server communications
*   Binary authorization to ensure only signed, authorized code and validated configurations are running across its software supply chain
*   Isolating user data in Virtual Machines (VMs) to contain compromise
*   Securing systems against physical exfiltration with memory encryption and input/output memory management unit (IOMMU) protections
*   Zero shell access on the TPU platform
*   Using IP blinding relays operated by third-parties to tunnel all inbound traffic to the system and obscure the true origin of the request
*   Isolating the system's authentication and authorization from inference using Anonymous Tokens

NCC Group, which has conducted an external assessment of Private AI Compute between April and September 2025, said it was able to discover a timing-based side channel in the IP blinding relay component that could be used to "unmask" users under certain conditions. However, Google has deemed it low risk due to the fact that the multi-user nature of the system introduces a "significant amount of noise" and makes it challenging for an attacker to correlate a query to a specific user.

The cybersecurity company also said it identified three issues in the implementation of the attestation mechanism that could result in a denial-of-service (DoS) condition, as well as various protocol attacks. Google is currently working on mitigations for all of them.

"Although the overall system relies upon proprietary hardware and is centralized on Borg Prime, \[...\] Google has robustly limited the risk of user data being exposed to unexpected processing or outsiders, unless Google, as a whole organization, decides to do so," it said. "Users will benefit from a high level of protection from malicious insiders."

The development mirrors similar moves from Apple and Meta, which have released Private Cloud Compute (PCC) and Private Processing to offload AI queries from mobile devices in a privacy-preserving way.

"Remote attestation and encryption are used to connect your device to the hardware-secured sealed cloud environment, allowing Gemini models to securely process your data within a specialized, protected space," Jay Yagnik, Google's vice president for AI Innovation and Research, said. "This ensures sensitive data processed by Private AI Compute remains accessible only to you and no one else, not even Google."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

Google Launches 'Private AI Compute' — Secure AI Processing with On-Device-Level Privacy

In 2025, account takeover (ATO) attacks are a significant – and growing – cybersecurity threat, especially in the…

In 2025, **account takeover (ATO) attacks** are a significant – and growing – cybersecurity threat, especially in the e-commerce, banking, healthcare, and SaaS sectors. Hackers use phishing, credential stuffing, and brute force tactics to access accounts, steal data, and damage corporate reputations. Businesses need advanced ATO protection tools that incorporate powerful detection, prevention, and behavior analytics capabilities.

With attackers increasingly relying on bots, stolen credentials, and dark web marketplaces, the best modern solutions feature AI-fuelled analysis, machine learning, bot mitigation, and real-time fraud prevention. Below, we review the best eight ATO security providers to help your organization identify the very best solution for its needs.

****Why Your Business Needs Account Takeover Security Tools in 2026****

With ATO attacks on the rise, businesses must recognize the value of specialized platforms to guard against this threat. Traditional defences like passwords and firewalls are no longer enough to keep organizations safe. Unlike basic authentication tools, modern ATO solutions integrate multi-factor authentication, risk scoring, intelligent monitoring, and bot management to prevent attacks before they occur.

A 2025 report revealed that over 70% of web traffic is driven by automated bots, with ATO attacks making up a significant proportion of this. The surge reflects the need for adaptive tools that operate seamlessly across devices, channels, and global user bases. The eight platforms we look at below lead the ATO protection market, offering tailored strategies to secure digital identities.

****1\. DataDome****

DataDome is a leading ATO protection tool, well-regarded for its AI-powered bot and fraud detection capabilities. This solution identifies suspicious behavior in real-time to stop credential stuffing and brute force attacks before they affect users. Perfect for businesses of all sizes, from startups to long-established large enterprises, it integrates and scales easily without adding latency. DataDome processes billions of requests daily, providing 24/7 global protection via adaptive AI.

This solution deploys quickly, supports mobile SDKs, and can integrate with cloud, on-premises, and hybrid environments. With granular bot filtering, behavioral analysis, and seamless CDN and WAF integration, DataDome delivers powerful and always-on defence against existing and evolving threats.

****Pros****

*   Delivers accurate threat mitigation with minimal false positives.
*   Integrates easily across web apps, APIs, and mobile platforms.
*   Uses real-time machine learning to adapt to evolving attack patterns.
*   Offers flexible deployment across cloud and on-premises environments.

****Cons****

*   No free trial is currently offered.
*   Pricing may be cost-prohibitive for startups.

****2\. Imperva****

This suite of tools from Imperva is a trusted solution, offering accurate fraud protection without negatively impacting the user experience. It guards businesses against credential stuffing, fake sign-ups, scraping attacks, and other forms of cybercrime with cloud-first deployment and support for on-premises setup.

Imperva uses AI-fuelled analysis, data enrichment, and risk monitoring to detect compromised credentials and integrates with firewalls, API gateways, and identity systems with minimal latency. Key features include anomaly detection, API abuse prevention, and real-time dashboards to track fraud trends and help maintain compliance. Scalable and precise, Imperva is ideal for high-volume industries like retail and banking.

****Pros****

*   Strikes an effective balance between strong security and a smooth user experience.
*   Offers advanced risk scoring with actionable fraud insights.
*   Provides robust protection for APIs and mobile platforms.
*   Supports flexible deployment across cloud and on-premises environments.

****Cons****

*   May require comparatively more onboarding, especially for smaller teams.
*   Free trial offers limited access to the full feature set.

****3\. F5****

The F5 Distributed Cloud Bot Defence helps organizations protect their digital experiences at scale by using advanced AI to detect and block credential abuse and fraudulent login attempts. Its invisible security approach ensures bots are stopped in their tracks without disrupting legitimate users, making it perfect for customer-facing industries.

F5 deploys behavioral fingerprinting, device analytics, and adaptive risk scoring to identify and deal with threats. The solution supports hybrid and multi-cloud deployments and integrates easily with APIs and mobile platforms. Further, centralized dashboards provide insight into fraud patterns, helping teams fine-tune their defences.

****Pros****

*   Provides seamless user experience with **minimal friction**.
*   Protects mobile apps, APIs, and websites.
*   Uses AI-driven behavioral analysis to detect and block threats.
*   Supports flexible setup in a range of deployments.

****Cons****

*   Prices may be challenging for mid-size organizations.
*   Initial setup can be complex, which may be problematic for smaller teams with limited resources.

****4\. Telesign****

Telesign offers a communication-first approach to ATO prevention by combining SMS, phone verification, and identity intelligence to ensure users are legitimate before being granted access. The solution operates through robust communications APIs and handles high-volume login traffic with ease, making it ideal for enterprises and SaaS platforms.

Telesign’s key features include risk scoring and identity APIs, and it aims to strengthen multi-factor authentication processes and block fake registrations and logins without affecting the user experience.

****Pros****

*   Reliable phone verification APIs for secure user authentication.
*   Extensive global coverage for SMS and voice channels.
*   Simple integration into mobile and web applications.
*   Affordable multi-factor authentication layer for added security.

****Cons****

*   Does not offer comprehensive bot protection features.
*   SMS-related costs can rise significantly with large-scale usage.

****5\. Cloudflare Bot Management****

Cloudflare offers a powerful and affordable bot management solution, and is especially relevant for businesses already using the Cloudflare platform. Leveraging visibility across a vast digital network, it offers strong protection against account takeover and a wide range of automated threats.

The suite of tools uses machine learning, behavioral analyses, and JavaScript fingerprinting trained on massive data volumes for ultimate effectiveness. Features include API protection, customizable bot rules, and adaptive scoring to detect suspicious behavior, to deliver powerful bot and ATO defence without adding complexity.

****Pros****

*   Integrates smoothly with Cloudflare services and delivers low-latency performance.
*   Offers high value at scale.
*   Effectively blocks basic and mid-level threat bots.

****Cons****

*   It may not be as precise as specialized bot protection solutions.
*   Lacks built-in dark web monitoring tools for credential exposure protection.

****6\. Darktrace****

This ATO security provider from Darktrace provides intelligent account takeover protection using self-learning AI that adapts to each business’s unique digital environment. Unlike traditional tools, it autonomously learns behavior patterns to detect anomalies and respond instantly. Its real-time defences make it a good choice for organizations with complex infrastructure, while the solution’s configurable dashboards allow for continuing monitoring and insights.

****Pros****

*   Automatically detects and responds to threats using self-learning AI.
*   Compatible with SaaS platforms and hybrid infrastructure.
*   Continuously improves detection rates with adaptive learning.
*   Delivers fast response times and minimal latency.

****Cons****

*   Pricing is relatively high, compared to similar solutions on the market.
*   Requires an initial AI training period to achieve full accuracy.

****7\. Proofpoint****

Proofpoint Account Takeover Protection provides effective defence against phishing-driven account compromises. It combines email intelligence, behavioral analytics, and login anomaly detection to identify threats early. With strong integration into its cloud security platform, Proofpoint monitors for dark web leaks, insider risks, and breach indicators to offer a comprehensive, layered solution that goes well beyond basic controls.

****Pros****

*   Excellent protection against phishing-driven account takeover attempts.
*   Seamless integration with the broader Proofpoint security ecosystem.
*   Monitors the dark web for exposed credentials.
*   Provides clear, actionable risk reports.

****Cons****

*   Most effective when used in conjunction with the full Proofpoint platform.
*   Primarily focused on email-related threats, with limited coverage beyond this.

****8\. Akamai****

This ATO protection option from Akamai could be a good choice for global enterprises needing scalable, real-time account security. Leveraging its huge content delivery and edge computing network, it detects suspicious logins before malicious bots access applications.

The platform uses device fingerprinting, behavioral analysis, and adaptive authentication to block bots and credential stuffing attempts without negatively impacting legitimate users. Akamai supports multi-cloud and hybrid environments to deliver detailed risk scoring and low-latency protection.

****Pros****

*   Extensive global coverage and traffic visibility.
*   Effective bot mitigation at the edge level.
*   Advanced behavioral risk analysis to detect suspicious activity.

****Cons****

*   May be more expensive than other similar options on the market.
*   Setup can be complex for smaller teams with limited resources.

****Protecting Your Business from ATO Attacks is Vital in 2026 and Beyond****

As ATO attacks grow more sophisticated, businesses must adopt intelligent, scalable protection that goes beyond basic authentication processes. The platforms reviewed above offer advanced AI, behavioral analytics, and bot mitigation tools to safeguard digital identities, now and in the future.

(Photo by Zulfugar Karimov on Unsplash)

8 Recommended Account Takeover Security Providers

Cl0p ransomware lists NHS UK as a victim days after The Washington Post confirms a major Oracle E-Business breach linked to CVE-2025-61882.

Cl0p is claiming responsibility for a new data breach affecting the National Health Service (NHS UK). On November 11, 2026, the ransomware group posted on its dark web leak site, accusing the healthcare provider of neglecting its security, stating, “The company doesn’t care about its customers; it ignored their security.”

Although the group has not revealed the volume of stolen data, the announcement aligns with ongoing attacks and reports pointing out CL0p of exploiting vulnerabilities in Oracle’s E-Business Suite (EBS).

NHS officials have not confirmed a breach, but their cybersecurity division did issue alerts in October about critical flaws in Oracle EBS. That alert warned healthcare and public sector systems relying on Oracle’s enterprise software to apply immediate patches and restrict internet exposure. The timing of the Cl0p post now suggests the group may have exploited the same vulnerabilities NHS had already flagged a month earlier.

NHS UK data breach claims from the Cl0p ransomware group (Image credit: Hackread.com)

****The Washington Post****

While the NHS claim is still being investigated, Cl0p’s campaign has already proven its reach. Just days earlier, on November 7, the group announced it had breached The Washington Post by exploiting the same Oracle EBS flaws.

As seen by Hackread.com, the hackers published what they claim is 183GB of data under a folder labeled ebs.washpost.com. The Washington Post later confirmed it was impacted, saying it was among the victims of a “breach of the Oracle E-Business Suite platform.”

The Washington Post’s data details (Image credit: Hackread.com)

****What Experts Think****

Security experts say the Washington Post attack fits Cl0p’s pattern of large-scale, data-theft operations targeting enterprise software used across multiple sectors. Lidia Lopez, Senior Threat Intelligence Analyst at Outpost24, noted that the incident highlights Cl0p’s focus on exploiting high-value business systems rather than random targets.

She explained that the group has moved away from traditional ransomware encryption toward coordinated data-exfiltration campaigns that leverage zero-day flaws in critical software such as MOVEit, GoAnywhere, and Oracle EBS.

Unlike affiliate-based ransomware operations, Cl0p’s structure is centralised and technical. Lopez said this setup allows the group to conduct synchronised attacks against hundreds of organisations before vendors release patches.

Their tactics often involve scanning for vulnerable systems, gaining remote access, maintaining persistence, and quietly siphoning data for months before making demands or publishing leaks.

The Washington Post data breach claims from the Cl0p ransomware group (Image credit: Hackread.com)

Faik Emre Derin, Technical Content Manager at SOCRadar, added that the Oracle EBS campaign revolves around CVE-2025-61882, a severe remote code execution flaw with a CVSS score of 9.8.

His team’s analysis shows the exploitation began around August 2025, months before Oracle issued an emergency patch on October 4. The affected versions range from 12.2.3 to 12.2.14, with attackers focusing on the BI Publisher Integration module that allows unauthenticated access to vulnerable systems.

Derin said the exploit’s spread accelerated when a separate group called Scattered Lapsus$ Hunters leaked proof-of-concept code on October 3. This leak allowed additional threat actors, including Cl0p and FIN11, to expand attacks on a global scale.

He recommended that organisations running Oracle EBS install the October 2025 patch immediately, conduct forensic reviews dating back to August, and monitor for connections to suspicious IPs such as 200.107.207.26 and 185.181.60.11.

The ongoing campaign has also affected other high-profile organisations, including Harvard University and American Airlines’ subsidiary Envoy. Investigations by Mandiant and Google’s Threat Intelligence Group suggest the activity started in late September 2025, targeting companies that rely heavily on Oracle EBS for finance, HR, and supply-chain management.

Oracle has since released patches addressing the vulnerabilities and urged customers to update without delay. Despite those efforts, many systems remain exposed, providing Cl0p and affiliated groups with continued opportunities for exploitation.

The inclusion of NHS UK and The Washington Post in the victim list places the Cl0p campaign among the most significant enterprise-software breaches in recent years. With stolen data already circulating online and more victims expected to surface, experts warn that the threat from unpatched Oracle systems is far from over.

Cl0p Ransomware Lists NHS UK as Victim, Days After Washington Post Breach

Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp.
According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking applications.

Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp.

According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking applications. More importantly, both include the ability to spread through WhatsApp Web.

Maverick was first documented by Trend Micro early last month, attributing it to a threat actor dubbed **Water Saci**. The campaign involves two components: A self-propagating malware referred to as SORVEPOTEL that's spread via the desktop web version of WhatsApp and is used to deliver a ZIP archive containing the Maverick payload.

The malware is designed to monitor active browser window tabs for URLs that match a hard-coded list of financial institutions in Latin America. Should the URLs match, it establishes contact with a remote server to fetch follow-on commands to gather system information and serve phishing pages to steal credentials.

Cybersecurity firm Sophos, in a subsequent report, was the first to raise the possibility of whether the activity could be related to prior reported campaigns that disseminated Coyote targeting users in Brazil and if Maverick is an evolution of Coyote. Another analysis from Kaspersky found that Maverick did contain many code overlaps with Coyote, but noted it's treating it as a completely new threat targeting Brazil en masse.

The latest findings from CyberProof show that the ZIP file contains a Windows shortcut (LNK) that, when launched by the user, runs cmd.exe or PowerShell to connect to an external server ("zapgrande\[.\]com") to download the first-stage payload. The PowerShell script is capable of launching intermediate tools designed to disable Microsoft Defender Antivirus and UAC, as well as retrieve a .NET loader.

The loader, for its part, features anti-analysis techniques to check for the presence of reverse engineering tools and self-terminate if found. The loader then proceeds to download the main modules of the attack: SORVEPOTEL and Maverick. It's worth mentioning here that Maverick is only installed after ensuring that the victim is located in Brazil by checking the time zone, language, region, and date and time format of the infected host.

CyberProof said it also found evidence of the malware being used to single out hotels in Brazil, indicating a possible expansion of targeting.

The disclosure comes as Trend Micro detailed Water Saci's new attack chain that employs an email-based command-and-control (C2) infrastructure, relies on multi-vector persistence for resilience, and incorporates several advanced checks to evade detection, enhance operational stealth, and restrict execution to only Portuguese-language systems.

"The new attack chain also features a sophisticated remote command-and-control system that allows threat actors real-time management, including pausing, resuming, and monitoring the malware's campaign, effectively converting infected machines into a botnet tool for coordinated, dynamic operations across multiple endpoints," the cybersecurity company said in a report published late last month.

New Water Saci attack chain observed

The infection sequence eschews .NET binaries in favor of Visual Basic Script (VB Script) and PowerShell to hijack WhatsApp browser sessions and spread the ZIP file via the messaging app. Similar to the previous attack chain, the WhatsApp Web hijack is performed by downloading ChromeDriver and Selenium for browser automation.

The attack is triggered when a user downloads and extracts the ZIP archive, which includes an obfuscated VBS downloader ("Orcamento.vbs" aka SORVEPOTEL), which, in turn, issues a PowerShell command to download and execute a PowerShell script ("tadeu.ps1") directly in memory.

This PowerShell script is used to take control of the victim's WhatsApp Web session and distribute the malicious ZIP files to all contacts associated with their account, while also displaying a deceptive banner named "WhatsApp Automation v6.0" to conceal its malicious intent. Furthermore, the script contacts a C2 server to fetch message templates and exfiltrate contact lists.

"After terminating any existing Chrome processes and clearing old sessions to ensure clean operation, the malware copies the victim's legitimate Chrome profile data to its temporary workspace," Trend Micro said. "This data includes cookies, authentication tokens, and the saved browser session."

Water Saci campaign timeline

"This technique allows the malware to bypass WhatsApp Web's authentication entirely, gaining immediate access to the victim's WhatsApp account without triggering security alerts or requiring QR code scanning."

The malware, the cybersecurity company added, also implements a sophisticated remote control mechanism that allows the adversary to pause, resume, and monitor the WhatsApp propagation in real-time, effectively turning it into malware capable of controlling the compromised hosts like a bot.

As for how it actually distributes the ZIP archive, the PowerShell code iterates through every harvested contact and checks for a pause command prior to sending personalized messages by substituting variables in the message template with time-based greetings and contact names.

Another significant aspect of SORVEPOTEL is that it leverages IMAP connections to terra.com\[.\]br email accounts using hardcoded email credentials to connect to the email account and retrieve commands rather than using a traditional HTTP-based communication. Some of these accounts have been secured using multi-factor authentication (MFA) to prevent unauthorized access.

This added security layer is said to have introduced operational delays since each login requires the threat actor to manually enter a one-time authentication code to access the inbox and save the C2 server URL used to send the commands. The backdoor then periodically polls the C2 server for fetching the instruction. The list of supported commands is as follows -

*   INFO, to collect detailed system information
*   CMD, to run a command via cmd.exe and export the results of the execution to a temporary file
*   POWERSHELL, to run a PowerShell command
*   SCREENSHOT, to take screenshots
*   TASKLIST, to enumerate all running processes
*   KILL, to terminate a specific process
*   LIST\_FILES, to enumerate files/folders
*   DOWNLOAD\_FILE, to download files from infected system
*   UPLOAD\_FILE, to upload files to infected system
*   DELETE, to delete specific files/folders
*   RENAME, to rename files/folders
*   COPY, to copy files/folders
*   MOVE, to move files/folders
*   FILE\_INFO, to get detailed metadata about a file
*   SEARCH, to recursively search for files matching specified patterns
*   CREATE\_FOLDER, to create folders
*   REBOOT, to initiate a system restart with 30-second delay
*   SHUTDOWN, to initiate a system shutdown with 30-second delay
*   UPDATE, to download and install an updated version of itself
*   CHECK\_EMAIL, to check the attacker-controlled email for new C2 URLs

The widespread nature of the campaign is driven by the popularity of WhatsApp in Brazil, which has over 148 million active users, making it the second largest market in the world after India.

"The infection methods and ongoing tactical evolution, along with the region-focused targeting, indicate that Water Saci is likely linked to Coyote, and both campaigns operate within the same Brazilian cybercriminal ecosystem," Trend Micro said, describing the attackers as aggressive in "quantity and quality."

"Linking the Water Saci campaign to Coyote reveals a bigger picture that exhibits a significant shift in the banking trojan's propagation methods. Threat actors have transitioned from relying on traditional payloads to exploiting legitimate browser profiles and messaging platforms for stealthy, scalable attacks."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

WhatsApp Malware 'Maverick' Hijacks Browser Sessions to Target Brazil's Biggest Banks

Microsoft has released its monthly security update for November 2025, which includes 63 vulnerabilities affecting a range of products, including 5 that Microsoft marked as “critical.”

Tuesday, November 11, 2025 13:19

Microsoft has released its monthly security update for November 2025, which includes 63 vulnerabilities affecting a range of products, including 5 that Microsoft marked as “critical.” Current intelligence shows that one of the important vulnerabilities, CVE-2025-62215, has already been detected in the wild. 

Out of five "Critical" entries, three are remote code execution (RCE) vulnerabilities in Microsoft Windows components including GDI+, Microsoft Office, and Visual Studio. One is an elevation of privilege vulnerability affecting the DirectX Graphics Kernel. 

In the following sections we give a concise overview of the critical and important entries that are most relevant for defenders. The full catalogue of all reported issues can be found on Microsoft’s official update page. 

**Exploited in the Wild **

One “important” vulnerability was confirmed to have been exploited in the wild. 

CVE-2025-62215 is a Windows Kernel elevation of privilege vulnerability, given a CVSS 3.1 score of 7.8, where a race condition in Windows Kernel allows an authorized attacker to elevate privileges locally. Microsoft assessed that the attack complexity is “low”. 

**Critical Vulnerabilities **

Among all the critical vulnerabilities, none of them were labelled as exploitation more likely. Five are considered exploitation less likely. Below we describe each of those five entries. 

CVE-2025-60724 is a RCE vulnerability in GDI+, given a CVSS 3.1 score of 9.8, where a heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. The vulnerability can be triggered by convincing a victim to download and open a document that contains a specially crafted metafile. In the worst-case scenario, an attacker could trigger this vulnerability on web services by uploading documents containing a specially crafted metafile without user interaction. An attacker doesn't require any privileges on the systems hosting the web services. Successful exploitation of this vulnerability could cause RCE or Information Disclosure on web services that are parsing documents that contain a specially crafted metafile, without the involvement of a victim user. Microsoft assessed that the attack complexity is “low”, and that exploitation is “less likely”.   

CVE‑2025‑30398 is a Nuance PowerScribe 360 information disclosure vulnerability, given a CVSS 3.1 score of 8.1, where missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network. An unauthenticated attacker could exploit this vulnerability by making an API call to a specific endpoint. The attacker could then use the data to gain access to sensitive information (including PII data) on the server. Microsoft assessed that the attack complexity is “low”, and that exploitation is “less likely”. 

CVE‑2025‑62199 is a RCE vulnerability in Microsoft Office applications, given a CVSS 3.1 score of 7.8, where a use‑after‑free flaw in Microsoft Office allows an unauthenticated attacker to execute code locally on a vulnerable workstation. To exploit this vulnerability, an attacker must send the user a malicious file and convince them to open it. Microsoft assessed that the attack complexity is “low”, and that exploitation is “less likely”.   

CVE‑2025‑60716 is a DirectX Graphics kernel elevation of privilege vulnerability, given a CVSS 3.1 score of 7, where a use‑after‑free flaw in Windows DirectX allows an authorized attacker to elevate privileges locally. Successful exploitation of this vulnerability requires an attacker to win a race condition. Microsoft assessed that the attack complexity is “high”, and that exploitation is “less likely”.   

CVE‑2025‑62214 is a RCE vulnerability in Visual Studio, given a CVSS 3.1 score of 6.7, where AI command injection in Visual Studio allows an authorized attacker to execute code locally. Exploitation is not trivial for this vulnerability as it requires multiple steps: prompt injection, Copilot Agent interaction, and triggering a build. Microsoft assessed that the attack complexity is “high”, and that exploitation is “less likely”.   

**Important Vulnerabilities **

Talos would also like to highlight the following "important" vulnerabilities as Microsoft has determined that their exploitation is "more likely":    

CVE‑2025‑59512 – Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability.  

CVE‑2025‑60705 – Windows CSC Service Elevation of Privilege Vulnerability 

CVE-2025-60719 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability 

CVE-2025-62217 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability 

CVE-2025-62213 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability 

A complete list of all the other vulnerabilities Microsoft disclosed this month is available on its update page.   

In response to these vulnerability disclosures, Talos is releasing a new Snort ruleset that detects attempts to exploit some of them. Please note that additional rules may be released at a future date, and current rules are subject to change pending additional information. Cisco Security Firewall customers should use the latest update to their ruleset by updating their SRU. Open-source Snort Subscriber Ruleset customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org.  

The rules included in this release that protect against the exploitation of many of these vulnerabilities are 65496-65501, 65507-65510. There are also these Snort 3 rules: 301343-301345, 301347, 301348.

Microsoft Patch Tuesday for November 2025 — Snort rules and prominent vulnerabilities

A critical vulnerability that affects Samsung mobile devices was exploited in the wild to distribute LANDFALL spyware.

A critical vulnerability has put Samsung mobile device owners at risk of sophisticated cyberattacks. On November 10, 2025, the US Cybersecurity and Infrastructure Security Agency (CISA) added a vulnerability, tracked as CVE-2025-21042, to its Known Exploited Vulnerabilities (KEV) catalog. The KEV catalog lists vulnerabilities that are known to be exploited in the wild and sets patch deadlines for Federal Civilian Executive Branch (FCEB) agencies.

So, for many cybersecurity professionals, CISA adding this vulnerability to the list signals both urgency and confirmation of active, real-world exploitation.

CVE-2025-21042 was reportedly exploited as a remote code execution (RCE) zero-day to deploy LANDFALL spyware on Galaxy devices in the Middle East. But once that happens, other criminals tend to quickly follow with similar attacks.

The flaw itself is an out-of-bounds write vulnerability in Samsung’s image processing library. These vulnerabilities let attackers overwrite memory beyond what is intended, often leading to memory corruption, unauthorized code execution, and, as in this case, device takeover. CVE-2025-21042 allows remote attackers to execute arbitrary code—potentially gaining complete control over the victim’s phone—without user interaction. No clicks required. No warning given.

Samsung patched this issue in April 2025, but CISA’s recent warning highlights that exploits have been active in the wild for months, with attackers outpacing defenders in some cases. The stakes are high: data theft, surveillance, and compromised mobile devices being used as footholds for broader enterprise attacks.​

The exploitation playbook is as clever as it is dangerous. According to research from Unit 42, criminals (likely private-sector offensive actors operating out of the Middle East) weaponized the vulnerability to deliver LANDFALL spyware through malformed Digital Negative (DNG) image files sent via WhatsApp. DNG is an open and lossless RAW image format developed by Adobe and used by digital photographers to store uncompressed sensor data.

The attack chain works like this:

*   The victim receives a booby-trapped DNG photo file.
*   The file, armed with ZIP archive payloads and tailored exploit code, triggers the vulnerability in Samsung’s image codec library.
*   This is a “zero-click” attack: the user doesn’t have to tap, open, or execute anything. Just processing the image is enough to compromise the device.

It’s important to know that Samsung addressed another image-library flaw, CVE-2025-21043, in September 2025, showing a growing trend: image processing flaws are becoming a favorite entry point for both espionage and cybercrime.

**What should users and businesses do?**

Our advice to stay safe from this type of attack is simple:

*   **Patch immediately.** If you haven’t updated your Samsung device since April, do so. FCEB organizations have until December 1, 2025, to comply with CISA’s operational directive.
*   **Be wary of unsolicited messages and files**, especially images received over messaging apps.
*   **Download apps only from trusted sources** and avoid sideloading files.
*   **Use up-to-date real-time anti-malware solution** for your devices.

Zero-days targeting mobile devices are becoming frighteningly common, but the risk can be lowered with urgent patching, awareness, and solid security controls. As LANDFALL shows, the most dangerous attacks today are often the quietest—no user action required and no obvious signs until it’s too late.

****Device models targeted by LANDFALL:****

Galaxy S23 Series

Galaxy S24 Series

Galaxy Z Fold4

Galaxy S22

Galaxy Z Flip4

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 Patch now: Samsung zero-day lets attackers take over your phone 

Even a sloppy, low-skill phish can wreck your day. We go under the hood of this basic credential-harvesting campaign.

This attempt to phish credentials caught our attention, mostly because of its front-end simplicity. Even though this is a script-kiddie-level type of attack, we figured it was worth writing up—precisely because it’s so easy to follow what they’re up to.

The email is direct and to the point. Not a lot of social engineering happening here.

> “Dear ,
> 
> Pls kindly find the attached PO please send us PI once its available.”

The sender’s address belongs to a Czechoslovakian printing service (likely compromised), and the name and phone number are fake. The target is in Taiwan.

The attached .shtml file is a tidy fake login screen that doesn’t really specify which credentials they want:

The pre-filled email address in the screenshot is a fake one I added; normally it would be the target’s email.

We assume the phisher welcomes any credentials entered here, and are counting on the fact that most people reuse passwords on other sites.

Under the hood, the functionality of this attachment lies in this piece of JavaScript.

It starts with simple checks to make sure all the fields are filled out and long enough before declaring the Telegram bot that will receive the login details.

Using Telegram bots provides the phishers with several advantages:

*   Stolen credentials are delivered instantly to the attacker via Telegram notifications. No need for the phisher to keep checking a database or inbox.
*   Telegram is a legitimate, globally distributed messaging service, making it difficult to block.
*   There’s no exposed web server or obvious phishing “drop site” that can be blocklisted or shut down.

The last line contains a credibility trick:

setTimeout(() => {window.location.assign("file:///C:/Users/USER/Downloads/Invoice_FAC_0031.pdf")}, 2000);

This tries to open a file on the user’s computer after waiting 2 seconds (2,000 milliseconds). Since this file almost certainly doesn’t exist, the browser will either block the action (especially from an email or non-local file) or show an error. Either way, it will make the login attempt look more legitimate and take the user’s mind off the fact that they just sent their credentials who knows where.

That’s really all there is to it, except for a bit of code that the dungeon-dweller forgot to remove during their copy-and-paste coding. Or they had no idea what it was for and left it in place for fear of breaking something.

I suspect the attacker originally used this code to encrypt the credentials with a hardcoded AES (Advanced Encryption Standard) key and injection vector, then send them to their server.

This attacker replaced that method with the simpler Telegram bot approach (much easier to use), but left the decryption stub because they were afraid removing it would break something.

**Don’t fall for phishing attempts**

Even though the sophistication level of this email was low, that does not reduce the possible impact of sending the attacker your credentials.

In phishing attempts like these, two simple rules can save you from lots of trouble.

*   Don’t open unsolicited attachments
*   Check if the website address in the browser matches the domain you expect to be on (e.g. adobe.com).

Other important tips to stay safe from phishing in general:

*   Verify the sender: Always check if the sender’s email address matches what you would expect it to be. It’s not always conclusive but it can help you spot some attempts.
*   Check through an independent channel if the sender actually sent you an attachment or a link.
*   Use up-to-date security software, preferably with a web protection component.
*   Keep your device and all its software updated.
*   Use multi-factor authentication for every account you can.
*   Use a password manager. Password managers will not auto-fill a password to a fake site, even if it looks like the real deal to you.

If you already entered credentials on a page you don’t trust, change your passwords immediately.

**Pro tip:** You can also upload screenshots of suspicious emails to Malwarebytes Scam Guard. It would have recognized this one as a phishing attempt.

**We don’t just report on scams—we help detect them**

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard, a feature of our mobile protection products. Submit a screenshot, paste suspicious content, or share a text or phone number, and we’ll tell you if it’s a scam or legit. Download Malwarebytes Mobile Security for iOS or Android and try it today!

 How credentials get stolen in seconds, even with a script-kiddie-level phish 

Stolen iPhones are hard to hack, so thieves are phishing the owners instead. How fake ‘Find My’ messages trick victims into sharing their Apple ID login.

One of the reassuring things about owning an iPhone was knowing you could lock it if it got lost or stolen. Without your passcode, fingerprint or face to unlock it, it would be useless to anyone else.

Now, though, some phone thieves have found a workaround, not by breaking Apple’s security, but by tricking owners into giving them the keys.

The Swiss National Cyber Security Centre (NCSC) has issued a warning about phishing scams targeting iPhone owners who’ve lost their devices.

**Phishing for Apple ID credentials**

When you report an iPhone as lost in Apple’s **Find My** app, you can set a custom lock-screen message that appears on the missing device. Many people include an email address or phone number in that message so a helpful stranger can contact them if the phone turns up.

Unfortunately, that’s the very information scammers use to reach you. A thief (or anyone who now has the phone) can see that contact detail on the screen and send you a convincing message—usually by text, iMessage, or email—claiming to have found your device.

The scam messages often include details copied from the phone itself, such as its model and color, to make it sound authentic. It also includes a link to a fake website that mimics the Find My service that Apple operates to locate lost devices. The site will ask for the victim’s Apple ID credentials.

If the victim takes the bait, the thief can use those credentials to gain full access to the phone. That enables them to wipe it, returning it to factory settings for resale.

Although the NCSC didn’t say so, an enterprising thief could get up to all kinds of other shenanigans. They might reset the user’s Apple ID to lock them out—even on a replacement device, access their photos (yes, including any risqué ones), read their emails and nose through their apps. In short, it would give them carte blanche to your digital life.

These attacks don’t have to happen immediately. The perpetrators might text months after the device has been lost, when victims might have moved on and lowered their guard.

**The good news… and the bad**

The warning is both good and bad news. It’s good news because it shows that criminals are apparently unable to bypass Apple’s Activation Lock protection through technical means. The Activation Lock, turned on when you activate Find My, registers a device ID on Apple’s activation servers. Even if the criminals reset your device, the activation lock will still be there. Only someone with the user’s Apple ID credentials can unlock it. It’s a version of something called Factory Reset Protection (FRP) that the US mandated under the US Smart Phone Theft Prevention Act of 2015. Android phones have similar lock functionality.

The warning is bad news because phone owners are human, and humans are often the easiest security system to defeat. Phishing schemes that target phone theft victims are big business. Back in 2017, security reporter Brian Krebs documented “phishing as a service” platforms that did it at scale, on a subscription basis. Vice found toolkits like ProKit for phishing to unlock phones on sale for around $75.

We’ve already written about how the phone theft industry operates. Police in the UK recently uncovered a network stealing up to 40,000 phones per year. Most were shipped overseas to countries including China, where they would be used as profitably as possible. Locked phones might be broken up for parts, but a phone restored to factory settings that can be activated from scratch is far more valuable.

**What to do if your iPhone is stolen**

**Ignore any messages from “Apple”** claiming your lost phone has been found. The NCSC says Apple will never text or email customers about a recovered device.

If you lose your phone, **turn on Lost Mode** right away in **Find My** to lock it and display your contact message. Use a **different contact number or email** (not the one linked to your Apple ID or main phone) so scammers can’t use that information to target you.

Protect your SIM, too: enable **PIN protection** immediately, and ask your carrier to **block or replace the SIM** if the phone has been stolen.

We can’t easily stop thieves stealing people’s phones, or control who sees our phones after they leave our hands. But a little forethought now can help you to stop criminals from accessing your digital life or selling your phone on in its current form if it does enter the underground supply chain.

**We don’t just report on scams—we help detect them**

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard, a feature of our mobile protection products. Submit a screenshot, paste suspicious content, or share a text or phone number, and we’ll tell you if it’s a scam or legit. Download Malwarebytes Mobile Security for iOS or Android and try it today!

 Stolen iPhones are locked tight, until scammers phish your Apple ID credentials 

Have I Been Pwned (HIBP), the popular breach notification service, has added another massive dataset to its platform.…

Have I Been Pwned (HIBP), the popular breach notification service, has added another massive dataset to its platform. This time, 1.96 billion accounts connected to the Synthient Credential Stuffing Threat Data, in collaboration with the threat-intelligence firm Synthient.

Users who subscribe to HIBP alerts, including this writer, received an email notification stating: “You’ve been pwned in the Synthient Credential Stuffing Threat Data data breach.”

According to the message, the incident involves nearly two billion unique email addresses and around 1.3 billion passwords. The data includes email addresses and passwords that were compiled from previous breaches and circulated within credential-stuffing lists. These lists are commonly used by attackers to target accounts where users have reused passwords across multiple platforms.

The notification specifies that the breach occurred in April 2025, but notes that data like this can take months or even years before it becomes publicly accessible and is processed by HIBP. The platform aims to alert users as soon as the data becomes verifiable and available for inclusion.

****What the Data Is and How It Originated****

HIBP’s description explains that the information was not taken directly from a single hacked service. Instead, it was aggregated by Synthient, a threat-intelligence firm that collects and analyses credential-stuffing data from malicious sources across the internet.

During 2025, Synthient compiled nearly 2 billion unique email addresses from various breached databases, many already circulating in **clear and dark web forums**. These credentials are often used by cybercriminals to automate login attempts on unrelated platforms in hopes of gaining access to additional accounts through password reuse.

Email sent by Have I Been Pwned (Image credit: Hackread.com)

****Not the First Synthient Dataset Added to HIBP****

This isn’t the first time Synthient data has appeared on Have I Been Pwned. In October 2025, as **reported by Hackread.com**, HIBP added another dataset titled Synthient Stealer Credentials, which contained 183 million stolen credentials harvested from stealer logs.

That earlier collection represented information directly extracted from infected devices, while this new addition is a compilation of credentials gathered from credential-stuffing lists rather than live malware infections.

****What Users Should Do****

The addition of this data shows the risks of password reuse and large-scale **credential aggregation**. Even if the data isn’t from a new direct breach, having your email and password appear in such lists means your accounts could be at risk.

For now, it is recommended that anyone notified through the service should change reused passwords immediately, enable two-factor authentication, and avoid using the same password across multiple accounts.

****Avoid the Clickbait Confusion****

Readers should be cautious about exaggerated or misleading reports that may surface following this update. This incident is not a direct data breach. The dataset combines information from previously exposed credentials found in multiple sources and compiled by Synthient.

The collection includes email addresses from many providers such as Hotmail, Gmail, Yahoo, and others, but that does not mean these services were hacked. Claims like “2 billion Gmail accounts hacked” or “Google breached” will be false and misleading.

**Summary**

1.  **Breach Name:** Synthient Credential Stuffing Threat Data
2.  **Date of Breach:** April 2025
3.  **Accounts Affected:** 1.96 billion
4.  **Data Exposed:** Email addresses and passwords
5.  **Source:** Aggregated credential-stuffing lists collected by Synthient
6.  **Related Incident:** Synthient Stealer Credentials (183 million accounts, added October 2025)

Have I Been Pwned Adds 1.96B Accounts From Synthient Credential Data

Veracode Threat Research exposed a targeted typosquatting attack on npm, where the malicious package @acitons/artifact stole GitHub tokens. Learn how this supply chain failure threatened the GitHub organisation's code.

Cybersecurity researchers at Veracode discovered a campaign that was aimed at stealing critical credentials from GitHub’s own code base. The attack involved hackers planting a fake software component on npm (Node Package Manager), which is a massive public library that developers use to share JavaScript code.

For your information, an npm package is a folder containing code, documentation, and metadata that developers can easily share and integrate into their projects. These help them build modern applications by reusing existing, tested code components instead of writing everything from scratch.

Cybersecurity firm Veracode’s threat research team flagged the malicious npm package, a GitHub Actions Toolkit named “@acitons/artifact", on Friday, November 7. This name is a clear example of how scammers use a trick called typosquatting to deceive unsuspecting users.

This type of attack involves registering a name that intentionally looks like a typo of a legitimate one (the real package is @actions/artifact), hoping developers will accidentally download the wrong one. The malicious package was surprisingly popular, having been downloaded over 206,000 times.

Screenshot taken after the malware author took down the malicious package (Source: Veracode)

****How the Supply Chain Was Compromised****

This type of breach, technically called a Software Supply Chain Failure, has become a major concern, even making it onto the OWASP TOP 10 2025 (RC1) list of top risks, researchers noted in the blog post shared with Hackread.com.

The fake code package was set up to launch a dangerous sequence immediately after installation. It contained a post-install hook (basically a special script) that would download and run malware to steal GitHub tokens.

Think of these tokens as temporary access keys for the code environment. Veracode’s researchers believe the ultimate motivation was to “exfiltrate the tokens available to the build environment, and then use those tokens to publish new malicious artifacts as GitHub.”

Further investigation showed the malware was extremely focused. It was programmed to check whose repository it was in, and specifically targeted repositories owned by the GitHub organisation. A check within the harmful code ensured it would “exit if the organisation was not GitHub,” confirming the attackers were aiming at the core platform.

****Package Removal Timeline****

It is worth noting that when the researchers first found the malware, even popular anti-virus software did not catch it. The attackers had also included an expiration date, setting the code to stop working after 2025-11-06 UTC. The research also identified and blocked another fake package called “8jfiesaf83“.

By Monday, November 10, the malicious versions of the package were taken down, likely by the attackers themselves or by GitHub. The good news is that Veracode confirmed that customers using their security service, Package Firewall, were protected instantly after the threat was identified on Friday.

Tag

#auth