Best of CybersecurityNovember 2025

  1. 1
    Article
    Avatar of cyber_secCyber Security·23w

    A New Era of VM-Powered Cyber Attacks

    The Curly COMrades threat group exploited Hyper-V virtualization on compromised Windows systems to evade endpoint detection. Attackers enabled Hyper-V, deployed a minimal Linux VM (120 MB disk, 256 MB RAM), and ran custom tools including CurlyShell reverse shell and CurlCat proxy inside the VM. This technique bypassed host-based EDR and AV solutions that don't inspect nested virtual environments. Active since late 2023 and documented in August 2025, the campaign targeted Georgia and Moldova. Defenders should monitor for unusual VM creation and Hyper-V role enablement on endpoints.

  2. 2
    Article
    Avatar of tcTechCrunch·23w

    Red Bull Racing’s secret weapon? An engineer who treats workflows like lap times

    Red Bull Racing's new CEO Laurent Mekies applies engineering principles to organizational workflows, treating security and system access as performance optimization opportunities rather than friction points. His partnership with 1Password demonstrates how eliminating workflow bottlenecks—like authentication delays—can create competitive advantages. Mekies' technical background shapes his leadership approach: focusing on process efficiency, understanding root causes before moving forward, and empowering 2,000 team members rather than seeking spotlight. The team faces a major technical challenge in 2026, building their own power unit from scratch while competing against manufacturers with 90+ years of experience.

  3. 3
    Video
    Avatar of techlinkedTechLinked·23w

    What Did They Do to My Boy…

    Windows 11 receives a redesigned start menu with improved customization options. AMD Ryzen 7 9700X3D benchmarks turn out to be fabricated by Reddit users. Disney channels go dark on YouTube TV amid contract disputes. SanDisk plans to increase flash memory prices by up to 50% due to AI-driven demand. Lawyers document over 500 cases of AI misuse in court filings, including fabricated citations from ChatGPT. UK investigates potential remote shutdown capabilities in Chinese-made electric buses.

  4. 4
    Article
    Avatar of theregisterThe Register·21w

    70-hour work weeks no longer enough for Infosys founder

    Infosys co-founder Narayana Murthy advocates for 72-hour work weeks, praising China's controversial 996 culture despite legal challenges and worker protests. In other Asia-Pacific tech news: Tokyo court orders Cloudflare to pay $3.3M for enabling manga piracy through CDN services; India and Europe plan to link payment systems (UPI and TIPS) for cross-border transactions; Russian researchers claim Chinese APT 31 targeted Russian IT contractors; Australia's weather bureau faces scrutiny over a $62M website upgrade that failed users during severe storms; Google expands AI infrastructure in Taiwan and Singapore; VMware partners with NEC on private cloud modernization in Japan.

  5. 5
    Article
    Avatar of thnThe Hacker News·22w

    Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices

    Eternidade Stealer, a Delphi-based banking trojan, targets Brazilian users through WhatsApp hijacking and social engineering. The malware uses a Python script (replacing previous PowerShell versions) to automate message spreading via WPPConnect, while employing IMAP to dynamically retrieve C2 addresses from compromised email accounts. The stealer monitors for banking portals, payment services, and cryptocurrency wallets, capturing credentials through overlays and keylogging. The campaign demonstrates hyper-localized targeting with OS language checks and geofencing that restricts C2 access to Brazil and Argentina, while blocked connections get redirected to Google.

See all Cybersecurity archives