⚡ Hackers only need one open door. Most tools find it after they’re inside.

Dynamic Attack Surface Reduction (DASR) spots weak points as they appear—and closes them fast. Fewer alerts. Stronger defense.

Join this WEBINAR to see how it works ↓ https://thehackernews.com/2025/11/webinar-learn-how-leading-security.html

🚨 Amazon revealed details of attacks exploiting two recent flaws in Cisco ISE and Citrix NetScaler — both used as zero-days.

Hackers made a fake Cisco file that hid in memory, watched traffic, and stole access without being seen.

Full story → https://thehackernews.com/2025/11/amazon-uncovers-attacks-exploited-cisco.html

💻 Google sued a Chinese hacker group that runs a phishing service called Lighthouse.

It tricked over 1 million people in 120 countries and made more than $1 billion using fake Google and USPS pages.

They sold the phishing kits — $88 a week to $1,588 a year.

Read more → https://thehackernews.com/2025/11/google-sues-china-based-hackers-behind.html

🚨 Over 43,000 fake npm packages have flooded the registry since 2024.

They don’t steal data — they just keep cloning themselves. A hidden script waits until someone runs node auto.js, then the cycle starts.

It went unnoticed for almost two years.

Read more → https://thehackernews.com/2025/11/over-46000-fake-npm-packages-flood.html

🚨 CISA says hackers are exploiting a serious WatchGuard firewall flaw (CVE-2025-9242, score 9.3).

Attackers can run code without logging in.

Over 54,000 Firebox devices are still exposed. Patch before Dec 3.

Details ↓ https://thehackernews.com/2025/11/cisa-flags-critical-watchguard-fireware.html