Attackers are exploiting two CVSS 9.8 FortiGate SSO authentication bypass flaws days after disclosure; Fortinet urges immediate patching.
Get the latest international news and world events from around the world.
The Hidden Risk in Virtualization: Why Hypervisors are a Ransomware Magnet
Ransomware groups are targeting hypervisors to maximize impact, allowing a single breach to encrypt dozens of virtual machines at once. Drawing on real-world incident data, Huntress explains how attackers exploit visibility gaps at the hypervisor layer and outlines steps orgs can take to harden virtualization infrastructure.
Texas sues TV makers for taking screenshots of what people watch
The Texas Attorney General sued five major television manufacturers, accusing them of illegally collecting their users’ data by secretly recording what they watch using Automated Content Recognition (ACR) technology.
The lawsuits target Sony, Samsung, LG, and China-based companies Hisense and TCL Technology Group Corporation. Attorney General Ken Paxton’s office also highlighted “serious concerns” about the two Chinese companies being required to follow China’s National Security Law, which could give the Chinese government access to U.S. consumers’ data.
According to complaints filed this Monday in Texas state courts, the TV makers can allegedly use ACR technology to capture screenshots of television displays every 500 milliseconds, monitor the users’ viewing activity in real time, and send this information back to the companies’ servers without the users’ knowledge or consent.
Microsoft: Recent Windows updates break VPN access for WSL users
Microsoft says that recent Windows 11 security updates are causing VPN networking failures for enterprise users running Windows Subsystem for Linux.
This known issue affects users who installed the KB5067036 October 2025 non-security update, released October 28th, or any subsequent updates, including the KB5072033 cumulative update released during this month’s Patch Tuesday.
On impacted systems, users are experiencing connectivity issues with some third-party VPN applications when mirrored mode networking is enabled, preventing access to corporate resources.
Cellik Android malware builds malicious versions from Google Play apps
A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground cybercrime forums offering a robust set of capabilities that include the option to embed it in any app available on the Google Play Store.
Specifically, attackers can select apps from Android’s official app store and create trojanized versions that appear trustworthy and keep the real app’s interface and functionality.
By providing the expected capabilities, Cellik infections can go unnoticed for a longer time. Additionally, the seller claims that bundling the malware this way may help bypass Play Protect, although this is unconfirmed.
GhostPoster attacks hide malicious JavaScript in Firefox addon logos
A new campaign dubbed ‘GhostPoster’ is hiding JavaScript code in the image logo of malicious Firefox extensions with more than 50,000 downloads, to monitor browser activity and plant a backdoor.
The malicious code grants operators persistent high-privilege access to the browser, enabling them to hijack affiliate links, inject tracking code, and commit click and ad fraud.
The hidden script is acting as a loader that fetches the main payload from a remote server. To make the process more difficult to detect, the payload is intentionally retrieved only once in ten attempts.
Scientists identify first non-coding gene that controls cell size
What keeps our cells the right size? Scientists have long puzzled over this fundamental question, since cells that are too large or too small are linked to many diseases. Until now, the genetic basis behind cell size has largely been a mystery. New research has, for the first time, identified a gene in the non-coding genome that can directly control cell size.
In a study published in Nature Communications, a team at The Hospital for Sick Children (SickKids) found that a gene called CISTR-ACT acts as a controller of cell growth. Unlike genes that encode for proteins, CISTR-ACT is a long non-coding RNA (or lncRNA) and is part of the non-coding genome, the largely unexplored part that makes up 98% of our DNA. This research helps show that the non-coding genome, often dismissed as “junk DNA,” plays an important role in how cells function.
“Our study shows that long non-coding RNAs and the non-coding regions of the genome can drive important biological processes, including cell size regulation. By carefully examining a wide range of cell types and phenotypes, we identified the first causal long non-coding RNA that directly influences cell size,” says Dr. Philipp Maass, Senior Scientist in the Genetics & Genome Biology program at SickKids, and Canada Research Chair in Non-Coding Disease Mechanisms.