Lightnews — Scholar-powered news

MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants

November 29, 2025 at 3:46 PM

Sami Laiho

@samilaiho.com

MS Teams Guest Access Can Remove Defender Protection When Users Join External
Tenants
thehackernews.com/2025/11/ms-t...

Attackers exploit Teams guest access and unprotected external tenants to bypass Microsoft Defender safeguards

thehackernews.com

November 29, 2025 at 3:42 PM

Sami Laiho

@samilaiho.com

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP
Update
thehackernews.com/2025/11/micr...

Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update

Microsoft is tightening Entra ID security with CSP updates blocking unauthorized scripts by October 2026.

thehackernews.com

November 28, 2025 at 11:25 PM

Sami Laiho

@samilaiho.com

Asahi admits ransomware gang may have spilled almost 2M people's data
www.theregister.com/2025/11/27/a...

Asahi admits ransomware may have spilled data on 2M people

: Brewer finally tallies fallout from September attack as it pushes earnings into 2026

Comcast to pay $1.5M fine for vendor breach affecting 270K customers

November 28, 2025 at 11:23 PM

Sami Laiho

@samilaiho.com

Comcast to pay $1.5M fine for vendor breach affecting 270K customers
www.bleepingcomputer.com/news/securit...

Comcast will pay a $1.5 million fine to settle a Federal Communications Commission investigation into a February 2024 vendor data breach that exposed the personal information of nearly 275,000 custome...

Ransomware Reshaping Cyber as National Security Priority

November 28, 2025 at 11:23 PM

Sami Laiho

@samilaiho.com

Ransomware Reshaping Cyber as National Security Priority
www.databreachtoday.com/ransomware-r...

Ongoing, high-profile ransomware attacks against Britain and the United States have transformed cybersecurity into a national security priority, Anne Neuberger, the

www.databreachtoday.com

November 28, 2025 at 11:22 PM

Sami Laiho

@samilaiho.com

OpenAI discloses API customer data breach via Mixpanel vendor hack
www.bleepingcomputer.com/news/securit...

OpenAI discloses API customer data breach via Mixpanel vendor hack

OpenAI is notifying some ChatGPT API customers that limited identifying information was exposed following a breach at its third-party analytics provider Mixpanel.

Scattered Lapsus$ Hunters stress testing Zendesk weak spots

November 28, 2025 at 11:21 PM

Sami Laiho

@samilaiho.com

Zendesk users targeted as Scattered Lapsus$ Hunters spin up fake support sites
www.theregister.com/2025/11/27/s...

: ReliaQuest finds fresh crop of phishing domains and toxic tickets

Akira's SonicWall Hacks Are Taking Down Large Enterprises

November 28, 2025 at 11:21 PM

Sami Laiho

@samilaiho.com

Akira's SonicWall Hacks Are Taking Down Large Enterprises
www.databreachtoday.com/akiras-sonic...

Multiple large enterprises that inherited SonicWall SSL VPN devices when they acquired a smaller entity have fallen victim to the Akira ransomware group, security

www.databreachtoday.com

November 28, 2025 at 11:20 PM

Sami Laiho

@samilaiho.com

SiRcom SMART Alert (SiSA)
URL: www.cisa.gov/news-events/...
Classification: Critical, Solution: Not Defined, Exploit Maturity: Not Defined, CVSSv3.1: 9.1

SiRcom SMART Alert (SiSA) | CISA

www.cisa.gov

November 28, 2025 at 6:38 AM

Sami Laiho

@samilaiho.com

Festo Compact Vision System, Control Block, Controller, and Operator Unit
products
URL: www.cisa.gov/news-events/...
Classification: Critical, Solution: Workaround, Exploit Maturity: Not Defined, CVSSv3.1: 9.8

Festo Compact Vision System, Control Block, Controller, and Operator Unit products | CISA

www.cisa.gov

November 28, 2025 at 6:37 AM

Sami Laiho

@samilaiho.com

Critical vulnerabilities in Mattermost
URL: nvd.nist.gov/vuln/detail/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.9

NVD - CVE-2025-12419

github.com/bountyyfi/Az...

November 28, 2025 at 6:36 AM

Sami Laiho

@samilaiho.com

GitHub - bountyyfi/Azure-APIM-Cross-Tenant-Signup-Bypass: Security advisory: Azure APIM Developer Portal allows cross-tenant account registration by bypassing UI signup restrictions. Reported to MSRC ...

Security advisory: Azure APIM Developer Portal allows cross-tenant account registration by bypassing UI signup restrictions. Reported to MSRC twice - closed as "by design". - bountyyfi/Az...

github.com

November 27, 2025 at 4:26 PM

Sami Laiho

@samilaiho.com

Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025
securelist.com/ntlm-abuse-i...

How NTLM is being abused in 2025 cyberattacks

This article covers NTLM relay, credential forwarding, and other NTLM-related vulnerabilities and cyberattacks discovered in 2025.

securelist.com

November 27, 2025 at 12:15 PM

Sami Laiho

@samilaiho.com

Lifetime access to AI-for-evil WormGPT 4 costs just $220
www.theregister.com/2025/11/25/w...

Lifetime access to WormGPT 4 costs just $220

: 'Ah, I see you're ready to escalate. Let's make digital destruction simple and effective.'

ASUS warns of new critical auth bypass flaw in AiCloud routers

November 27, 2025 at 12:12 PM

Sami Laiho

@samilaiho.com

ASUS warns of new critical auth bypass flaw in AiCloud routers
www.bleepingcomputer.com/news/securit...

ASUS has released new firmware to patch nine security vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud enabled.

Botnet takes advantage of AWS outage to smack 28 countries

November 27, 2025 at 12:11 PM

Sami Laiho

@samilaiho.com

Botnet takes advantage of AWS outage to smack 28 countries
www.theregister.com/2025/11/26/m...

: Even worse, it might have been a 'test run' for future attacks

CTTT26 - Speaker promo - Máté Tóth

November 27, 2025 at 12:11 PM

Reposted by Sami Laiho

Cloud Tech Tallinn

@cloudtechtallinn.com

#CTTT26 is not all about tech. Shocking, we know 😄

It is also a lot about the people and networking and forming connections you didn't have before or strengthening those you did.

Check out the video below with @d-e-a-n.bsky.social and @matetoth.hu 😉

youtu.be/MWJQCFRHtzY

YouTube video by Cloud Tech Tallinn

youtu.be

November 27, 2025 at 10:33 AM

Sami Laiho

@samilaiho.com

Stack-based Buffer Overflow in Microsoft Azure App Gateway and Azure
Application Gateway Elevation of Privilege Vulnerability
URL: nvd.nist.gov/vuln/detail/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8

NVD - CVE-2025-64657

November 27, 2025 at 10:37 AM

Sami Laiho

@samilaiho.com

Allowlist Bypass in Run Terminal Tool Allows Arbitrary Code Execution During
Autorun Mode in Cursor
URL: nvd.nist.gov/vuln/detail/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8

NVD - CVE-2025-62354

November 27, 2025 at 10:36 AM

Sami Laiho

@samilaiho.com

Vulnerabilities in Zenitel TCIV-3
URL: www.cisa.gov/news-events/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 10.0

Zenitel TCIV-3+ | CISA

www.cisa.gov

November 27, 2025 at 10:35 AM

Sami Laiho

@samilaiho.com

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Apache
Software Foundation Apache Druid
URL: nvd.nist.gov/vuln/detail/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8

NVD - CVE-2025-59390