Cato Networks has discovered HashJack, an indirect prompt injection technique that conceals malicious instructions after the # in legitimate URLs. This attack works when AI agents have to parse links inside documents or emails.
HashJackΒ - First Known Indirect Prompt Injection | Cato Networks
Europol has seized the domain of the Cryptomixer cryptocurrency mixing service. The site was allegedly responsible for helping criminal groups launder funds. Officials also seized €25 million worth of assets.
Europol
Europol and partners shut down ‘Cryptomixer’ – EUR 25 million in cryptocurrency seized during the operation | Europol
From 24 to 28 November 2025, Europol supported an action week conducted by law enforcement authorities from Switzerland and Germany in Zurich, Swit...
 image
A threat actor has breached and pushed a malicious update to SmartTube, an app typically used on Android-based smart TVs
GitHub
yuliskov/SmartTube
Browse media content with your own rules on Android TV - yuliskov/SmartTube
GitHub
Release Important notice about the builds Β· yuliskov/SmartTube
Important notice about the builds The debug builds are now builded on GitHub server itself after each commit with my signing keys. Get them from h...
Threat actors are now exploiting an XSS bug in the OpenPLC ScadaBR code editor, typically used for programming SCADA/PLC stuff
Cybersecurity and Infrastructure Security Agency CISA
CISA Adds One Known Exploited Vulnerability to Catalog | CISA
CISA has added one new vulnerability to its KEV Catalog, based on evidence of active exploitation.
The FCC says hackers hijacked Barix studio-transmitter link (STL) equipment to broadcast obscene materials via state emergency systems https://www.fcc.gov/document/fcc-urges-broadcasters-follow-cybersecurity-best-practices
Hackers exploited a bug in the wallet system of South Korean cryptocurrency exchange Upbit to steal over $37 million worth of Solana tokens
μ—…λΉ„νŠΈ(Upbit)
디지털 μžμ‚° μž…μΆœκΈˆ μ„œλΉ„μŠ€ κΈ΄κΈ‰ 점검 μ‚¬μœ μ— λŒ€ν•΄ μ•ˆλ‚΄λ“œλ¦½λ‹ˆλ‹€. (μΆ”κ°€ μ•ˆλ‚΄)
디지털 μžμ‚° μž…μΆœκΈˆ μ„œλΉ„μŠ€ κΈ΄κΈ‰ 점검 μ‚¬μœ μ— λŒ€ν•΄ μ•ˆλ‚΄λ“œλ¦½λ‹ˆλ‹€. (μΆ”κ°€ μ•ˆλ‚΄)
According to a study from the Dutch government, most teen hackers abandon their cybercrime careers and choices by their twenties
Jong op het verkeerde pad. Verkenning maatschappelijke kosten van criminele carrières van adolescenten | Tweede Kamer der Staten-Generaal
"A Russian citizen suspected of hacking IT systems of Polish companies was arrested in Krakow, Polish Interior Minister Marcin Kierwinski said on Thursday." https://www.reuters.com/world/poland-arrests-russian-suspected-hacking-polish-companies-2025-11-27/
Hackers have stolen data from OnSolve CodeRED, an emergency notification platform used by some US law enforcement agencies. The platform has been down since the hack, per an alert sent to police departments
Douglas County Sheriff's Office
IMPORTANT: Nationwide CodeRED Outage and Data Breach Update - Douglas County Sheriff's Office
***IMPORTANT Information regarding on-going Nationwide CodeRED Outage*** Community members, please be advised that CodeRED by Crisis24 has informed...
This has now impacted more than 800 npm libraries
Live Updates: Sha1-Hulud, The Second Coming - Hundreds of NPM Packages Compromised
A new wave of the Shai-Hulud malware is compromising hundreds of npm packages and destroying user home directories. Get live updates and mitigation...
 View quoted note β†’