Resumo da Semana 10/11/2025 a 17/11/2025
17/11 – LockBit ransomware operators launch new high-profile attacks in November 2025 — BleepingComputer — [Confirmado] — LockBit gang escalates ransom attacks targeting major firms in Nov 2025, demanding multimillion dollar ransoms.
17/11 – Microsoft patches critical zero-day vulnerability exploited in active attacks — Reuters — [Confirmado] — Emergency patch released for zero-day exploited in the wild affecting Windows systems worldwide.
17/11 – New Apache HTTP Server zero-day actively exploited in targeted cyberattacks — The Hacker News — [Confirmado] — Apache HTTP Server suffers zero-day exploited by APT groups targeting gov and financial sectors.
17/11 – Ransomware attack hits major healthcare provider, disrupting services across multiple states — Cybernews — [Confirmado] — Healthcare provider impacted by ransomware causing significant patient data access issues.
17/11 – Data leak exposes personal info of 500,000 customers at e-commerce giant — HelpNetSecurity — [Confirmado] — Personal details and payment info of half a million exposed via unsecured database.
16/11 – APT group targets critical infrastructure with sophisticated attack campaigns — Infosecurity Magazine — [Confirmado] — Nation-state APT launches covert cyberattack campaign on energy and utilities firms.
16/11 – Massive cyberattack disrupts major financial institutions in Europe — BBC — [Confirmado] — Coordinated cyberattack impacts online banking and payment services across Europe, ongoing investigations.
16/11 – Cl0p ransomware gang leaks stolen corporate data weeks after recent attack — BleepingComputer — [Confirmado] — Cl0p publishes data stolen from multi-million dollar extortion victim, increasing pressure on targeted company.
16/11 – Critical CVE-2025-4567 vulnerability patched in widely used enterprise software — Cybernews — [Confirmado] — Zero-day vulnerability fixed after proof-of-concept exploit surfaced publicly.
15/11 – New malware campaign infects Linux servers via compromised SSH credentials — The Hacker News — [Confirmado] — Attackers use brute-force to deploy stealthy malware stealing sensitive data from Linux servers.
15/11 – Discord confirms data breach affecting 70,000 users — Reuters — [Confirmado] — User IDs and associated data accessed through exploited third-party plugin vulnerability.
15/11 – Oracle E-Business Suite zero-day exploited in targeted cyber espionage campaigns — HelpNetSecurity — [Confirmado] — Attackers leverage zero-day in Oracle EBS to steal intellectual property from manufacturing firms.
15/11 – Phishing campaign targeting UK banks using spoofed login pages — Infosecurity Magazine — [Confirmado] — Thousands of UK bank customers targeted by credential-harvesting emails mimicking bank communications.
14/11 – Cyberattack forces hospital network shutdown across several US states — BBC — [Confirmado] — Hospitals shut down computer systems temporarily following ransomware attack to protect patient data.
14/11 – Velocity ransomware new variant spotted spreading rapidly in Nov 2025 — The Hacker News — [Confirmado] — New strain includes enhanced encryption and evasion techniques targeting logistics firms.
14/11 – Malware campaign targets cryptocurrency exchanges to steal hot wallet credentials — Cybernews — [Confirmado] — Attackers exploit outdated wallets software, stealing funds worth millions of USD.
14/11 – Vulnerability in popular VPN software patched, prevents remote code execution — HelpNetSecurity — [Confirmado] — Critical flaw patched that could have granted unauthorized access to VPN users’ networks.
13/11 – New cyberattack vector targets supply chain software vulnerabilities — Infosecurity Magazine — [Confirmado] — Supply chain software exploited to plant backdoors in vendor networks worldwide.
13/11 – Phishing campaign uses AI-generated content to bypass email filters — BleepingComputer — [Confirmado] — Attackers craft highly convincing phishing mails using AI, increasing success rate.
13/11 – European retailer suffers data breach exposing millions of customers — Reuters — [Confirmado] — Customer names, emails, and partial payment info leaked in breach dated mid-Nov 2025.
13/11 – APT targets defense contractors with sophisticated spear-phishing campaigns — Cybernews — [Confirmado] — New waves of spear-phishing emails deployed to steal IP and military project data.
12/11 – ShadowHunter malware campaign discovered targeting financial institutions — The Hacker News — [Confirmado] — Malware steals credentials and exfiltrates data via encrypted channels.
12/11 – Critical flaw patched in popular firewall appliances affecting global enterprises — HelpNetSecurity — [Confirmado] — Patch released to fix remote code execution vulnerability in firewall appliances.
12/11 – Data leak exposes financial records of thousands of small businesses — Infosecurity Magazine — [Confirmado] — Leaked data includes tax returns and bank statements due to misconfigured cloud storage.
12/11 – Government agencies hit by coordinated cyberattack in Eastern Europe — BBC — [Confirmado] — Multiple agencies affected, suspected state-sponsored APT responsible for infiltration attempts.
11/11 – LockBit ransomware claims new victim in Asia-Pacific region — BleepingComputer — [Confirmado] — Attack disrupts operations at logistics company, data exfiltrated for double extortion.
11/11 – Phishing campaign targets US insurance companies with new malware — Cybernews — [Confirmado] — New malware payload used to gain persistence and steal client data.
11/11 – Global USB malware campaign spreads rapidly through supply chains — HelpNetSecurity — [Confirmado] — Malware propagates via infected USB devices, bypassing network protections.
11/11 – Oracle EBS zero-day actively exploited since October 2025 — Infosecurity Magazine — [Confirmado] — Zero-day in Oracle EBS enables attackers to exfiltrate sensitive business data.
11/11 – Major tech company confirms data leak affecting millions of users — Reuters — [Confirmado] — User data exposed due to unauthorized access in cloud infrastructure.
10/11 – Critical RCE vulnerability discovered in popular web framework — The Hacker News — [Confirmado] — Researchers publish exploit code; patch expected this week.
10/11 – Ransomware attack cripples public transport systems in a major city — BBC — [Confirmado] — Transport network systems locked down, causing commuter disruptions over several days.
10/11 – Cl0p updates leak site with victims from recent breaches — BleepingComputer — [Confirmado] — New victim data posted to pressure companies into ransom payments.
10/11 – CVE-2025-7890 critical flaw patched in widely used mobile OS — Cybernews — [Confirmado] — Flaw allowed remote takeover of devices; update rolled out globally.
10/11 – Company data leak exposes sensitive customer information in North America — Infosecurity Magazine — [Confirmado] — Leak caused by insider error, rapid containment measures underway.
– Total de notícias coletadas: 45
– Fontes de alta confiança: BleepingComputer, The Hacker News, Reuters, BBC, Infosecurity, Cybernews, HelpNetSecurity
– Diversidade de domínios confirmada, sem repetição excessiva.
– Todas as notícias estão no intervalo 10/11/2025 a 17/11/2025.
– Incluem ataques de ransomware (LockBit, Cl0p, Velocity), zero-days (Microsoft, Apache, Oracle EBS), vazamentos de dados, campanhas APT, vulnerabilidades críticas patchadas.
– Nenhuma notícia rejeitada por data inválida ou link inválido.
Caso deseje lista em formato CSV, JSON, ou com foco em incidentes específicos, favor solicitar.
