Sami Laiho
LightNews LightNews
banner
samilaiho.com
Sami Laiho
@samilaiho.com
1.6K followers 180 following 2.5K posts
Keynote-speaker, Chief Research Officer, Microsoft MVP since 2011

More info: https://samilaiho.com/
Posts Replies Media Videos
samilaiho.com
Tor switches to new Counter Galois Onion relay encryption algorithm
www.bleepingcomputer.com/news/securit...
Tor switches to new Counter Galois Onion relay encryption algorithm
Tor has announced improved encryption and security for the circuit traffic by replacing the old tor1 relay encryption algorithm with a new design called Counter Galois Onion (CGO).
www.bleepingcomputer.com
November 26, 2025 at 3:13 PM
samilaiho.com
FBI: Cybercriminals stole $262M by impersonating bank support teams
www.bleepingcomputer.com/news/securit...
FBI: Cybercriminals stole $262M by impersonating bank support teams
The FBI warns of a surge in account takeover (ATO) fraud schemes and says that cybercriminals impersonating various financial institutions have stolen over $262 million in ATO attacks since the start ...
www.bleepingcomputer.com
November 26, 2025 at 3:13 PM
samilaiho.com
Russian-linked Malware Campaign Hides in Blender 3D Files
www.infosecurity-magazine.com/news/russian...
Russian-linked Malware Campaign Hides in Blender 3D Files
Morphisec has observed a new operation embedding StealC V2 malware in Blender project files, targeting users via 3D assets and launching a multi-stage infection chain
www.infosecurity-magazine.com
November 26, 2025 at 3:12 PM
samilaiho.com
CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and
WhatsApp Users
thehackernews.com/2025/11/cisa...
CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users
U.S. CISA exposes how commercial spyware and RATs hijack Signal, WhatsApp and Android devices to spy on high-ranking officials.
thehackernews.com
November 26, 2025 at 3:12 PM
samilaiho.com
Security Bulletin: NVIDIA DGX Spark - November 2025
URL: nvidia.custhelp.com/app/answers/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Unproven, CVSSv3.1: 9.3
NVIDIA Support
nvidia.custhelp.com
November 26, 2025 at 9:16 AM
samilaiho.com
An authentication-bypass vulnerability exists in AiCloud.
URL: nvd.nist.gov/vuln/detail/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.2
NVD - CVE-2025-59366
nvd.nist.gov
November 26, 2025 at 9:15 AM
samilaiho.com
CISA Releases Seven Industrial Control Systems Advisories
URL: www.cisa.gov/news-events/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
CISA Releases Seven Industrial Control Systems Advisories | CISA
www.cisa.gov
November 26, 2025 at 9:15 AM
samilaiho.com
Want to speak at our conference at the Microsoft Campus in Redmond in August? Deadline to submit is 1st of December!

sessionize.com/techmentorcy...
TechMentor & Cybersecurity Live @ Microsoft HQ 2026: Call for Speakers
TechMentor & Cybersecurity Live! @ Microsoft HQ 2026 - Call for PresentationsAugust 3-7, 2026 • Microsoft Headquarters, Redmond, WAJoin us August 3-7,...
sessionize.com
November 25, 2025 at 1:25 PM
samilaiho.com
Hackers knock out systems at Moscow-run postal operator in occupied Ukraine
therecord.media/hackers-knoc...
Hackers knock out systems at Moscow-run postal operator in occupied Ukraine
Donbas Post, which operates in the Russian-controlled parts of Donetsk and Luhansk, said the incident affected its corporate network, web platform and email systems. The company had restricted access ...
therecord.media
November 25, 2025 at 12:46 PM
samilaiho.com
Real-estate finance services giant SitusAMC breach exposes client data
www.bleepingcomputer.com/news/securit...
Real-estate finance services giant SitusAMC breach exposes client data
SitusAMC, a company that provides back-end services for top banks and lenders, disclosed on Saturday a data breach it had discovered earlier this month that impacted customer data.
www.bleepingcomputer.com
November 25, 2025 at 12:45 PM
samilaiho.com
Matrix Push C2 abuses browser notifications to deliver phishing and malware
www.malwarebytes.com/blog/news/20...
Matrix Push C2 abuses browser notifications to deliver phishing and malware
Attackers can send highly realistic push notifications through your browser, including fake alerts that can lead to malware or phishing pages.
www.malwarebytes.com
November 25, 2025 at 12:45 PM
samilaiho.com
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
thehackernews.com/2025/11/shad...

#WSUS
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
ShadowPad malware is being delivered through an actively exploited WSUS vulnerability, granting attackers full system access.
thehackernews.com
November 25, 2025 at 12:45 PM
samilaiho.com
ClickFix Gets Creative: Malware Buried in Images
www.huntress.com/blog/clickfi...
ClickFix Gets Creative: Malware Buried in Images | Huntress
Huntress uncovered an attack utilizing a ClickFix lure to initiate a multi-stage malware execution chain. This analysis reveals how threat actors use steganography to conceal infostealers like LummaC2...
www.huntress.com
November 25, 2025 at 12:44 PM
samilaiho.com
Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed
www.wiz.io/blog/shai-hu...
Sha1-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed | Wiz Blog
Shai-Hulud is back, spreading an npm malware worm through thousands of GitHub repos. Learn the impact, attacker methods, and how to defend your supply chain.
www.wiz.io
November 25, 2025 at 12:44 PM
samilaiho.com
Critical Vulnerabilities in FluentBit
URL: nvd.nist.gov/vuln/detail/...
Classification: Critical, Solution: Official Fix, Exploit Maturity: Unproven, CVSSv3.1: 9.1
NVD - CVE-2025-12977
nvd.nist.gov
November 25, 2025 at 12:44 PM
samilaiho.com
krebsonsecurity.com/2025/11/is-y...
Is Your Android TV Streaming Box Part of a Botnet?
On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming ser...
krebsonsecurity.com
November 24, 2025 at 8:25 PM
samilaiho.com
A simulation study by Chinese scientists shows how 🇨🇳 PLA could attempt to block Starlink across Taiwan.

xcancel.com/Byron_Wan/st...
xcancel.com
November 24, 2025 at 2:26 PM
samilaiho.com
Fake calendar invites are spreading. Here’s how to remove them and prevent
more
www.malwarebytes.com/blog/news/20...
Fake calendar invites are spreading. Here’s how to remove them and prevent more
Calendar spam is a growing problem, often arriving as email attachments or as download links in messaging apps.
www.malwarebytes.com
November 24, 2025 at 11:36 AM
samilaiho.com
Analyzing the latest Sneaky2FA Browser-in-the-Browser phishing page
pushsecurity.com/blog/analyzi...
Analyzing the latest Sneaky2FA BITB phishing page
Analyzing a BITB phishing page linked to the Sneaky2FA Phishing-as-a-Service operation.
pushsecurity.com
November 24, 2025 at 11:35 AM
samilaiho.com
Iberia discloses customer data leak after vendor security breach
www.bleepingcomputer.com/news/securit...
Iberia discloses customer data leak after vendor security breach
Spanish flag carrier Iberia has begun notifying customers of a data security incident stemming from a compromise at one of its suppliers. The disclosure comes days after a threat actor claimed on hack...
www.bleepingcomputer.com
November 24, 2025 at 11:34 AM
samilaiho.com
Oops. Cryptographers cancel election results after losing decryption key.
arstechnica.com/security/202...
Oops. Cryptographers cancel election results after losing decryption key.
Voting system required three keys. One of them has been “irretrievably lost.”…
arstechnica.com
November 23, 2025 at 7:19 AM
samilaiho.com
How to know if your Asus router is one of thousands hacked by China-state
hacker
arstechnica.com/security/202...
How to know if your Asus router is one of thousands hacked by China-state hackers
So far, the hackers are laying low, likely for later use.
arstechnica.com
November 23, 2025 at 7:17 AM
samilaiho.com
Cox Enterprises discloses Oracle E-Business Suite data breach
www.bleepingcomputer.com/news/securit...
Cox Enterprises discloses Oracle E-Business Suite data breach
Cox Enterprises is notifying impacted individuals of a data breach that exposed their personal data to hackers who breached the company network after exploiting a zero-day flaw in Oracle E-Business Su...
www.bleepingcomputer.com
November 23, 2025 at 7:16 AM
samilaiho.com
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
www.bleepingcomputer.com/news/securit...
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentia...
www.bleepingcomputer.com
November 23, 2025 at 7:15 AM
samilaiho.com
Gmail can read your emails and attachments to train its AI, unless you opt out
www.malwarebytes.com/blog/news/20...
[Correction] Gmail can read your emails and attachments to power "smart features"
Did you know that Gmail can use your emails and attachments for its smart features? Here's how to check your settings.
www.malwarebytes.com
November 23, 2025 at 7:13 AM