• Cybercriminals Exploit Browser Push Notifications to Deliver Malware
• Salesforce Gainsight compromise: Early findings and customer guidance
• New Gainsight Supply Chain Hack Could Affect Salesforce Customers
• Research shows identity document checks are missing key signals
• What insurers really look at in your identity controls
• Convenience culture is breaking personal security
• New infosec products of the week: November 21, 2025
• Salesforce investigates new incident echoing Salesloft Drift compromise
• UNC2891 Money Mule Network Reveals Full Scope of ATM Fraud Operation
• Security gap in Perplexity’s Comet browser exposed users to system-level attacks
• CISA Issues New Guidance on Bulletproof Hosting Threat
• Supply Chain Breaches Impact Almost All Firms Globally, BlueVoyant Reveals
• Gartner: 40% of Firms to Be Hit By Shadow AI Security Incidents
• UK, US and Australia Sanction Russian Bulletproof Hoster Media Land
• Europol Operation Disrupts $55m in Cryptocurrency For Piracy
• Eternidade Stealer Trojan Fuels Aggressive Brazil Cybercrime
• PlushDaemon Hackers Unleash New Malware in China-Aligned Spy Campaigns
• China-Linked Operation “WrtHug” Hijacks Thousands of ASUS Routers
• Half of Ransomware Access Due to Hijacked VPN Credentials

Researchers at BlackFrog have uncovered Matrix Push C2, a malicious command-and-control system that abuses web browser push notifications to deliver malware