November 23, 2025
November 23, 2025
CVE-2025-49752 is a critical authentication bypass vulnerability in Azure Bastion that could allow remote privilege escalation, directly impacting the security of cloud infrastructure for organizations worldwide.
In Azure Bastion, this could allow a remote attacker to escalate privileges to an administrative level, potentially granting access to all VMs reachable via the Bastion host.
The vulnerability is remotely exploitable, requires no user interaction, and targets the authentication mechanisms within the Bastion service.
I put together a page with all of the cybersecurity podcasts I’ve reviewed so far, with links: https://t.co/UPhUjlgtML
— Zack Korman (@ZackKorman) November 22, 2025
Please listen to this podcast about ANOM:https://t.co/A69NWRglp7
— GrapheneOS (@GrapheneOS) November 21, 2025
The FBI ran a string operation in Europe where they created their own 'secure' phone and messaging platform. Their OS used portions of our code and was heavily marketed as being GrapheneOS or based on GrapheneOS.
So, apparently you can SSL strip many Apps on macOS, getting tokens and maybe sensitive user information - in my case, I did @claudeai desktop 👀
— Jonathan Bar Or (JBO) 🇮🇱🇺🇸🇺🇦🎗️ (@yo_yo_yo_jbo) November 22, 2025
A vulnerability? Probably not, but still useful for attackers.https://t.co/vd7QtcaVFd
In September 2025, we published a threat research about how the ShinyHunters actively recruits insiders to gain unauthorized access to cloud applications. This TTP remains widely used today, and it is challenging to detecting without proper monitoring.https://t.co/8q8Mf8pRnP pic.twitter.com/hDc7J8VjNo
— Arda Büyükkaya (@WhichbufferArda) November 22, 2025
So, not long after posting this, something pretty interesting came down the pipes! Not exactly the 5th episode, but a teaser trailer in a way.
— Hamid Kashfi (@hkashfi) November 23, 2025
IranInternational released a report, expanding more on recently obtained evidence and information (without mentioning any source),… https://t.co/jEAlJ2u03d
‼️ Scattered LAPSUS$ ShinyHunters members have returned with new breaches and serious threats.
— International Cyber Digest (@IntCyberDigest) November 21, 2025
They are attempting to orchestrate the murders of Google Threat Intelligence employees in New York.
They also claim to have breached FBI Cellebrite accounts, CrowdStrike, Salesforce,… pic.twitter.com/jyklKjY82s
I've had a surprising amount of people ask me about Copilot and the stick I'm poking it with. Copilot is a hot topic, so I assume people are genuinely interested in how it works?
— vx-underground (@vxunderground) November 22, 2025
I can't really give a good tl;dr because I'm still poking it with a stick. There is a lot of stuff I… pic.twitter.com/YBvp9zHs1T
tl;dr to kill Copilot forever just block copilot[.]microsoft[.]com
— vx-underground (@vxunderground) November 22, 2025
Start the conversation: