Meta expands WhatsApp security research, reveals $4M payouts, new proxy tool, and patched high-severity flaws.
Category: security
Cloudflare hit by outage affecting global network services
Cloudflare is investigating an outage affecting its global network services, with users encountering “internal server error” messages when attempting to access affected websites and online platforms.
Cloudflare’s Global Network is a distributed infrastructure of servers and data centers located in over 330 cities across more than 120 countries, delivering content delivery, security, and performance optimization services.
It has 449 Tbps global network edge capacity and connects Cloudflare to over 13,000 networks, including every major ISP, cloud provider, and enterprise worldwide.
UT Eclipses 5,000 GPUs To Increase Dominance in Open-Source AI, Strengthen Nation’s Computing Power
Amid the private sector’s race to lead artificial intelligence innovation, The University of Texas at Austin has strengthened its lead in academic computing power and dominance in computing power for public, open-source AI. UT has acquired high-performance Dell PowerEdge servers and NVIDIA AI infrastructure powered by more than 4,000 NVIDIA Blackwell architecture graphic processing units (GPUs), the most powerful GPUs in production to date.
The new infrastructure is a game-changer for the University, expanding its research and development capabilities in agentic and generative AI while opening the door to more society-changing discoveries that support America’s technological dominance. The NVIDIA GB200 systems and NVIDIA Vera CPU servers will be installed as part of Horizon, the largest academic supercomputer in the nation, which goes online next year at UT’s Texas Advanced Computing Center (TACC). The National Science Foundation (NSF) is funding Horizon through its Leadership Class Computing Facility program to revolutionize U.S. computational research.
UT has the most AI computing power in academia. In total, the University has amassed more than 5,000 advanced NVIDIA GPUs across its academic and research facilities. The University has the computing power to produce open-source large language models — which power most modern AI applications — that rival any other public institution. Open-source computing is nonproprietary and serves as the backbone for publicly driven research. Unlike private sector models, it can be fine-tuned to support research in the public interest, producing discoveries that offer profound benefits to society in such areas as health care, drug development, materials and national security.
Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT
The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT.
The campaign, which is primarily aimed at Chinese-speaking users, employs trojanized NSIS installers masquerading as legitimate like Google Chrome and Microsoft Teams, according to Elastic Security Labs.
“The infection chain employs a multi-stage delivery mechanism that leverages various evasion techniques, with many redundancies aimed at neutralising endpoint security products popular in the Chinese market,” security researchers Jia Yu Chan and Salim Bitam said. “These include bringing a legitimately signed driver, deploying custom WDAC policies, and tampering with the Microsoft Defender binary through PPL [Protected Process Light] abuse.”
Microsoft: Windows 10 KB5072653 OOB update fixes ESU install errors
Microsoft has released an emergency Windows 10 KB5072653 out-of-band update to resolve ongoing issues with installing the November extended security updates.
Windows 10 reached the end of support on October 14, 2025, and Microsoft no longer introduces new features or releases free security updates.
For individuals and business customers who wish to continue using Windows 10, Microsoft offers extended security updates (ESU).
ASUS warns of critical auth bypass flaw in DSL series routers
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models.
Tracked as CVE-2025–59367, this vulnerability allows remote, unauthenticated attackers to log into unpatched devices exposed online in low-complexity attacks that don’t require user interaction.
ASUS has released firmware version 1.1.2.3_1010 to address this vulnerability for DSL-AC51, DSL-N16, and DSL-AC750 router models.
