Cybersecurity News from Across the Internet
Rival hackers expose the alleged operators behind Lumma Stealer, a major data-theft malware, causing leaks and internal chaos that have slowed its growth. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Group-IB has uncovered a phishing campaign by Iran-linked MuddyWater, exploiting compromised emails for foreign intelligence – Read More –
SentinelLABS Researchers have uncovered a new phishing campaign, PhantomCaptcha, targeting aid organizations supporting Ukraine – Read More –
New research on SocGholish (FakeUpdates) reveals how this MaaS platform is used by threat actors like Evil Corp and RansomHub to compromise websites, steal data, and launch high-impact attacks on healthcare and businesses worldwide. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum, a popular Ethereum .NET integration platform, to steal victims’ cryptocurrency wallet keys. The package, Netherеum.All, has been found to harbor functionality to decode a command-and-control (C2) endpoint and exfiltrate mnemonic phrases, private keys, and – Read … Read More “Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys – The Hacker News” »
Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025. Also targeted were government departments in an African country, as well as government agencies in South America, a university in the U.S., … Read More “Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft’s July Patch – The Hacker News” »
From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanner, XDR, CSPM, SIEM, and CMDB each surface the issue in their own way, with different severity levels, metadata, and context. What’s missing is a system … Read More “Bridging the Remediation Gap: Introducing Pentera Resolve – The Hacker News” »
The Cyber Monitoring Centre has classified the cyber-attack against Jaguar Land Rover as a “systemic cyber event” – Read More –
The Trump administration should reverse cyber personnel and budget cuts, strengthen the Office of the National Cyber Director and expand federal workforce initiatives, the successor organization to the Cyberspace Solarium Commission recommended in a report published Wednesday. The annual implementation report from CSC 2.0 is the first of five iterations to actually determine that the … Read More “US ‘slipping’ on cybersecurity, annual Cyberspace Solarium Commission report concludes – CyberScoop” »
The advice didn’t change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The idea is to make passwords harder for hackers to crack via brute force methods. But more recent guidance shows our focus should be on password length, rather than complexity. Length is the more important security factor, and passphrases are … Read More “Why You Should Swap Passwords for Passphrases – The Hacker News” »
Welcome to Day Two of Pwn2Own Ireland 2025. Yesterday, we awarded $522,500 for 34 unique 0-day bugs. The Summoning Team took a slim lead in the Master of Pwn, but big changes could happen today as we have 19 more attempts today. We’ll be updating this blog with results as they come in, so refresh … Read More “Pwn2Own Ireland 2025 – Day Two Results – Zero Day Initiative – Blog” »
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according to findings from Kaspersky. The cyber espionage activity was first flagged by the Russian cybersecurity vendor in November 2024, when it disclosed a set of attacks aimed at government entities in Latin America … Read More “Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware – The Hacker News” »
Scattered Lapsus$ Hunters may be preparing to launch an extortion-as-a-service model, according to Palo Alto Networks – Read More –
Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions. The vulnerability, tracked as CVE-2025-62518 (CVSS score: 8.1), has been codenamed TARmageddon by Edera, which discovered the issue in late August 2025. It impacts several … Read More “TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution – The Hacker News” »
TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that could result in arbitrary code execution. The vulnerabilities in question are listed below – CVE-2025-6541 (CVSS score: 8.6) – An operating system command injection vulnerability that could be exploited by an attacker who can log in … Read More “TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution – The Hacker News” »
Blockchain has finally made its way into traditional banking. For years, major banks wrote it off as a… – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Security specialists at Edera discovered and disclosed a high-severity vulnerability in an early and since-abandoned code for an open-source async tar archive library for the Rust programming language. Researchers warned that potential exploitation, which allows for remote code execution, could bear major impacts due to widespread forking and a lack of visibility into the code’s … Read More “Researchers uncover remote code execution flaw in abandoned Rust code library – CyberScoop” »
The federal government is shut down and the House remains out of session, but work in the Senate continues, as a bipartisan bill designed to crack down on overseas robocalls advanced through a key committee Tuesday. The Foreign Robocall Elimination Act, sponsored by Sens. Ted Budd, R-N.C., and Peter Welch, D-Vt., would create a new … Read More “Robocalling task force bill advances in Senate – CyberScoop” »
The China-linked Salt Typhoon APT group attacked a European telecom via a Citrix NetScaler vulnerability in July 2025, Darktrace reports. This follows past US Army and telecom breaches. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Posted by BSidesSF CFP via Fulldisclosure on Oct 21 BSidesSF is still soliciting submissions for the annual BSidesSF conference on March 21-22, 2026. Call for participation is currently open for both Informational/Collaborative Tracks. Our theme for 2026 is “BSidesSF: The Musical”. Deadline for submissions is OCTOBER 28, 2025. https://bsidessf.org/cfp BSidesSF (bsidessf.org) is a non-profit … Read More “BSidesSF 2026 CFP still open until October 28th – Full Disclosure” »
Posted by malvuln on Oct 21 Greetings, I created a MISP-compatible feed for Malvuln that provides malware-vulnerability intelligence; vulnerability types are normalized and mapped to the MITRE ATT&CK framework to improve tagging, correlation and threat analysis. https://intel.malvuln.com Track vulnerable malware, for researchers or anyone building CTI pipelines Existing data live now — new entries … Read More “Malvuln – MISP compatible malware vulnerability intelligence feed now live – Full Disclosure” »
Posted by Matthias Deeg via Fulldisclosure on Oct 21 Advisory ID: SYSS-2025-015 Product: Keypad Secure USB 3.2 Gen 1 Drive Manufacturer: Verbatim Affected Version(s): Part Number #49427 (GDMSLK03A-IN3637 VER1.0) Part Number #49428 (GDMSLK03A-IN3637 VER1.0) Tested Version(s): Part Number #49427 (GDMSLK03A-IN3637 VER1.0) Part Number #49428 (GDMSLK03A-IN3637 VER1.0) Vulnerability Type:… – Read More – Full Disclosure
Posted by Matthias Deeg via Fulldisclosure on Oct 21 Advisory ID: SYSS-2025-016 Product: Store ‘n’ Go Secure Portable SSD Manufacturer: Verbatim Affected Version(s): Part Number #53402 (GDMSLK02 C-INIC3637-V1.1) Tested Version(s): Part Number #53402 (GDMSLK02 C-INIC3637-V1.1) Vulnerability Type: Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) Risk Level:… – Read More – Full Disclosure
Posted by Matthias Deeg via Fulldisclosure on Oct 21 Advisory ID: SYSS-2025-017 Product: Store ‘n’ Go Secure Portable HDD Manufacturer: Verbatim Affected Version(s): Part Number #53401 (GD25LK01-3637-C VER4.0) Tested Version(s): Part Number #53401 (GD25LK01-3637-C VER4.0) Vulnerability Type: Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) Risk Level: High… – Read More – Full … Read More “[SYSS-2025-017]: Verbatim Store ‘n’ Go Secure Portable HDD (security update v1.0.0.6) – Offline brute-force attack – Full Disclosure” »
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 21 SEC Consult Vulnerability Lab Security Advisory < 20251021-0 > ======================================================================= title: Multiple Vulnerabilities product: EfficientLab WorkExaminer Professional vulnerable version: <= 4.0.0.52001 fixed version: – CVE number: CVE-2025-10639, CVE-2025-10640, CVE-2025-10641 impact: Critical homepage:… – Read More – Full Disclosure
Cybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge. PolarEdge was first documented by Sekoia in February 2025, attributing it to a campaign targeting routers from Cisco, ASUS, QNAP, and Synology with the goal of corralling them into a network for an as-yet-undetermined purpose. The TLS-based ELF implant, at … Read More “PolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet Campaign – The Hacker News” »
Meta on Tuesday said it’s launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company said it’s introducing new warnings on WhatsApp when users attempt to share their screen with an unknown contact during a video call so as to prevent them from giving away sensitive information like … Read More “Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams – The Hacker News” »
Group-IB has uncovered a scam operation impersonating Singapore officials using Google Ads and deepfakes – Read More –
Veeam announced Tuesday it agreed to acquire Securiti AI for $1.725 billion, marking the data protection company’s largest acquisition and its entry into the artificial intelligence security market as enterprises struggle to deploy AI systems safely. The deal, expected to close in early December, comes as organizations face mounting challenges in managing data across fragmented … Read More “Veeam acquires Securiti AI for $1.7 billion – CyberScoop” »
Envoy Air (American Airlines) confirms a breach by CL0P after they exploited the critical CVE-2025-61882 zero-day flaw in Oracle E-Business Suite. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Wilmington, Delaware, 21st October 2025, CyberNewsWire – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
According to ExtraHop’s latest threat landscape report, average ransomware payments surged 44% to $3.6m in 2025 despite fewer incidents – Read More –
Dataminr, a New York-based company specializing in real-time threat intelligence, announced plans Tuesday to acquire ThreatConnect, a cybersecurity threat intelligence provider, for $290 million. The acquisition will combine Dataminr’s AI-powered analysis of public data with ThreatConnect’s internal threat management capabilities, creating what the companies describe as “Client-Tailored intelligence” that adapts to individual customer needs. The … Read More “Dataminr to acquire cybersecurity firm ThreatConnect for $290 million – CyberScoop” »
Posted by Security Explorations on Oct 21 Dear All, We have recently experienced “an outage” / unavailability of our website [1] due to Google suspending our Firebase project (the root for our website hosting). On Oct 16, 2025 (23:20 PM CET) we received a message [2] from Google Cloud Compliance, which indicated our hosting … Read More “Google Firebase hosting suspension / “malware distribution” bypass – Full Disclosure” »
The NCSC co-signs Ministerial letter to major British businesses including FTSE 350 companies. – Read More – NCSC Feed
The growing demand for crypto-friendly financial services has accelerated the rise of white-label crypto bank solutions. These ready-made… – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
CISOs fight alert fatigue with real-time visibility, automation, and integration. Learn how ANY.RUN helps teams speed detection, cut false positives, and boost SOC efficiency. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Artificial intelligence (AI) holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It can help teams cut through alert fatigue, spot patterns faster, and bring a level of scale that human analysts alone can’t match. But realizing that potential depends on securing the systems that make it possible. Every … Read More “Securing AI to Benefit from AI – The Hacker News” »
A critical out-of-bounds write flaw (CVE-2025-9242) in WatchGuard Fireware OS could allow remote code execution – Read More –
The Coldriver hacking group reportedly shifted its operation quickly after the May 2025 public disclosure of its LostKeys malware – Read More –
Sublime Security warns of a massive credential phishing scam using fake job offers from brands like KFC and Red Bull to steal Facebook login details. Don’t fall for the trap. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Welcome to Day One of Pwn2Own Ireland 2025! We have 17 attempts today with some exciting research on display. We’ll be posting results here as we have them, and follow us on Twitter, Mastodon, and Bluesky. SUCCESS – Team Neodyme used a stack based buffer overflow to exploit the HP DeskJet 2855e. They earn $20,000 … Read More “Pwn2Own Ireland 2025: Day One Results – Zero Day Initiative – Blog” »
Lumma Stealer operators allegedly exposed in underground doxxing campaign, with sensitive details leaked by rival cybercriminals, according to Trend Micro – Read More –
A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon. The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Citrix NetScaler Gateway appliance to obtain initial access. Salt Typhoon, also … Read More “Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network – The Hacker News” »
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased “operations tempo” from the threat actor. The findings come from Google Threat Intelligence Group (GTIG), which said the state-sponsored hacking crew has rapidly refined and retooled its malware arsenal merely five days … Read More “Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers – The Hacker News” »
A global AWS outage disrupted major apps and services across regions before being fully mitigated, exposing heavy dependence on cloud infrastructure. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite (EBS) has been weaponized in real-world attacks. The security defect in question is CVE-2025-61884 (CVSS score: 7.5), which has been described as a – … Read More “Five New Exploited Bugs Land in CISA’s Catalog — Oracle and Microsoft Among Targets – The Hacker News” »
China’s Ministry of State Security accused the National Security Agency of conducting a yearslong attack on China’s national timekeeping infrastructure to steal sensitive data and infiltrate the service for potential sabotage. The NSA gained initial access to China’s National Time Service Center systems in April 2023 by using credentials lifted from employees’ mobile devices that … Read More “China’s spy agency accuses NSA of yearslong attack on the country’s timekeeping service – CyberScoop” »
A nonprofit organization has filed a formal complaint with the Federal Trade Commission, claiming Google’s business practices around children and teenagers violates U.S. privacy laws and constitutes unfair and deceptive practices. The complaint, filed by the Digital Childhood Institute, lays out five core claims against the tech giant: that it “knowingly” markets adult-themed or age-restricted … Read More “Apple and Google challenged by parents’ rights coalition on youth privacy protections – CyberScoop” »
A nonprofit organization has filed a formal complaint with the Federal Trade Commission, claiming Google’s business practices around children and teenagers violates U.S. privacy laws and constitutes unfair and deceptive practices. The complaint, filed by the Digital Childhood Institute, lays out five core claims against the tech giant: that it “knowingly” markets adult-themed or age-restricted … Read More “Apple and Google challenged by parents’ rights coalition on youth privacy protections – CyberScoop” »
![[SYSS-2025-015]: Verbatim Keypad Secure (security update v1.0.0.6) – Offline brute-force attack – Full Disclosure](https://attackfeed.com/wp-content/uploads/2025/10/fulldisclosure-img-aKiNkQ.webp)
![[SYSS-2025-016]: Verbatim Store ‘n’ Go Secure Portable SSD (security update v1.0.0.6) – Offline brute-force attack – Full Disclosure](https://attackfeed.com/wp-content/uploads/2025/10/fulldisclosure-img-RbOVcD.webp)
![[SYSS-2025-017]: Verbatim Store ‘n’ Go Secure Portable HDD (security update v1.0.0.6) – Offline brute-force attack – Full Disclosure](https://attackfeed.com/wp-content/uploads/2025/10/fulldisclosure-img-W6yrfX.webp)
