Cybersecurity News from Across the Internet
Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don’t need advanced tools; they just need one careless login. For IT teams, that means endless resets, compliance struggles, and sleepless nights worrying about the next credential leak. This Halloween, The Hacker News and Specops … Read More “Step Into the Password Graveyard… If You Dare (and Join the Live Session) – The Hacker News” »
Researchers warn of Shuyal Stealer, malware that gathers browser logins, system details, and Discord tokens, then erases evidence via Telegram. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Jaguar Land Rover has reported a 25% drop in volume sales in the three months up to September 30, largely due to the impact of the ongoing cyber incident – Read More –
North Korean hackers have stolen over $2bn in cryptocurrency already this year, says Elliptic – Read More –
Two 17-year-olds have been arrested following a cyber-attack on the Kido nursery group – Read More –
How organisations can improve their ability to both detect and discover cyber threats. – Read More – NCSC Feed
OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development. This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The … Read More “OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks – The Hacker News” »
Data is now being used as a strategic asset and a major vulnerability as global businesses become increasingly digital… The post The Road Ahead: India’s Data Protection in 2026 appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse to pay a ransom. The group also claimed responsibility for a recent breach involving Discord … Read More “ShinyHunters Wage Broad Corporate Extortion Spree – Krebs on Security” »
Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware. Researchers observed the malicious activity Sept. 11, Microsoft said in a blog post Monday. Microsoft’s research adds another substantive chunk of evidence to a growing collection of intelligence confirming the … Read More “Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175 – CyberScoop” »
A long-running theme in the use of adversarial AI since the advent of large language models has been the automation and enhancement of well-established hacking methods, rather than the creation of new ones. That remains the case for much of OpenAI’s October threat report, which highlights how government agencies and the cybercriminal underground are opting … Read More “OpenAI: Threat actors use us to be efficient, not make new tools – CyberScoop” »
Posted by Stefan Kanthak via Fulldisclosure on Oct 07 On a fresh installation of the just released Windows 11 25H2 the former file %SystemRoot%System32SecurityHealth10.0.27840.1000-0SecurityHealthHost.exe is %SystemRoot%System32SecurityHealthHost.exe now, but the BUG persists: | svchost.exe (PID = 9876) identified \?C:WindowsSystem32SecurityHealthHost.exe | as Disallowed using default rule, Guid = 11015445-d282-4f86-96a2-9e485f593302 stay tuned, and far away from bug-riddled … Read More “Re: Defense in depth — the Microsoft way (part 93): SRP/SAFER whitelisting goes black on Windows 11 – Full Disclosure” »
Posted by full on Oct 07 Substack is down. If there is a replacement, it is appreciated. -x9p – Read More – Full Disclosure
Posted by josephgoyd via Fulldisclosure on Oct 07 The GitHub link has a write up on the attack-chain. Along with the CNVD certs that were issued for validation. https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201 – Read More – Full Disclosure
Critical Redis flaw RediShell (CVE-2025-49844) exposes 60,000 servers to remote code execution. Patch immediately to prevent full system compromise. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot. “The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents,” Aryaka Threat Research Labs – … Read More “BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers – The Hacker News” »
The Qilin group claims to have stolen sensitive personal and proprietary data from the Brewer – Read More –
Latest reports suggest the critical GoAnywhere MFT vulnerability (CVE-2025-10035, CVSS 10.0) is actively exploited by the Medusa ransomware gang for unauthenticated RCE. Patch immediately. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Google’s DeepMind division on Monday announced an artificial intelligence (AI)-powered agent called CodeMender that automatically detects, patches, and rewrites vulnerable code to prevent future exploits. The efforts add to the company’s ongoing efforts to improve AI-powered vulnerability discovery, such as Big Sleep and OSS-Fuzz. DeepMind said the AI agent is designed to be both reactive … Read More “Google’s New AI Doesn’t Just Find Vulnerabilities — It Rewrites Code to Patch Them – The Hacker News” »
The Qilin ransomware gang has claimed attacks at Mecklenburg County Public Schools, stealing financial records and childrens’ medical files – Read More –
Raleigh, United States, 7th October 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A critical Redis flaw, dubbed “RediShell,” has exposed 60,000 unprotected servers to exploitation – Read More –
In episode 71 of The AI Fix, a giant robot spider goes backpacking for a year before starting its job in lunar construction, DoorDash builds a delivery Minion, and a TikToker punishes an AI by making it talk to condiments. GPT-5 crushes the humans at the ICPC World Finals, Claude Sonnet 4.5 codes for 30 … Read More “The AI Fix #71: Hacked robots and power-hungry AI – Graham Cluley” »
Discord said a third-party customer services provider was compromised to access user data, with the attackers aiming to extort a financial ransom – Read More –
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts. “XWorm’s modular design is built around a core client and an array of specialized components known as plugins,” Trellix researchers Niranjan Hegde and Sijo Jacob said in an analysis … Read More “XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities – The Hacker News” »
For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just how outdated that mindset has become. Far from a future concern, AI is already the … Read More “New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise – The Hacker News” »
Security researchers at UC Irvine reveal the ‘Mic-E-Mouse’ attack, showing how high-DPI optical sensors in modern mice can detect desk vibrations and reconstruct user speech with high accuracy. Learn how this side-channel vulnerability affects your privacy. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A critical Oracle E-Business Suite vulnerability is being actively exploited by the Clop ransomware group – Read More –
Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software to facilitate the deployment of Medusa ransomware. The vulnerability is CVE-2025-10035 (CVSS score: 10.0), a critical deserialization bug that could result in command injection without authentication. It was addressed in version 7.8.4, … Read More “Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware – The Hacker News” »
Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as CVE-2025-49844 (aka RediShell), has been assigned a CVSS score of 10.0. “An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger … Read More “13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely – The Hacker News” »
A critical GoAnywhere vulnerability is being exploited by the Medusa ransomware group, says Microsoft – Read More –
The Digital Personal Data Protection (DPDP) Act 2023 has reshaped the approach that enterprises take towards data protection. Compliance… The post Smart Compliance: DPDP Act Meets AI and Blockchain appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider (aka Cl0p), and that the first known exploitation occurred on August 9, 2025. The exploitation involves the exploitation of CVE-2025-61882 (CVSS score: 9.8), a critical … Read More “Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks – The Hacker News” »
Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to initiate a widespread data theft and extortion campaign researchers initially warned about last week. Oracle addressed the critical vulnerability — CVE-2025-61882 affecting Oracle E-Business Suite — in a security advisory … Read More “Oracle zero-day defect amplifies panic over Clop’s data theft attack spree – CyberScoop” »
ESET warns of fake Signal and ToTok apps spreading Android spyware in the UAE, stealing contacts, messages, and chat backups from users. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Tech experts and companies offering encrypted messaging services are warning that pending European regulation, which would grant governments broad authority to scan messages and content on personal devices for criminal activity, could spell “the end” of privacy in Europe. The European Union will vote Oct. 14 on a legislative proposal from the Danish Presidency known … Read More “Potential EU law sparks global concerns over end-to-end encryption for messaging apps – CyberScoop” »
Three House Democrats questioned the Department of Homeland Security on Monday over a reported Immigration and Customs Enforcement contract with a spyware provider that they warn potentially “threatens Americans’ freedom of movement and freedom of speech.” Their letter follows publication of a notice that ICE had lifted a stop-work order on a $2 million deal … Read More “House Dems seek info about ICE spyware contract, wary of potential abuses – CyberScoop” »
A misconfigured database belonging to a pet insurance company, “Rainwalk Pet Insurance,” exposed sensitive PII and veterinary claim data. The data exposure reveals new fraud tactics, including microchip and reimbursement scams. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Paris, France, 6th October 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Europol’s Cybercrime Conference has warned that cybercriminals are exploiting new technologies faster than law enforcement can adapt – Read More –
A new TOR data leak site published by the Trinity of Chaos ransomware group unveils 39 firms’ data and threatens Salesforce litigation – Read More –
A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the Ministry of State Security (MSS). The assessment comes from evidence that at least four BIETA personnel have clear or possible links to MSS officers and their relationship with the University of International Relations, … Read More “New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations – The Hacker News” »
Discord has confirmed that users who contacted its customer support service have had their data stolen by hackers, who have attempted to extort a ransom from the company. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization (SEO) fraud and theft of high-value credentials, configuration files, and certificate data. The attacks are designed to target Microsoft Internet Information Services (IIS) servers, with most of the infections reported in India, Thailand – Read … Read More “Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers – The Hacker News” »
In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security measures to protect sensitive data and ensure regulatory compliance. Among these measures, AI-SPM (AI Security Posture Management) solutions have gained traction to secure AI pipelines, sensitive data assets, and the overall AI ecosystem. These solutions help – Read … Read More “5 Critical Questions For Adopting an AI Security Solution – The Hacker News” »
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share what really matters—key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these … Read More “⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More – The Hacker News” »
WatchTowr finds a serious flaw in Dell UnityVSA (CVE-2025-36604) letting attackers run commands without login. Dell issues patch 5.5.1 – update now. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
When security researchers issued warnings about the Salesloft Drift issues last month, two prominent cybersecurity companies found themselves facing the same threat — but their stories ended up unfolding in different ways. Okta and Zscaler, among the larger players in the identity management space, were among the more than 700 Drift customers targeted in what … Read More “Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks – CyberScoop” »
When security researchers issued warnings about the Salesloft Drift issues last month, two prominent cybersecurity companies found themselves facing the same threat — but their stories ended up unfolding in different ways. Okta and Zscaler, among the larger players in the identity management space, were among the more than 700 Drift customers targeted in what … Read More “Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks – CyberScoop” »
Experts warn that threat actors may be gearing up for compromise after large uptick in scans of Palo Alto Network portals – Read More –
![Re: [FD] Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft – Full Disclosure](https://attackfeed.com/wp-content/uploads/2025/10/fulldisclosure-img-5d5PUX.webp)
