Cybersecurity News from Across the Internet
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons from the field. This recap cuts through the noise to share what really matters—key trends, warning signs, and stories shaping today’s security landscape. Whether you’re defending systems or just keeping up, these … Read More “⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More – The Hacker News” »
WatchTowr finds a serious flaw in Dell UnityVSA (CVE-2025-36604) letting attackers run commands without login. Dell issues patch 5.5.1 – update now. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
When security researchers issued warnings about the Salesloft Drift issues last month, two prominent cybersecurity companies found themselves facing the same threat — but their stories ended up unfolding in different ways. Okta and Zscaler, among the larger players in the identity management space, were among the more than 700 Drift customers targeted in what … Read More “Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks – CyberScoop” »
When security researchers issued warnings about the Salesloft Drift issues last month, two prominent cybersecurity companies found themselves facing the same threat — but their stories ended up unfolding in different ways. Okta and Zscaler, among the larger players in the identity management space, were among the more than 700 Drift customers targeted in what … Read More “Security leaders at Okta and Zscaler share lessons from Salesloft Drift attacks – CyberScoop” »
Experts warn that threat actors may be gearing up for compromise after large uptick in scans of Palo Alto Network portals – Read More –
Asahi confirmed it has fallen victim to a ransomware attack, and revealed it has started manual order processing amid ongoing operational disruption – Read More –
Renault and Dacia have become the latest big-name brands to suffer a supply chain breach – Read More –
A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic Web Client that arises as a result of insufficient sanitization of HTML content in … Read More “Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files – The Hacker News” »
The Indian financial services arena is undergoing an overhaul of the regulatory alignment system. The Reserve Bank of India’s… The post RBI + SEBI + DPDP Intersections: The New Blueprint for Trust in Financial Services appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to … Read More “Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks – The Hacker News” »
You tap Update, wait for the progress indicator, and then error. Your iPhone freezes and displays “Update Failed,”… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
As we all know, the SD card usually stores your multimedia and important mobile files. When Android suddenly… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Hackers are more likely to target educational institutions than private businesses, government survey shows When hackers attacked UK nurseries last month and published children’s data online, they were accused of hitting a new low. But the broader education sector is well used to being a target. Continue reading… – Read More – Data and computer … Read More “Six out of 10 UK secondary schools hit by cyber-attack or breach in past year – Data and computer security | The Guardian” »
Discord confirms a data breach via a third-party vendor, exposing government-issued photo IDs, names, emails, and limited billing data of users who contacted customer support. Learn the full risk. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity’s agentic AI browser Comet by embedding malicious prompts within a seemingly innocuous link to siphon sensitive data, including from connected services, like email and calendar. The sneaky prompt injection attack plays out in the form of a malicious link that, when clicked, … Read More “CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief – The Hacker News” »
A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these ‘privacy’ tools are actually major security risks, especially for BYOD environments. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Threat intelligence firm GreyNoise disclosed on Friday that it has observed a spike in scanning activity targeting Palo Alto Networks login portals. The company said it observed a nearly 500% increase in IP addresses scanning Palo Alto Networks login portals on October 3, 2025, the highest level recorded in the last three months. It described … Read More “Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day – The Hacker News” »
A leak site from Scattered LAPSUS$ Hunters alleges Salesforce breach, with hackers claiming 1B records stolen and 39 major companies affected – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That’s according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threat intelligence firm said it has … Read More “Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer – The Hacker News” »
Federal courts are upgrading their cybersecurity on a number of fronts, but multifactor authentication for the system that gives the public access to court data poses “unique challenges,” the Administrative Office of the United States Courts told Sen. Ron Wyden in a letter this week. Wyden, D-Ore., wrote a scathing August letter to the Supreme … Read More “Federal judiciary touts cybersecurity work in wake of latest major breach – CyberScoop” »
A coordinated Israeli-backed network of social media accounts pushed anti-government propaganda — including deepfakes and other AI-generated content — to Iranians as real-world kinetic attacks were happening, with the goal of fomenting revolt among the country’s people, according to researchers at Citizen Lab. In research released this week, the nonprofit — along with Clemson University … Read More “Researchers say Israeli government likely behind AI-generated disinfo campaign in Iran – CyberScoop” »
Bitsight warns ICS/OT exposure jumped 12% in 2024, leaving 180,000+ critical infrastructure systems open to attack. Learn about the possible vulnerabilities and new malware strains. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship information stealer has been updated to support the ability to collect device and web browser fingerprints, among others. “Rhadamanthys was initially promoted through posts on cybercrime forums, but soon it … Read More “Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads – The Hacker News” »
Beer lovers will be sobbing into their pints at the news that a ransomware attack has brought Japan’s largest brewer to its knees and left the country days away from running out of its most popular beverage. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
Cisco Talos has identified a Chinese-speaking cybercrime group that targets high-value Internet Information Services (IIS) for SEO fraud – Read More –
A ‘high-volume’ extortion campaign possibly linked to FIN11 and Cl0p is targeting Oracle E-Business executives. Mandiant and GTIG are investigating unproven data theft claims. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Brazilian users have emerged as the target of a new self-propagating malware that spreads via the popular messaging app WhatsApp. The campaign, codenamed SORVEPOTEL by Trend Micro, weaponizes the trust with the platform to extend its reach across Windows systems, adding the attack is “engineered for speed and propagation” rather than data theft or ransomware. … Read More “Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL – The Hacker News” »
Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity of credential storage and sharing in modern organizations. The platform recently received a major update that reworks all the core mechanics. Passwork 7 introduces significant changes to how credentials are organized, accessed, and managed, reflecting … Read More “Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security – The Hacker News” »
Patches for the targeted vulnerabilities were released in Oracle’s July 2025 security update – Read More –
A threat actor that’s known to share overlaps with a hacking group called YoroTrooper has been observed targeting the Russian public sector with malware families such as FoalShell and StallionRAT. Cybersecurity vendor BI.ZONE is tracking the activity under the moniker Cavalry Werewolf. It’s also assessed to have commonalities with clusters tracked as SturgeonPhisher, Silent Lynx, … Read More “New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT – The Hacker News” »
WestJet revealed that customer personal details and membership data were stolen in the June 2025 attack – Read More –
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Smartbedded Meteobridge to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2025-4008 (CVSS score: 8.7), is a case of command injection in the Meteobridge web interface that could result in code execution. ” – … Read More “CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild – The Hacker News” »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Smartbedded Meteobridge to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2025-4008 (CVSS score: 8.7), is a case of command injection in the Meteobridge web interface that could result in code execution. ” – … Read More “CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild – The Hacker News” »
The Securities and Exchange Board of India (SEBI) has taken its game a notch higher in an era where… The post SEBI’s 2025 Cybersecurity Framework appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Posted by josephgoyd via Fulldisclosure on Oct 02 Updated repo location: https://github.com/JGoyd/iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201 Working exploit: https://www.dropbox.com/scl/fi/oerpnhq1ui3xfswsszfh2/Audio-clip.amr?rlkey=7n54m1o84poezyipxvd2f9slx&st=b1tkonvr&dl=0 – Read More – Full Disclosure
Posted by josephgoyd via Fulldisclosure on Oct 02 Updated repo location: https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201 Working exploit: https://www.dropbox.com/scl/fi/ech6wdnpnyscbfiu2o8zh/IMG_1118.png?rlkey=jna5uo6aihs6tfbwtsk8fw7em&st=8c56raq8&dl=0 – Read More – Full Disclosure
Red Hat on Thursday confirmed an attacker gained access to and stole data from a GitLab instance used by its consulting team, exposing some customer data. The open-source software company, a subsidiary of IBM, said the breach is contained and an investigation into the attack is underway. “Upon detection, we promptly launched a thorough investigation, … Read More “Red Hat confirms breach of GitLab instance, which stored company’s consulting data – CyberScoop” »
Renault UK warns customers of a third-party data breach exposing personal details, stressing vigilance against fraud and confirming no bank data lost. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Emails sent to Oracle customers by members of the Clop ransomware group assert that the cybercriminals are solely interested in a financial payout, framing the extortion as a business transaction rather than a politically motivated attack. The extortion emails were sent to executives of alleged victim organizations earlier this week, with attackers claiming they would provide … Read More “Here is the email Clop attackers sent to Oracle customers – CyberScoop” »
The threat actor known as Confucius has been attributed to a new phishing campaign that has targeted Pakistan with malware families like WooperStealer and Anondoor. “Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and critical industries — especially in Pakistan – using spear-phishing and malicious documents as initial – … Read More “Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware – The Hacker News” »
Researchers have found two Android spyware families masquerading as messaging apps Signal and ToTok, apparently targeting residents of the United Arab Emirates. ESET revealed the spyware campaigns Thursday in a blog post, saying that researchers discovered it in June but believe it dates back to last year. They dubbed the campaigns ProSpy and ToSpy, with … Read More “Android spyware disguised as legitimate messaging apps targets UAE victims, researchers reveal – CyberScoop” »
The US government shutdown is estimated to result in around 65% of CISA staff being furloughed, with fears that threat actors will exploit critical security gaps – Read More –
North Korean nationals who conceal their identities to infiltrate businesses as employees or contractors continue to expand their presence beyond technology companies and America’s borders. Nearly every industry has been duped into hiring North Koreans in violation of sanctions, as technology companies represent only half of all targeted victims, threat researchers at Okta said in … Read More “North Korea IT worker scheme swells beyond US companies – CyberScoop” »
Four critical zero-day flaws found in the $20 YoLink Smart Hub allow remote physical access, threatening your home security. See the urgent steps you must take now. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The initial investigation shows early signs of links with the FIN11 and Clop cyber extortion groups – Read More –
Cybersecurity researchers have flagged a malicious package on the Python Package Index (PyPI) repository that claims to offer the ability to create a SOCKS5 proxy service, while also providing a stealthy backdoor-like functionality to drop additional payloads on Windows systems. The deceptive package, named soopsocks, attracted a total of 2,653 downloads before it was taken … Read More “Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown – The Hacker News” »
The Confucius cyber-espionage group has shifted its tactics from document-focused stealers to Python-based backdoors like AnonDoor – Read More –
Cybersecurity firm Tenable found three critical flaws allowing prompt injection and data exfiltration from Google’s Gemini AI. Learn why AI assistants are the new weak link. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A new study by Zimperium has revealed serious risks in free VPN apps, exposing users to privacy threats and security flaws – Read More –
Google Mandiant and Google Threat Intelligence Group (GTIG) have disclosed that they are tracking a new cluster of activity possibly linked to a financially motivated threat actor known as Cl0p. The malicious activity involves sending extortion emails to executives at various organizations and claiming to have stolen sensitive data from their Oracle E-Business Suite. “This … Read More “Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware – The Hacker News” »
![Re: [FD] Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft – Full Disclosure](https://attackfeed.com/wp-content/uploads/2025/10/fulldisclosure-img-5d5PUX.webp)
![Re: [FD] : “Glass Cage” – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885) – Full Disclosure](https://attackfeed.com/wp-content/uploads/2025/10/fulldisclosure-img-tKo9mS.webp)
