Cybersecurity News from Across the Internet
A major Microsoft outage has disrupted Azure, Microsoft 365, Xbox, and Minecraft worldwide after a configuration failure, with services now gradually recovering. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
A 19-year-old California man associated with the nihilistic violent extremist group 764 pleaded not guilty to multiple charges of animal crushing, sexual exploitation of a minor, possession of child sexual abuse material (CSAM), cyberstalking and interstate extortion in a federal court Tuesday. Tony Christopher Long of Porterville, Calif., allegedly committed the various criminal acts in … Read More “Alleged 764 member faces up to 69 years in prison for string of suspected violent crimes – CyberScoop” »
An ex-L3 Harris executive pleaded guilty to two counts of theft of trade secrets Wednesday, admitting to selling eight zero-day exploits to a Russian broker in exchange for millions of dollars. Peter Williams, 39, pleaded guilty in the District Court of the District of Columbia to two counts of theft of trade secrets. Court records … Read More “Ex-L3Harris exec pleads guilty to selling zero-day exploits to Russian broker – CyberScoop” »
The Trump administration’s zeal to stamp out diversity, equity and inclusion programs is affecting national cybersecurity research, as a key open-source security foundation announced it would reject federal grant funding. The Python Software Foundation (PSF), which promotes safe and secure Python coding practices and helps oversee PyPI, the world’s largest open-source code repository for Python, … Read More “Open-source security group pulls out of U.S. grant, citing DEI restrictions – CyberScoop” »
Tel Aviv, Israel, 29th October 2025, CyberNewsWire – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Hackers exploit critical XWiki flaw CVE-2025-24893 to hijack corporate servers for cryptomining, with active attacks confirmed by VulnCheck researchers. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Google Chrome will enhance security with enforced HTTPS connections from version 154, set for release in October 2026 – Read More –
Cybersecurity researchers have flagged a new security issue in agentic web browsers like OpenAI ChatGPT Atlas that exposes underlying artificial intelligence (AI) models to context poisoning attacks. In the attack devised by AI security company SPLX, a bad actor can set up websites that serve different content to browsers and AI crawlers run by ChatGPT … Read More “New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts – The Hacker News” »
Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi. “These automated campaigns exploit known CVE vulnerabilities and cloud misconfigurations to gain control over exposed systems and expand botnet networks,” the Qualys Threat Research Unit (TRU) said … Read More “Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices – The Hacker News” »
The ongoing ‘PhantomRaven’ malicious campaign has infected 126 npm packages to date, representing 86,000 downloads – Read More –
A rise in attacks on PHP servers, IoT devices and cloud gateways is linked to botnets exploiting flaws, according to new research published by Qualys – Read More –
Your main rival in the fintech space just raised $20 million in a very successful Series B funding… – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks. The activity, according to a new report from the Symantec and Carbon Black Threat Hunter Team, targeted a large business services organization for two months and a local government … Read More “Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land Tactics – The Hacker News” »
BeyondTrust’s annual cybersecurity predictions point to a year where old defenses will fail quietly, and new attack vectors will surge. Introduction The next major breach won’t be a phished password. It will be the result of a massive, unmanaged identity debt. This debt takes many forms: it’s the “ghost” identity from a 2015 breach lurking … Read More “Preparing for the Digital Battlefield of 2026: Ghost Identities, Poisoned Accounts, & AI Agent Havoc – The Hacker News” »
Atroposia is a newly discovered modular RAT that uses encrypted channels and advanced theft capabilities to target credentials and crypto wallets – Read More –
Artificial Intelligence (AI) is rapidly transforming Governance, Risk, and Compliance (GRC). It’s no longer a future concept—it’s here, and it’s already reshaping how teams operate. AI’s capabilities are profound: it’s speeding up audits, flagging critical risks faster, and drastically cutting down on time-consuming manual work. This leads to greater efficiency, higher accuracy, and a more … Read More “Discover Practical AI Tactics for GRC — Join the Free Expert Webinar – The Hacker News” »
The backbone breaker benchmark (b3) has been launched to enhance the security of LLMs within AI agents – Read More –
The British Standards Institution claims business leaders aren’t focused enough on managing AI risk – Read More –
Cybersecurity researchers have discovered a set of 10 malicious npm packages that are designed to deliver an information stealer targeting Windows, Linux, and macOS systems. “The malware uses four layers of obfuscation to hide its payload, displays a fake CAPTCHA to appear legitimate, fingerprints victims by IP address, and downloads a 24MB PyInstaller-packaged information stealer … Read More “10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux – The Hacker News” »
Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and VulnCheck. The vulnerabilities are listed below – CVE-2025-6204 (CVSS score: 8.0) – A code injection vulnerability in Dassault Systèmes DELMIA Apriso that could allow an attacker … Read More “Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack – The Hacker News” »
Posted by Andrey Stoykov on Oct 28 # Exploit Title: Stored HTML Injection – Layout Functionality – totaljsv5013 # Date: 10/2025 # Exploit Author: Andrey Stoykov # Version: 5013 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/2025/10/friday-fun-pentest-series-45-stored.html Stored HTML Injection – Layout Functionality: Steps to Reproduce: 1. Login with user and visit “Layouts” 2. … Read More “Stored HTML Injection – Layout Functionality – totaljsv5013 – Full Disclosure” »
Posted by Andrey Stoykov on Oct 28 # Exploit Title: Stored Cross-Site Scripting (XSS) via SVG File Upload – totaljsv5013 # Date: 10/2025 # Exploit Author: Andrey Stoykov # Version: 5013 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/2025/10/friday-fun-pentest-series-46-stored.html Stored Cross-Site Scripting (XSS) via SVG File Upload: Steps to Reproduce: 1. Login with user … Read More “Stored Cross-Site Scripting (XSS) via SVG File Upload – totaljsv5013 – Full Disclosure” »
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 28 SEC Consult Vulnerability Lab Security Advisory < 20251027-0 > ======================================================================= title: Unauthenticated Local File Disclosure product: MPDV Mikrolab MIP 2 / FEDRA 2 / HYDRA X Manufacturing Execution System vulnerable version: 10.14.STD, MIP 2 / FEDRA 2 / HYDRA X with Servicepack 8 … Read More “SEC Consult SA-20251027-0 :: Unauthenticated Local File Disclosure in MPDV Mikrolab MIP 2 / FEDRA 2 / HYDRA X Manufacturing Execution System #CVE-2025-12055 – Full Disclosure” »
Posted by Noor Christensen on Oct 28 Hi Joseph, Looks like your post with the technical details is down; I’m getting a 404 since yesterday. — kchr – Read More – Full Disclosure
Posted by Andrey Stoykov on Oct 28 # Exploit Title: Current Password not Required When Changing Password – totaljsv5013 # Date: 10/2025 # Exploit Author: Andrey Stoykov # Version: 5013 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/2025/10/friday-fun-pentest-series-43-current.html Current Password not Required When Changing Password: Steps to Reproduce: 1. Login with user and click … Read More “Current Password not Required When Changing Password – totaljsv5013 – Full Disclosure” »
Posted by Andrey Stoykov on Oct 28 # Exploit Title: Stored Cross-Site Scripting (XSS) – Layout Functionality – totaljsv5013 # Date: 10/2025 # Exploit Author: Andrey Stoykov # Version: 5013 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/2025/10/friday-fun-pentest-series-44-stored.html Stored Cross-Site Scripting (XSS) – Layout Functionality: Steps to Reproduce: 1. Login with user and visit … Read More “Stored Cross-Site Scripting (XSS) – Layout Functionality – totaljsv5013 – Full Disclosure” »
Posted by Daniel Owens via Fulldisclosure on Oct 28 Struts2 has, since its inception and to today, contained a significant denial of service (DoS) vulnerability stemming from how the Struts2 default deserialiser parses and deserialises arrays, collections (including maps), and related objects. Specifically, Struts2 and related frameworks allow attackers to specify indices and adhere … Read More “Struts2 and Related Framework Array/Collection DoS – Full Disclosure” »
Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic. Experts says a glut of proxies from Aisuru … Read More “Aisuru Botnet Shifts from DDoS to Residential Proxies – Krebs on Security” »
Everest ransomware group leaks alleged AT&T Carrier data, demands $1 million for Dublin Airport files and $2 million for Air Arabia employee records. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
F5 CEO François Locoh-Donou said on a company earnings call that there were two categories of impact on customers following a nation-state attacker’s long-term, persistent access to its systems: widespread emergency updates to BIG-IP software and hardware, and customers whose configuration data was stolen during the attack. “We were very impressed frankly, with the speed … Read More “F5 asserts limited impact from prolonged nation-state attack on its systems – CyberScoop” »
A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the trusted execution environment (TEE) in a computer’s main processor, including Intel’s Software Guard eXtensions (SGX) and Trust Domain Extensions (TDX) and AMD’s Secure Encrypted Virtualization with Secure … Read More “New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves – The Hacker News” »
US teen indicted for involvement in extremist “764” network, accused of child exploitation, animal cruelty, and cyberstalking, says the Justice Department. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns targeting Italy and Brazil to conduct device takeover (DTO) attacks. “Herodotus is designed to perform device takeover while making first attempts to mimic human behaviour and bypass behaviour biometrics detection,” ThreatFabric said in a report … Read More “New Android Trojan ‘Herodotus’ Outsmarts Anti-Fraud Systems by Typing Like a Human – The Hacker News” »
As AI browser agents enter the market promising to help people shop, hire employees or assist with other online tasks, security researchers are warning that the information these programs collect from the internet can be manipulated and corrupted without anyone ever realizing it. In new research shared exclusively with CyberScoop, AI cybersecurity firm SPLX highlighted … Read More “Exclusive: OpenAI’s Atlas browser — and others — can be tricked by manipulated web content – CyberScoop” »
A surge in fake investment platforms targeting cryptocurrency and forex markets has been driving a new wave of financial crime in Asia – Read More –
Threat actors tied to North Korea have been observed targeting the Web3 and blockchain sectors as part of twin campaigns tracked as GhostCall and GhostHire. According to Kaspersky, the campaigns are part of a broader operation called SnatchCrypto that has been underway since at least 2017. The activity is attributed to a Lazarus Group sub-cluster … Read More “Researchers Expose GhostCall and GhostHire: BlueNoroff’s New Malware Chains – The Hacker News” »
A zero-day flaw in Chrome has been exploited by Mem3nt0 mori in Operation ForumTroll as part of a targeted espionage campaign – Read More –
A new Python-based infostealer called RedTiger is targeting Discord gamers to steal authentication tokens, passwords, and payment information. Learn how the malware works, its evasion tactics, and essential security steps like enabling MFA. – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
In episode 74 of The AI Fix, we meet Amazon’s AI-powered delivery glasses, an AI TV presenter who doesn’t exist, and an Ohio lawmaker who wants to stop people from marrying their chatbot. Also, we learn how Geoffrey Hinton and Steve Wozniak have teamed up with the unlikely coupling of will.i.am and Steve Bannon to … Read More “The AI Fix #74: AGI, LLM brain rot, and how to scam an AI browser – Graham Cluley” »
Cyber-related economic sanctions can alter adversary behavior, forcing underground networks to distance themselves from named actors – Read More –
In cybersecurity, speed isn’t just a win — it’s a multiplier. The faster you learn about emerging threats, the faster you adapt your defenses, the less damage you suffer, and the more confidently your business keeps scaling. Early threat detection isn’t about preventing a breach someday: it’s about protecting the revenue you’re supposed to earn … Read More “Why Early Threat Detection Is a Must for Long-Term Business Growth – The Hacker News” »
ITRC report charts shocking rise of identity fraud victims driven to thoughts of self-harm – Read More –
As more of our communication and work move online, keeping large file transfers secure has become a serious… – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Mass exploitation attacks are once again targeting WordPress websites, this time through serious vulnerabilities in two popular plugins,… – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
The New Reality for Lean Security Teams If you’re the first security or IT hire at a fast-growing startup, you’ve likely inherited a mandate that’s both simple and maddeningly complex: secure the business without slowing it down. Most organizations using Google Workspace start with an environment built for collaboration, not resilience. Shared drives, permissive settings, … Read More “Is Your Google Workspace as Secure as You Think it is? – The Hacker News” »
Sysadmins are urged to patch WSUS vulnerability CVE-2025-59287 as soon as possible, with federal agencies required to update by November 14 – Read More –
The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from Italian information technology and services provider Memento Labs, according to new findings from Kaspersky. The vulnerability in question is CVE-2025-2783 (CVSS score: 8.3), a case of sandbox escape which the company disclosed in March 2025 … Read More “Chrome Zero-Day Exploited to Deliver Italian Memento Labs’ LeetAgent Spyware – The Hacker News” »
A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025. The activity “reveals a notable evolution in SideWinder’s TTPs, particularly the adoption of … Read More “SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats – The Hacker News” »
Serverless architectures have fundamentally altered the cybersecurity landscape, creating attack vectors that traditional security models cannot address. After… – Read More – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Attackers are actively exploiting a critical vulnerability in Windows Server Update Services, bypassing a patch Microsoft issued earlier this month that failed to mitigate the issue affecting software versions dating back to 2012. Microsoft released an emergency, out-of-band security update for CVE-2025-59287 on Thursday. Multiple research firms detected in-the-wild exploitation by Friday, yet Microsoft has … Read More “Attackers bypass patch in deprecated Windows Server update tool – CyberScoop” »
