Cybersecurity News from Across the Internet
Cybersecurity firm Sublime Security details a new credential phishing scam impersonating Google Careers to steal login details from Google Workspace and Microsoft 365 users. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
New York, USA, New York, 15th October 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
An Elasticsearch leak exposed 6 billion records from global data breaches and scraping sources, including banking and personal details tied to multiple regions. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
New York, USA, New York, 15th October 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
TLDR Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys. Synced passkeys inherit the risk of the cloud accounts and recovery processes that protect them, which creates material enterprise exposure. Adversary-in-the-middle (AiTM) kits can force authentication fallbacks that circumvent strong … Read More “How Attackers Bypass Synced Passkeys – The Hacker News” »
Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the Extended Security Updates (ESU) program. Of the 183 vulnerabilities, … Read More “Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped – The Hacker News” »
Microsoft has fixed over 170 CVEs in October’s Patch Tuesday, including six zero-day vulnerabilities – Read More –
Hackers stole personal information of 6.6m people but outsourcing firm did not shut device targeted for 58 hours The outsourcing company Capita has been fined £14m for data protection failings after hackers stole the personal information of 6.6 million people, including staff details and those of its clients’ customers. John Edwards, the UK information commissioner … Read More “Capita fined £14m for data protection failings in 2023 cyber-attack – Data and computer security | The Guardian” »
Outsourcing giant Capita has been fined £14m by the ICO after a major data breach in 2023 – Read More –
Investigations found that the network operates scam centers in Cambodia, Myanmar and across Southeast Asia – Read More –
Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-2611 (CVSS score: 9.3), relates to improper input validation that can result in unauthenticated remote code execution due to the fact that the call … Read More “Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access – The Hacker News” »
Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit (RTU) products that, if successfully exploited, could result in code execution with the highest privileges. The shortcomings, tracked as CVE-2023-40151 and CVE-2023-42770, are both rated 10.0 on the CVSS scoring system. “The vulnerabilities affect Red Lion SixTRAK and VersaTRAK – … Read More “Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control – The Hacker News” »
The Digital Personal Data Protection (DPDP) Act 2025 represents a necessary change in the data privacy of India, which… The post DPDP Act 2025: Key Compliance Challenges and How CryptoBind Solves Them appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization. “Due to a deserialization … Read More “New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login – The Hacker News” »
Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least two vulnerabilities that are already being actively exploited. October’s Patch Tuesday also marks the final month that Microsoft will ship security updates for Windows 10 systems. If you’re running a Windows 10 PC and you’re … Read More “Patch Tuesday, October 2025 ‘End of 10’ Edition – Krebs on Security” »
Rep. Eric Swalwell, D-Calif., sent a letter Tuesday to acting CISA Director Madhu Gottumukkala raising concerns about staffing levels and the direction of the nation’s primary cybersecurity agency, writing that the “Trump Administration has undertaken multiple efforts to decimate CISA’s workforce, undermining our nation’s cybersecurity.” Swalwell, the ranking member on the House Homeland Security Subcommittee … Read More “Swalwell seeks answers from CISA on workforce cuts – CyberScoop” »
How much private and sensitive data can you get by pointing $600 worth of satellite equipment at the sky? Quite a bit, it turns out. Researchers from the University of Maryland and the University of California, San Diego say they were able to intercept sensitive data from the U.S. military, telecommunications firms, major businesses and … Read More “Researchers find a startlingly cheap way to steal your secrets from space – CyberScoop” »
Microsoft addressed 175 vulnerabilities affecting its core products and underlying systems, including two actively exploited zero-days, the company said in its latest security update. It’s the largest assortment of defects disclosed by the tech giant this year. The zero-day vulnerabilities — CVE-2025-24990 affecting Agere Windows Modem Driver and CVE-2025-59230 affecting Windows Remote Access Connection Manager … Read More “Microsoft’s Patch Tuesday fixes 175 vulnerabilities, including two actively exploited zero-days – CyberScoop” »
I’m currently in Cork, Ireland as we prepare for Pwn2Own Ireland, but that doesn’t stop patch Tuesday from coming. Take a break from your scheduled activities and let’s take a look at the latest security offerings from Adobe and Microsoft. If you’d rather watch the full video recap covering the entire release, you can check … Read More “The October 2025 Security Update Review – Zero Day Initiative – Blog” »
Federal authorities seized 127,271 Bitcoin, valued at approximately $15 billion, from Chen Zhi, the alleged leader of a sprawling cybercrime network based in Cambodia, the Justice Department said Tuesday. Officials said it’s the largest financial seizure on record. “Today’s action represents one of the most significant strikes ever against the global scourge of human trafficking … Read More “Officials crack down on Southeast Asia cybercrime networks, seize $15B – CyberScoop” »
Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year. The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon, which is also tracked as Ethereal Panda and RedJuliett. According … Read More “Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year – The Hacker News” »
LevelBlue announced Tuesday it has signed a definitive agreement to acquire Cybereason, a Boston-based cybersecurity firm specializing in extended detection and response platforms and digital forensics. Dallas-based LevelBlue, a managed security services provider formerly known as AT&T Cybersecurity, will fold Cyberreason’s extended detection and response (XDR) platform, threat intelligence team, and digital forensics and incident … Read More “LevelBlue to acquire Cybereason in latest cybersecurity industry consolidation – CyberScoop” »
Legacy Windows protocols are still exposing organizations to credential theft, Resecurity found – Read More –
A newly identified cybercrime group TA585 is running an advanced cyber operation distributing MonsterV2 malware – Read More –
In a joint warning letter, UK ministers urged FTSE 350 CEOs to bolster cyber defenses – Read More –
Modern software engineering faces growing complexity across codebases, environments, and workflows. Traditional tools, although effective, rely heavily on… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Tel Aviv, Israel, 14th October 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Torrance, United States, 14th October 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Microsoft restricted access to Edge’s IE Mode in August 2025 after hackers used a Chakra zero-day flaw to bypass security and take over user devices. Check out the new steps for enabling IE Mode. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Spanish Guardia Civil and Group-IB arrest ‘GoogleXcoder,’ the 25-year-old Brazilian mastermind of the GXC Team, for selling AI-powered phishing kits and malware used to steal millions from banks across the US, UK, Spain, and Brazil. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your systems behave. AI is significantly accelerating reconnaissance and … Read More “What AI Reveals About Web Applications— and Why It Matters – The Hacker News” »
Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users’ knowledge pixel-by-pixel. The attack has been codenamed Pixnapping by a group of academics from the University of California (Berkeley), University … Read More “New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions – The Hacker News” »
Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing guarantees provided by Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). The attack, per ETH Zürich researchers Benedict Schlüter and Shweta Shinde, exploits AMD’s incomplete protections that make it possible to perform a single memory … Read More “RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing – The Hacker News” »
Every October brings a familiar rhythm – pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and checklists in my inbox. Halloween may be just around the corner, yet for those of us in cybersecurity, Security Awareness Month is the true seasonal milestone. Make no mistake, as a security professional, I love … Read More “Moving Beyond Awareness: How Threat Hunting Builds Readiness – The Hacker News” »
By Derek B. Johnson For more than a year, hackers from a Chinese state-backed espionage group maintained backdoor access to a popular software mapping tool by turning one of its own features into a webshell, according to new research from ReliaQuest. In a report published Tuesday, researchers said that Flax Typhoon — a group that … Read More “Flax Typhoon can turn your own software against you – CyberScoop” »
Every October brings a familiar rhythm – pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and checklists in my inbox. Halloween may be just around the corner, yet for those of us in cybersecurity, Security Awareness Month is the true seasonal milestone. Make no mistake, as a security professional, I love … Read More “Moving Beyond Awareness: How Threat Hunting Builds Readiness – The Hacker News” »
ReliaQuest report reveals Flax Typhoon attackers maintained year-long access to an ArcGIS system – Read More –
In the digitalized, hyper connected economy that the modern world has become, cybersecurity is no longer a back office… The post The Business Case for Investing in Cybersecurity is Now appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Astaroth banking trojan has evolved to use GitHub and steganography for resilient C2, hiding its vital commands in images. Learn how this sophisticated malware employs fileless techniques to steal banking and crypto credentials from users across Latin America. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Cybersecurity today is defined by complexity. Threats evolve in real time, driven by AI-generated malware, autonomous reconnaissance, and adversaries capable of pivoting faster than ever. In a recent survey by DarkTrace of more than 1,500 cybersecurity professionals worldwide, nearly 74% said AI-powered threats are a major challenge for their organization, and 90% expect these threats … Read More “Red, Blue, and Now AI: Rethinking Cybersecurity Training for the 2026 Threat Landscape – CyberScoop” »
A new EY report claims unmanaged AI risk is causing millions of pounds’ worth of losses for UK organizations – Read More –
The UK cybersecurity agency reported 204 cyber incidents of “national significance” between September 2024 and August 2025 – an all-time high – Read More –
Luxembourg, Luxembourg, 14th October 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2) channel to transmit stolen data to actor-controlled webhooks. Webhooks on Discord are a way to post messages to channels in the platform without requiring a bot user or authentication, making them an attractive mechanism for … Read More “npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels – The Hacker News” »
Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns. The Proofpoint Threat Research Team described the threat activity cluster as sophisticated, leveraging web injections and filtering checks as part of its attack chains. “TA585 is notable because it … Read More “Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain – The Hacker News” »
Posted by SBA Research Security Advisory via Fulldisclosure on Oct 13 # Checkmk Agent Privilege Escalation via Insecure Temporary Files # Link: https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250724-01_Checkmk_Agent_Privilege_Escalation_via_Insecure_Temporary_Files ## Vulnerability Overview ## The `win_license` plugin as included in Checkmk agent for Windows versions before 2.4.0p13, 2.3.0p38 and 2.2.0p46, as well as since version 2.1.0b2 and 2.0.0p28 allows low privileged … Read More “[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files – Full Disclosure” »
Posted by SBA Research Security Advisory via Fulldisclosure on Oct 13 # Checkmk Path Traversal # Link: https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250730-01_Checkmk_Path_Traversal ## Vulnerability Overview ## Checkmk in versions before 2.4.0p13, 2.3.0p38 and 2.2.0p46, as well as since version 2.1.0b1 is prone to a path traversal vulnerability in the report scheduler. Due to an insufficient validation of a … Read More “[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal – Full Disclosure” »
Posted by Christopher Dickinson via Fulldisclosure on Oct 13 Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com CVE Identifiers * CVE-2025-[PENDING] – Excessive Data Exposure / JWT Token Leakage * CVE-2025-[PENDING] – Broken Object Level Authorization (IDOR) * CVE-2025-[PENDING] – Unrestricted Resource Consumption (DoS) Executive Summary This security advisory details three significant vulnerabilities discovered in … Read More “Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS) – Full Disclosure” »
Fortra, in its most forceful admission yet, confirmed a maximum-severity defect it disclosed in GoAnywhere MFT has been actively exploited in attacks, yet researchers are still pressing the vendor to be more forthcoming about how attackers obtained a private key required to achieve exploitation. The vendor published a summary of its investigation into CVE-2025-10035 Thursday, … Read More “Fortra cops to exploitation of GoAnywhere file-transfer service defect – CyberScoop” »
![[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files – Full Disclosure](https://attackfeed.com/wp-content/uploads/2025/10/fulldisclosure-img-jHF09M.webp "[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files")
![[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal – Full Disclosure](https://attackfeed.com/wp-content/uploads/2025/10/fulldisclosure-img-25dUPN.webp "[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal")
