I added hover over text, it messed up some of the formatting. But whatever, I gotta go write my TPS report.<h2>Krebs on Security</h2><h2>Dark Reading</h2><h2>The Hacker News [ THN ] - Best Security Blog</h2>2025-10-20 - <a href="https://thehackernews.com/2025/10/mss-claims-nsa-used-42-cyber-tools-in.html" title="China on Sunday accused the U.S. National Security Agency (NSA) of carrying out a "premeditated" cyber attack targeting the National Time Service Center (NTSC), as it described the U.S. as a "hacker empire" and the "greatest source of chaos in cyberspace."
The Ministry of State Security (MSS), in a WeChat post, said it uncovered "irrefutable evidence" of the agency's involvement in the intrusion">MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems</a><br>2025-10-19 - <a href="https://thehackernews.com/2025/10/europol-dismantles-sim-farm-network.html" title="Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes ranging from phishing to investment fraud.
The coordinated law enforcement effort, dubbed Operation SIMCARTEL, saw 26 searches carried out, resulting in the arrest of seven suspects and the seizure of">Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide</a><br>2025-10-18 - <a href="https://thehackernews.com/2025/10/new-net-capi-backdoor-targets-russian.html" title="Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor.
According to Seqrite Labs, the attack chain involves distributing phishing emails containing a ZIP archive as a way to trigger the infection. The cybersecurity company's analysis is based on the ZIP">New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs</a><br>2025-10-18 - <a href="https://thehackernews.com/2025/10/silver-fox-expands-winos-40-attacks-to.html" title="The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access trojan (RAT) tracked as HoldingHands RAT (aka Gh0stBins).
"The campaign relied on phishing emails with PDFs that contained embedded malicious links," Pei Han Liao, researcher with Fortinet's FortiGuard">Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT</a><br>2025-10-17 - <a href="https://thehackernews.com/2025/10/north-korean-hackers-combine-beavertail.html" title="The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs, indicating that the hacking group is actively refining its toolset.
That's according to new findings from Cisco Talos, which said recent campaigns undertaken by the hacking group have seen the functions of BeaverTail and OtterCookie coming">North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware</a><br>2025-10-17 - <a href="https://thehackernews.com/2025/10/identity-security-your-first-and-last.html" title="The danger isn’t that AI agents have bad days — it’s that they never do. They execute faithfully, even when what they’re executing is a mistake. A single misstep in logic or access can turn flawless automation into a flawless catastrophe.
This isn't some dystopian fantasy—it's Tuesday at the office now. We've entered a new phase where autonomous AI agents act with serious system privileges. They">Identity Security: Your First and Last Line of Defense</a><br>2025-10-17 - <a href="https://thehackernews.com/2025/10/researchers-uncover-watchguard-vpn-bug.html" title="Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow unauthenticated attackers to execute arbitrary code.
The vulnerability, tracked as CVE-2025-9242 (CVSS score: 9.3), is described as an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including">Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices</a><br>2025-10-17 - <a href="https://thehackernews.com/2025/10/microsoft-revokes-200-fraudulent.html" title="Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks.
The certificates were "used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware," the Microsoft Threat Intelligence team said in a post shared on X.
The tech">Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign</a><br>2025-10-16 - <a href="https://thehackernews.com/2025/10/north-korean-hackers-use-etherhiding-to.html" title="A threat actor with ties to the Democratic People's Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method.
The activity has been attributed by Google Threat Intelligence Group (GTIG) to a threat cluster it tracks as UNC5342,">North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts</a><br>2025-10-16 - <a href="https://thehackernews.com/2025/10/hackers-abuse-blockchain-smart.html" title="A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers, such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems.
"UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique used">Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites</a><br>2025-10-16 - <a href="https://thehackernews.com/2025/10/linkpro-linux-rootkit-uses-ebpf-to-hide.html" title="An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv.
"This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the other hand to be remotely">LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets</a><br>2025-10-16 - <a href="https://thehackernews.com/2025/10/architectures-risks-and-adoption-how-to.html" title="Scaling the SOC with AI - Why now?&nbsp;
Security Operations Centers (SOCs) are under unprecedented pressure. According to SACR’s AI-SOC Market Landscape 2025, the average organization now faces around 960 alerts per day, while large enterprises manage more than 3,000 alerts daily from an average of 28 different tools. Nearly 40% of those alerts go uninvestigated, and 61% of security teams admit">Architectures, Risks, and Adoption: How to Assess and Choose the Right AI-SOC Platform</a><br>2025-10-16 - <a href="https://thehackernews.com/2025/10/hackers-deploy-linux-rootkits-via-cisco.html" title="Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on older, unprotected systems.
The activity, codenamed Operation Zero Disco by Trend Micro, involves the weaponization of CVE-2025-20352 (CVSS score: 7.7), a stack overflow vulnerability in the Simple">Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in 'Zero Disco' Attacks</a><br>2025-10-16 - <a href="https://thehackernews.com/2025/10/beware-hidden-costs-of-pen-testing.html" title="Penetration testing helps organizations ensure IT systems are secure, but it should never be treated in a one-size-fits-all approach. Traditional approaches can be rigid and cost your organization time and money – while producing inferior results.&nbsp;
The benefits of pen testing are clear. By empowering “white hat” hackers to attempt to breach your system using similar tools and techniques to">Beware the Hidden Costs of Pen Testing</a><br>2025-10-16 - <a href="https://thehackernews.com/2025/10/threatsday-bulletin-15b-crypto-bust.html" title="The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it’s become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive.
Hackers don’t always break systems anymore — they use them. They hide inside trusted apps, copy real websites, and trick people into giving up control">ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More</a><br>2025-10-16 - <a href="https://thehackernews.com/2025/10/cisa-flags-adobe-aem-flaw-with-perfect.html" title="The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-54253 (CVSS score: 10.0), a maximum-severity misconfiguration bug that could result in arbitrary code execution.">CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack</a><br><h2>Schneier on Security</h2>2025-10-16 - <a href="https://www.schneier.com/blog/archives/2025/10/friday-squid-blogging-squid-inks-philippines-fisherman.html" title="<p>Good <a href="https://www.foxweather.com/earth-space/philippines-fisherman-face-full-squid-ink">video</a>.</p>
<p>As usual, you can also use this squid post to talk about the security stories in the news that I haven&#8217;t covered.</p>
<p><a href="https://www.schneier.com/blog/archives/2024/06/new-blog-moderation-policy.html">Blog moderation policy.</a></p>">Friday Squid Blogging: Squid Inks Philippines Fisherman</a><br>2025-10-16 - <a href="https://www.schneier.com/blog/archives/2025/10/a-surprising-amount-of-satellite-traffic-is-unencrypted.html" title="<p>Here&#8217;s the <a href="https://satcom.sysnet.ucsd.edu/">summary</a>:</p>
<blockquote><p>We pointed a commercial-off-the-shelf satellite dish at the sky and carried out the most comprehensive public study to date of geostationary satellite communication. A shockingly large amount of sensitive traffic is being broadcast unencrypted, including critical infrastructure, internal corporate and government communications, private citizens&#8217; voice calls and SMS, and consumer Internet traffic from in-flight wifi and mobile networks. This data can be passively observed by anyone with a few hundred dollars of consumer-grade hardware. There are thousands of geostationary satellite transponders globally, and data from a single transponder may be visible from an area as large as 40% of the surface of the earth...</p></blockquote>">A Surprising Amount of Satellite Traffic Is Unencrypted</a><br><h2>ThreatPost</h2><h2>Sydney Morning Herald</h2><h2>New York Times</h2>2025-10-17 - <a href="https://www.nytimes.com/2025/10/17/us/benioff-apologizes-san-francisco.html" title="Marc Benioff, the chief executive of Salesforce, said he no longer believed that National Guard troops were needed in the city.">Benioff Apologizes for Saying Trump Should Send Troops to San Francisco</a><br>2025-10-17 - <a href="https://www.nytimes.com/2025/10/17/technology/instagram-teen-safety-features-ai-chatbots.html" title="Instagram is introducing parental controls and limits to conversations on topics like self-harm as concerns grow over how A.I. chatbots affect mental health.">Instagram Unveils Teen Safety Features for A.I. Chatbots</a><br>2025-10-16 - <a href="https://www.nytimes.com/2025/10/16/technology/san-francisco-rent-ai-boom.html" title="The artificial intelligence gold rush has pushed San Francisco’s residential rents up by the most in the nation, as A.I. companies lease apartments and offer rent stipends to employees.">Renting a San Francisco Apartment in the A.I. Boom? Good Luck.</a><br>2025-10-17 - <a href="https://www.nytimes.com/2025/10/17/podcasts/california-regulates-ai-companions-openai-investigates-its-critics-the-hard-fork-review-of-slop.html" title="Could this be a blueprint for the nation?">California Regulates A.I. Companions + OpenAI Investigates Its Critics + The Hard Fork Review of Slop</a><br>2025-10-18 - <a href="https://www.nytimes.com/2025/10/18/magazine/jimmy-wales-interview.html" title="Attacks on the site are piling up. Its co-founder says trust the process.">The Culture Wars Came for Wikipedia. Jimmy Wales Is Staying the Course.</a><br>2025-10-18 - <a href="https://www.nytimes.com/2025/10/18/arts/design/artificial-intelligence-art-museums.html" title="While some art institutions are eagerly engaging artificial intelligence, others are less enthusiastic.">Does A.I. Count as Art? Ask the Curators</a><br>2025-10-17 - <a href="https://www.nytimes.com/2025/10/17/business/boeing-737-max-faa.html" title="The Federal Aviation Administration raised a production limit that the regulator had imposed after a door panel blew off a plane during a flight last year.">Boeing Is Allowed to Increase 737 Max Plane Production, FAA Says</a><br>2025-10-17 - <a href="https://www.nytimes.com/2025/10/17/science/starfront-observatories-remote-astronomy.html" title="Starfront Observatories allows amateur astronomers to rent a spot for their telescopes and photograph the cosmos over a high-speed data connection.">An Army of Robot Telescopes in Texas Makes the Stars Feel Closer Than Ever</a><br>2025-10-16 - <a href="https://www.nytimes.com/2025/10/16/business/economy/china-rare-earths-supply-chain.html" title="Beijing’s latest effort to weaponize global supply chains is modeled on the American technology controls that it has long criticized.">China’s Rare Earth Restrictions Aim to Beat U.S. at Its Own Game</a><br>2025-10-19 - <a href="https://www.nytimes.com/2025/10/13/technology/openai-broadcom-chips-deal.html" title="After signing multibillion-dollar agreements to use chips from Nvidia and AMD, OpenAI plans to deploy its own designs next year.">OpenAI Inks Deal With Broadcom to Design Its Own Chips for A.I.</a><br><h2>Wall Street Journal</h2><h2>BBC</h2>2025-10-20 - <a href="https://www.bbc.com/news/articles/c62e9v762pqo?at_medium=RSS&at_campaign=rss" title="Campaigners say at least 133 people have died in the UK after being exposed to a toxic substance promoted by online forums.">Bereaved families call for inquiry into government response to suicide websites</a><br>2025-10-17 - <a href="https://www.bbc.com/news/articles/c5y0g79xevxo?at_medium=RSS&at_campaign=rss" title="The intervention has not stopped Sora users generating and sharing fake clips of other historical figures.">OpenAI stops 'disrespectful' Martin Luther King Jr deepfakes</a><br>2025-10-16 - <a href="https://www.bbc.com/news/articles/cn7emv83edjo?at_medium=RSS&at_campaign=rss" title="The streaming service says it will respect artists' rights in creating new "responsible" AI products.">Spotify working on AI music tools with major record labels</a><br>2025-10-17 - <a href="https://www.bbc.com/news/articles/cx24d4xjzj3o?at_medium=RSS&at_campaign=rss" title="Typically a shopping event that begins on 11 November - Singles Day has kicked off earlier this year.">China's biggest shopping event starts five weeks early to revive spending</a><br>2025-10-16 - <a href="https://www.bbc.com/news/articles/c77zxx43x4vo?at_medium=RSS&at_campaign=rss" title="The volume of tap water used by Scotland's data centres has quadrupled since 2021, figures show.">Scottish data centres powering AI already using enough water to fill 27 million bottles a year</a><br>2025-10-16 - <a href="https://www.bbc.com/news/articles/ce3xz607dpro?at_medium=RSS&at_campaign=rss" title="Boris Johnson's ex-Downing Street aide says Beijing obtained "vast amounts" of "secret" data.">Cabinet Office rejects Cummings' China breach claim</a><br>2025-10-16 - <a href="https://www.bbc.com/news/articles/c2dn5gxxgz1o?at_medium=RSS&at_campaign=rss" title="Companies are offering tech they say can accurately test the health of batteries in used EVs.">How good is the battery in a used electric vehicle?</a><br>2025-10-16 - <a href="https://www.bbc.com/news/articles/cqjevxvxw9xo?at_medium=RSS&at_campaign=rss" title="Smaller Indian towns are becoming centres for training and correcting artificial intelligence models.">Why AI is being trained in rural India</a><br><h2>SecurityBrief AU</h2>2025-10-20 - <a href="https://securitybrief.com.au/story/ai-set-to-boost-australia-s-economy-by-up-to-aud-142-billion" title="AI could boost Australia's economy by up to AUD $142 billion annually by 2030, driving productivity, wage growth, and small business benefits, a new report finds.">AI set to boost Australia’s economy by up to AUD $142 billion</a><br>2025-10-20 - <a href="https://securitybrief.com.au/story/australian-smbs-miss-growth-by-skipping-branded-merchandise" title="Despite 74% of Australian SMBs recognising branded merchandise boosts credibility, 55% still do not use it to enhance their business image.">Australian SMBs miss growth by skipping branded merchandise</a><br>2025-10-20 - <a href="https://securitybrief.com.au/story/droneshield-posts-record-revenue-positive-cash-flow-on-saas-growth" title="DroneShield posts record AUD $92.9 million quarterly revenue, up 1,091%, driven by SaaS growth and new product launches, with positive operating cash flow.">DroneShield posts record revenue & positive cash flow on SaaS growth</a><br>2025-10-20 - <a href="https://securitybrief.com.au/story/droneshield-appoints-angus-harris-as-cto-and-angus-bean-as-cpo" title="DroneShield appoints Angus Harris as CTO and Angus Bean as CPO to lead engineering amid rising global demand in defence.">DroneShield appoints Angus Harris as CTO and Angus Bean as CPO</a><br>2025-10-20 - <a href="https://securitybrief.com.au/story/why-better-data-management-is-the-key-to-exceptional-customer-experience" title="Customer experience excellence hinges on robust data management, as Australian firms invest in AI and analytics to meet soaring consumer expectations.">Why better data management is the key to exceptional customer experience</a><br>2025-10-20 - <a href="https://securitybrief.com.au/story/why-quantum-threats-demand-our-attention-this-cybersecurity-month" title="As Cybersecurity Awareness Month highlights current risks, experts warn we must urgently prepare for quantum computing's looming threat to encryption security.">Why quantum threats demand our attention this Cybersecurity Month</a><br>2025-10-18 - <a href="https://securitybrief.com.au/story/ai-powered-phishing-threats-outpace-business-defences-soc-teams" title="Generative AI boosts phishing and smishing attacks, forcing businesses to rethink security as AI-driven threats outpace traditional defences and SOC teams.">AI-powered phishing threats outpace business defences & SOC teams</a><br>2025-10-17 - <a href="https://securitybrief.com.au/story/trend-vision-one-tops-forrester-ranking-for-network-security-tools" title="Trend Micro's Trend Vision One leads Forrester's Network Analysis and Visibility ranking, excelling in threat detection and compliance monitoring.">Trend Vision One tops Forrester ranking for network security tools</a><br>2025-10-17 - <a href="https://securitybrief.com.au/story/graylog-named-in-2025-gartner-magic-quadrant-for-siem-tools" title="Graylog has been recognised in the 2025 Gartner Magic Quadrant for SIEM, marking a milestone two years after launching its security platform for enterprises.">Graylog named in 2025 Gartner Magic Quadrant for SIEM tools</a><br>2025-10-17 - <a href="https://securitybrief.com.au/story/securonix-named-siem-leader-for-sixth-year-in-2025-gartner-report" title="Securonix has been named a Leader for the sixth consecutive year in Gartner's 2025 Magic Quadrant for SIEM, praised for its AI-driven security solutions.">Securonix named SIEM Leader for sixth year in 2025 Gartner report</a><br><h2>ITNews AU</h2>2025-10-20 - <a href="https://www.itnews.com.au/news/microsoft-breaks-windows-11-recovery-environment-in-october-update-621136?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Fix promised over the next few days.">Microsoft breaks Windows 11 Recovery Environment in October update</a><br>2025-10-20 - <a href="https://www.itnews.com.au/news/us-court-orders-spyware-company-nso-to-stop-targeting-whatsapp-621135?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Could put it out of business.">US court orders spyware company NSO to stop targeting WhatsApp</a><br>2025-10-20 - <a href="https://www.itnews.com.au/news/australias-new-cyber-affairs-ambassador-sourced-from-asd-621128?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="To steer international cyber security strategy engagement.">Australia's new cyber affairs ambassador sourced from ASD</a><br>2025-10-20 - <a href="https://www.itnews.com.au/news/vocus-isp-dodos-email-system-breached-on-friday-621134?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Some customers then impacted by SIM swapping.&#160;">Vocus ISP Dodo's email system breached on Friday</a><br>2025-10-17 - <a href="https://www.itnews.com.au/news/microsoft-pulls-certs-for-fake-teams-installers-dropping-ransomware-621094?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="In early October this year.">Microsoft pulls certs for fake Teams installers dropping ransomware</a><br>2025-10-16 - <a href="https://www.itnews.com.au/news/china-linked-flax-typhoon-tweaked-arcgis-plugin-to-act-as-stealthy-backdoor-621055?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Avoids use of obvious malware.">China-linked Flax Typhoon tweaked ArcGIS plugin to act as stealthy backdoor</a><br>2025-10-16 - <a href="https://www.itnews.com.au/news/austrade-to-replace-its-data-centre-core-network-621042?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Implementation targeted for mid-to-late 2026.">Austrade to replace its data centre core network</a><br>2025-10-16 - <a href="https://www.itnews.com.au/news/hackers-using-f5-devices-to-target-us-gov-networks-621052?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Affiliated with an unidentified nation-state.">Hackers using F5 devices to target US gov networks</a><br><h2>BleepingComputer</h2>2025-10-19 - <a href="https://www.bleepingcomputer.com/news/security/tiktok-videos-continue-to-push-infostealers-in-clickfix-attacks/" title="Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, and Netflix to spread information-stealing malware. [...]">TikTok videos continue to push infostealers in ClickFix attacks</a><br>2025-10-19 - <a href="https://www.bleepingcomputer.com/news/legal/experian-fined-32-million-for-mass-collecting-personal-data/" title="Experian Netherlands has been fined EUR 2.7 million ($3.2 million) for multiple violations of the General Data Protection Regulation (GDPR) [...]">Experian fined $3.2 million for mass-collecting personal data</a><br>2025-10-18 - <a href="https://www.bleepingcomputer.com/news/artificial-intelligence/openai-confirms-gpt-6-is-not-shipping-in-2025/" title="OpenAI is not planning to ship GPT-6 this year, but that doesn't necessarily mean the company will not release new models. [...]">OpenAI confirms GPT-6 is not shipping in 2025</a><br>2025-10-18 - <a href="https://www.bleepingcomputer.com/news/security/google-ads-for-fake-homebrew-logmein-sites-push-infostealers/" title="A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey. [...]">Google ads for fake Homebrew, LogMeIn sites push infostealers</a><br>2025-10-17 - <a href="https://www.bleepingcomputer.com/news/security/connectwise-fixes-automate-bug-allowing-aitm-update-attacks/" title="ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate product that could expose sensitive communications to interception and modification. [...]">ConnectWise fixes Automate bug allowing AiTM update attacks</a><br>2025-10-17 - <a href="https://www.bleepingcomputer.com/news/security/american-airlines-subsidiary-envoy-confirms-oracle-data-theft-attack/" title="Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion gang listed American Airlines on its data leak site. [...]">American Airlines subsidiary Envoy confirms Oracle data theft attack</a><br>2025-10-17 - <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-more-safeguard-holds-blocking-windows-11-updates/" title="Microsoft has removed two more compatibility holds preventing customers from installing Windows 11 24H2 via Windows Update. [...]">Microsoft lifts more safeguard holds blocking Windows 11 updates</a><br>2025-10-17 - <a href="https://www.bleepingcomputer.com/news/security/europol-dismantles-sim-box-operation-renting-numbers-for-cybercrime/" title="European law enforcement in an operation codenamed 'SIMCARTEL' has dismantled an illegal SIM-box service that enabled more than 3,200 fraud cases and caused at least 4.5 million euros in losses. [...]">Europol dismantles SIM box operation renting numbers for cybercrime</a><br>2025-10-17 - <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-highest-severity-aspnet-core-flaw-ever/" title="Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. [...]">Microsoft fixes highest-severity ASP.NET Core flaw ever</a><br>2025-10-17 - <a href="https://www.bleepingcomputer.com/news/security/vmware-certification-your-next-career-power-move/" title="VMware certification isn't just about passing exams — it's about mastering systems, proving expertise, and your career. Gain hands-on labs, discounts, and mentorship with VMUG Advantage to reach your next goal faster. [...]">VMware Certification: Your Next Career Power Move</a><br>2025-10-17 - <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-bug-breaking-localhost-http-connections/" title="Microsoft has fixed a known issue breaking HTTP/2 localhost (127.0.0.1) connections and IIS websites after installing recent Windows security updates. [...]">Microsoft fixes Windows bug breaking localhost HTTP connections</a><br>2025-10-17 - <a href="https://www.bleepingcomputer.com/news/security/over-266-000-f5-big-ip-instances-exposed-to-remote-attacks/" title="Internet security nonprofit Shadowserver Foundation has found more than 266,000 F5 BIG-IP instances exposed online after the security breach disclosed by cybersecurity company F5 this week. [...]">Over 266,000 F5 BIG-IP instances exposed to remote attacks</a><br><h2>/r/NetSec</h2>2025-10-19 - <a href="https://www.reddit.com/r/netsec/comments/1oaq5nx/defenderwrite_abusing_whitelisted_programs_for/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/Cold-Dinosaur"> /u/Cold-Dinosaur </a> <br /> <span><a href="https://www.zerosalarium.com/2025/10/defenderwrite-abusing-whitelisted-programs-arbitrary-write.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1oaq5nx/defenderwrite_abusing_whitelisted_programs_for/">[comments]</a></span>">DefenderWrite: Abusing Whitelisted Programs for Arbitrary Writes into Antivirus's Operating Folder</a><br>2025-10-17 - <a href="https://www.reddit.com/r/netsec/comments/1o8uj8c/how_i_reversed_amazons_kindle_web_obfuscation/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/AlmondOffSec"> /u/AlmondOffSec </a> <br /> <span><a href="https://blog.pixelmelt.dev/kindle-web-drm/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1o8uj8c/how_i_reversed_amazons_kindle_web_obfuscation/">[comments]</a></span>">How I Reversed Amazon's Kindle Web Obfuscation Because Their App Sucked</a><br>2025-10-18 - <a href="https://www.reddit.com/r/netsec/comments/1o9v6il/macos_shortcuts_for_initial_access/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/SkyFallRobin"> /u/SkyFallRobin </a> <br /> <span><a href="https://medium.com/@dhiraj_mishra/macos-shortcuts-for-initial-access-c43ce7cf0e0c">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1o9v6il/macos_shortcuts_for_initial_access/">[comments]</a></span>">macOS Shortcuts for Initial Access</a><br>2025-10-16 - <a href="https://www.reddit.com/r/netsec/comments/1o8hugc/exploiting_browser_cache_smuggling_with_com/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/not_wet_now"> /u/not_wet_now </a> <br /> <span><a href="https://medium.com/@danemeth90/revisiting-browser-cache-smuggling-1a8ab374d55e">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1o8hugc/exploiting_browser_cache_smuggling_with_com/">[comments]</a></span>">Exploiting browser cache smuggling with COM Hijacking and steganography</a><br>2025-10-16 - <a href="https://www.reddit.com/r/netsec/comments/1o826c9/yikes_watchguard_fireware_os_ikev2_outofbounds/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/dx7r__"> /u/dx7r__ </a> <br /> <span><a href="https://labs.watchtowr.com/yikes-watchguard-fireware-os-ikev2-out-of-bounds-write-cve-2025-9242/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1o826c9/yikes_watchguard_fireware_os_ikev2_outofbounds/">[comments]</a></span>">yIKEs (WatchGuard Fireware OS IKEv2 Out-of-Bounds Write CVE-2025-9242) - watchTowr Labs</a><br><h2>/r/InfoSecNews</h2>2025-10-19 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ob51dd/experian_fined_32_million_for_masscollecting/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ob51dd/experian_fined_32_million_for_masscollecting/"> <img alt="Experian fined $3.2 million for mass-collecting personal data" src="https://external-preview.redd.it/AU8_utvi-5vJUzUU-WW-6aLoacFSouT5E2fWswFTIjI.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=5fbd08eeed076e006b0671809f72971a310c2fb8" title="Experian fined $3.2 million for mass-collecting personal data" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/legal/experian-fined-32-million-for-mass-collecting-personal-data/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ob51dd/experian_fined_32_million_for_masscollecting/">[comments]</a></span> </td></tr></table>">Experian fined $3.2 million for mass-collecting personal data</a><br>2025-10-18 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1oa7hvw/from_airport_chaos_to_cyber_intrigue_everest_gang/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1oa7hvw/from_airport_chaos_to_cyber_intrigue_everest_gang/"> <img alt="From Airport chaos to cyber intrigue: Everest Gang takes credit for Collins Aerospace breach - Security Affairs" src="https://external-preview.redd.it/yGiIskKlvgH-fN1-SgZklSqSoOt4Sacz5V32CKceqQo.png?width=320&amp;crop=smart&amp;auto=webp&amp;s=c8023783e42f71211bbe411864827a1a60d31adb" title="From Airport chaos to cyber intrigue: Everest Gang takes credit for Collins Aerospace breach - Security Affairs" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityaffairs.com/183567/cyber-crime/from-airport-chaos-to-cyber-intrigue-everest-gang-takes-credit-for-collins-aerospace-breach.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1oa7hvw/from_airport_chaos_to_cyber_intrigue_everest_gang/">[comments]</a></span> </td></tr></table>">From Airport chaos to cyber intrigue: Everest Gang takes credit for Collins Aerospace breach - Security Affairs</a><br>2025-10-18 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1oa7h9k/winos_40_hackers_expand_to_japan_and_malaysia/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1oa7h9k/winos_40_hackers_expand_to_japan_and_malaysia/"> <img alt="Winos 4.0 hackers expand to Japan and Malaysia with new malware" src="https://external-preview.redd.it/hKXyjcgNvqmusm3tMk7ceOLsK0WRBV6_elwPvwIQfts.png?width=640&amp;crop=smart&amp;auto=webp&amp;s=0e7434db6e8ba852434c4173b8036d91fc4999fa" title="Winos 4.0 hackers expand to Japan and Malaysia with new malware" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityaffairs.com/183580/security/winos-4-0-hackers-expand-to-japan-and-malaysia-with-new-malware.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1oa7h9k/winos_40_hackers_expand_to_japan_and_malaysia/">[comments]</a></span> </td></tr></table>">Winos 4.0 hackers expand to Japan and Malaysia with new malware</a><br>2025-10-18 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o9sizr/connectwise_fixes_automate_bug_allowing_aitm/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o9sizr/connectwise_fixes_automate_bug_allowing_aitm/"> <img alt="ConnectWise fixes Automate bug allowing AiTM update attacks" src="https://external-preview.redd.it/BtvzZUjLDiSX4rSn8soLBJKR7VWl5B0kaCoEzf2rem0.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=2b5e100579fc2ec70d595efd3dd34b3b15b57f3b" title="ConnectWise fixes Automate bug allowing AiTM update attacks" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/connectwise-fixes-automate-bug-allowing-aitm-update-attacks/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o9sizr/connectwise_fixes_automate_bug_allowing_aitm/">[comments]</a></span> </td></tr></table>">ConnectWise fixes Automate bug allowing AiTM update attacks</a><br>2025-10-18 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o9sih6/silver_fox_expands_winos_40_attacks_to_japan_and/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://thehackernews.com/2025/10/silver-fox-expands-winos-40-attacks-to.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o9sih6/silver_fox_expands_winos_40_attacks_to_japan_and/">[comments]</a></span>">Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT</a><br>2025-10-18 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o9wlyj/new_net_capi_backdoor_targets_russian_auto_and/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://thehackernews.com/2025/10/new-net-capi-backdoor-targets-russian.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o9wlyj/new_net_capi_backdoor_targets_russian_auto_and/">[comments]</a></span>">New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs</a><br>2025-10-18 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o9sjaj/american_airlines_subsidiary_envoy_confirms/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o9sjaj/american_airlines_subsidiary_envoy_confirms/"> <img alt="American Airlines subsidiary Envoy confirms Oracle data theft attack" src="https://external-preview.redd.it/Fozrb2khCm3uWcu94uiNoiIWEDosqXK_q3VMEMtCwpE.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=85c965a37ed638f017991efee6a7961e9ad47dcf" title="American Airlines subsidiary Envoy confirms Oracle data theft attack" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/american-airlines-subsidiary-envoy-confirms-oracle-data-theft-attack/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o9sjaj/american_airlines_subsidiary_envoy_confirms/">[comments]</a></span> </td></tr></table>">American Airlines subsidiary Envoy confirms Oracle data theft attack</a><br>2025-10-17 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o9c3tx/europol_dismantles_sim_box_operation_renting/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o9c3tx/europol_dismantles_sim_box_operation_renting/"> <img alt="Europol dismantles SIM box operation renting numbers for cybercrime" src="https://external-preview.redd.it/w5P5gShufwcZdOZks97zC3D3g3zA7bmSrW5fXxD0m78.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=a26211a699b280412c7310f7a7b64f4f10309491" title="Europol dismantles SIM box operation renting numbers for cybercrime" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/europol-dismantles-sim-box-operation-renting-numbers-for-cybercrime/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o9c3tx/europol_dismantles_sim_box_operation_renting/">[comments]</a></span> </td></tr></table>">Europol dismantles SIM box operation renting numbers for cybercrime</a><br>2025-10-17 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o9c4yr/microsoft_fixes_highestseverity_aspnet_core_flaw/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o9c4yr/microsoft_fixes_highestseverity_aspnet_core_flaw/"> <img alt="Microsoft fixes highest-severity ASP.NET Core flaw ever" src="https://external-preview.redd.it/G8u8JnFU8akrSQYzh4u1tX2GXqtbBRKeoARw5SjuBaU.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=ae8eea5a0aa73b24e28f5e44593b0c7877d22f29" title="Microsoft fixes highest-severity ASP.NET Core flaw ever" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-highest-severity-aspnet-core-flaw-ever/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o9c4yr/microsoft_fixes_highestseverity_aspnet_core_flaw/">[comments]</a></span> </td></tr></table>">Microsoft fixes highest-severity ASP.NET Core flaw ever</a><br>2025-10-17 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o94b48/email_bombs_exploit_lax_authentication_in_zendesk/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://krebsonsecurity.com/2025/10/email-bombs-exploit-lax-authentication-in-zendesk/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o94b48/email_bombs_exploit_lax_authentication_in_zendesk/">[comments]</a></span>">Email Bombs Exploit Lax Authentication in Zendesk</a><br>2025-10-17 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8y3yg/powerschool_hacker_got_four_years_in_prison/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8y3yg/powerschool_hacker_got_four_years_in_prison/"> <img alt="PowerSchool hacker got four years in prison" src="https://external-preview.redd.it/aY7-xB3FpZRq5KJqRWytdka7nLVqR57om3YWDMy6FC4.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=6be4981da6c7ec88fa76fc416d0be3ecd7dd9787" title="PowerSchool hacker got four years in prison" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityaffairs.com/183515/security/powerschool-hacker-got-four-years-in-prison.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8y3yg/powerschool_hacker_got_four_years_in_prison/">[comments]</a></span> </td></tr></table>">PowerSchool hacker got four years in prison</a><br>2025-10-17 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8wi1p/microsoft_revokes_200_fraudulent_certificates/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://thehackernews.com/2025/10/microsoft-revokes-200-fraudulent.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8wi1p/microsoft_revokes_200_fraudulent_certificates/">[comments]</a></span>">Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign</a><br>2025-10-17 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8yele/malicious_perplexity_comet_browser_download_ads/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/perplexity-comet-browser-download-ads-malware-google/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8yele/malicious_perplexity_comet_browser_download_ads/">[comments]</a></span>">Malicious Perplexity Comet Browser Download Ads Push Password Stealer Via Google Search</a><br>2025-10-17 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8y3ma/researchers_uncover_watchguard_vpn_bug_that_could/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://thehackernews.com/2025/10/researchers-uncover-watchguard-vpn-bug.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8y3ma/researchers_uncover_watchguard_vpn_bug_that_could/">[comments]</a></span>">Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices</a><br>2025-10-17 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8wlda/threat_brief_nationstate_actor_steals_f5_source/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8wlda/threat_brief_nationstate_actor_steals_f5_source/"> <img alt="Threat Brief: Nation-State Actor Steals F5 Source Code and Undisclosed Vulnerabilities" src="https://external-preview.redd.it/Mr7aaGxo60qXwbnrpmy6i29IPGrN0oSgUcbBU_GLg5E.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=5dc2be7a1b3252a14c9284446f7c1f87e8ff61ea" title="Threat Brief: Nation-State Actor Steals F5 Source Code and Undisclosed Vulnerabilities" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://unit42.paloaltonetworks.com/nation-state-threat-actor-steals-f5-source-code/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8wlda/threat_brief_nationstate_actor_steals_f5_source/">[comments]</a></span> </td></tr></table>">Threat Brief: Nation-State Actor Steals F5 Source Code and Undisclosed Vulnerabilities</a><br>2025-10-17 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8wixa/auction_giant_sothebys_says_data_breach_exposed/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8wixa/auction_giant_sothebys_says_data_breach_exposed/"> <img alt="Auction giant Sotheby’s says data breach exposed financial information" src="https://external-preview.redd.it/WmRA-IxU-KEiH3YAMJfyvmvBw5nh32Nx76ygEhjTmfc.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=e05f50767f6b83ca7a56f639ef4dd90197ec30a9" title="Auction giant Sotheby’s says data breach exposed financial information" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/auction-giant-sothebys-says-data-breach-exposed-customer-information/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8wixa/auction_giant_sothebys_says_data_breach_exposed/">[comments]</a></span> </td></tr></table>">Auction giant Sotheby’s says data breach exposed financial information</a><br>2025-10-16 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8hb1q/hackers_exploit_cisco_snmp_flaw_to_deploy_rootkit/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8hb1q/hackers_exploit_cisco_snmp_flaw_to_deploy_rootkit/"> <img alt="Hackers exploit Cisco SNMP flaw to deploy rootkit on switches" src="https://external-preview.redd.it/2ZFF6iT4ejXiodxNenM9yjD2BhjzpLvr-zrFD8c0Jaw.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=64acb95434c5a719b85a6bdb8a2248926346eab3" title="Hackers exploit Cisco SNMP flaw to deploy rootkit on switches" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/hackers-exploit-cisco-snmp-flaw-to-deploy-rootkit-on-switches/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8hb1q/hackers_exploit_cisco_snmp_flaw_to_deploy_rootkit/">[comments]</a></span> </td></tr></table>">Hackers exploit Cisco SNMP flaw to deploy rootkit on switches</a><br>2025-10-16 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8dfh7/misconfigured_netcorecloud_server_exposed_40/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8dfh7/misconfigured_netcorecloud_server_exposed_40/"> <img alt="Misconfigured NetcoreCloud Server Exposed 40 Billion Records in 13.4TB of Data" src="https://external-preview.redd.it/C7baJn9rIt7c4gIATCS5sDSGyhTC0QbvHkoGELmnc6g.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=66035c836dcf991ef9662794c9f012349452d392" title="Misconfigured NetcoreCloud Server Exposed 40 Billion Records in 13.4TB of Data" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/misconfigured-netcorecloud-server-40-billion-records/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8dfh7/misconfigured_netcorecloud_server_exposed_40/">[comments]</a></span> </td></tr></table>">Misconfigured NetcoreCloud Server Exposed 40 Billion Records in 13.4TB of Data</a><br>2025-10-16 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bznh/chinalinked_apt_jewelbug_targets_russian_it/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bznh/chinalinked_apt_jewelbug_targets_russian_it/"> <img alt="China-linked APT Jewelbug targets Russian IT provider in rare cross-nation cyberattack" src="https://external-preview.redd.it/IBCsH05F-VDClhM3-229CP7nM0zfmeE_bWhaOpmTAao.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=00174debb7cfc8958aad2ac15ff84aeb9bbf7d89" title="China-linked APT Jewelbug targets Russian IT provider in rare cross-nation cyberattack" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityaffairs.com/183488/apt/china-linked-apt-jewelbug-targets-russian-it-provider-in-rare-cross-nation-cyberattack.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bznh/chinalinked_apt_jewelbug_targets_russian_it/">[comments]</a></span> </td></tr></table>">China-linked APT Jewelbug targets Russian IT provider in rare cross-nation cyberattack</a><br>2025-10-16 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bd43/north_koreas_famous_chollima_hackers_use/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bd43/north_koreas_famous_chollima_hackers_use/"> <img alt="North Korea's Famous Chollima hackers Use BeaverTail and OtterCookie Malware in Job Scam" src="https://external-preview.redd.it/u7kX0KXPJh7FuYNyJgcg_AAKcMTu7hU4zAMPcLTdAww.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=4b0af53da8c6e323e35bf1b2bff5942d74cdc03b" title="North Korea's Famous Chollima hackers Use BeaverTail and OtterCookie Malware in Job Scam" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/nk-famous-chollima-beavertail-ottercookie-malware/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bd43/north_koreas_famous_chollima_hackers_use/">[comments]</a></span> </td></tr></table>">North Korea's Famous Chollima hackers Use BeaverTail and OtterCookie Malware in Job Scam</a><br>2025-10-16 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bz4v/linkpro_linux_rootkit_uses_ebpf_to_hide_and/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://thehackernews.com/2025/10/linkpro-linux-rootkit-uses-ebpf-to-hide.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bz4v/linkpro_linux_rootkit_uses_ebpf_to_hide_and/">[comments]</a></span>">LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets</a><br>2025-10-16 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bydm/cisa_maximumseverity_adobe_flaw_now_exploited_in/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bydm/cisa_maximumseverity_adobe_flaw_now_exploited_in/"> <img alt="CISA: Maximum-severity Adobe flaw now exploited in attacks" src="https://external-preview.redd.it/Aw9sGkYoLrUTilgMcZZDwdrK_bPd664XB9UYWEs23Ps.jpeg?width=640&amp;crop=smart&amp;auto=webp&amp;s=4f36f520ccfaf76beb697493951e46e7e8846f2b" title="CISA: Maximum-severity Adobe flaw now exploited in attacks" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/cisa-maximum-severity-adobe-flaw-now-exploited-in-attacks/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bydm/cisa_maximumseverity_adobe_flaw_now_exploited_in/">[comments]</a></span> </td></tr></table>">CISA: Maximum-severity Adobe flaw now exploited in attacks</a><br>2025-10-16 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bxp7/hackers_abuse_blockchain_smart_contracts_to/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://thehackernews.com/2025/10/hackers-abuse-blockchain-smart.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bxp7/hackers_abuse_blockchain_smart_contracts_to/">[comments]</a></span>">Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites</a><br>2025-10-16 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bwhr/zero_day_initiative_pwn2own_automotive_returns_to/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bwhr/zero_day_initiative_pwn2own_automotive_returns_to/"> <img alt="Zero Day Initiative — Pwn2Own Automotive Returns to Tokyo with Expanded Chargers and More!" src="https://external-preview.redd.it/FgXCu9EhFeDdh2vO3cdESW_A1NS0JV_rojYyhG8mO3A.png?width=640&amp;crop=smart&amp;auto=webp&amp;s=1b331d9f1777ee5fd809e30d4e76533007ebdea2" title="Zero Day Initiative — Pwn2Own Automotive Returns to Tokyo with Expanded Chargers and More!" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.thezdi.com/blog/2025/10/16/pwn2own-automotive-returns-to-tokyo-with-expanded-chargers-and-more">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o8bwhr/zero_day_initiative_pwn2own_automotive_returns_to/">[comments]</a></span> </td></tr></table>">Zero Day Initiative — Pwn2Own Automotive Returns to Tokyo with Expanded Chargers and More!</a><br>2025-10-16 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1o83moz/new_tech_support_scam_uses_microsoft_logo_to_fake/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1o83moz/new_tech_support_scam_uses_microsoft_logo_to_fake/"> <img alt="New Tech Support Scam Uses Microsoft Logo to Fake Browser Lock to Steal Data" src="https://external-preview.redd.it/ylT7bLqfL26AKhYvUdOoxnoBXJv7Px90WEDCq1xEluA.png?width=640&amp;crop=smart&amp;auto=webp&amp;s=e1d086bd85035d367740b5e74839964ae768c225" title="New Tech Support Scam Uses Microsoft Logo to Fake Browser Lock to Steal Data" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/tech-support-scam-microsoft-logo-browser-lock-data/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1o83moz/new_tech_support_scam_uses_microsoft_logo_to_fake/">[comments]</a></span> </td></tr></table>">New Tech Support Scam Uses Microsoft Logo to Fake Browser Lock to Steal Data</a><br><h2>
</h2>