Security teams are overwhelmed — 960+ alerts a day, and 40% go unchecked.

The real danger? Some of those missed alerts are actual breaches.

AI-SOCs promise to handle every alert automatically — but not all AI delivers.

Here’s how to tell what’s real vs. hype ↓ https://thehackernews.com/2025/10/architectures-risks-and-adoption-how-to.html

Researchers uncovered "LinkPro," a Golang-based Linux rootkit that uses eBPF to hide processes and activate remotely via a secret “magic packet.”

It spread through a malicious Docker image deployed on vulnerable Jenkins servers.

Full report ↓ https://thehackernews.com/2025/10/linkpro-linux-rootkit-uses-ebpf-to-hide.html

🔴 Hackers are hiding malware inside blockchain smart contracts.

They’re pushing stealers like Atomic & Lumma from hacked WordPress sites — updating payloads without ever touching them.

Google found 14,000+ infected pages.

Details here → https://thehackernews.com/2025/10/hackers-abuse-blockchain-smart.html

⚡ North Korean hackers just used the blockchain to hide malware — the first time ever seen.

Google says they used EtherHiding to plant code inside smart contracts, making it nearly impossible to remove and easy to update for just $1.37 in gas fees.

Full story ↓ https://thehackernews.com/2025/10/north-korean-hackers-use-etherhiding-to.html

Get an inside look at Georgetown's Cybersecurity Master's program. Register for the virtual sample class on October 29.

Attend here → https://thn.news/georgetown-cyber-class

🔒 Microsoft just revoked 200+ trusted certificates — used to sign ransomware disguised as Teams installers.

The fake setup files slipped past security checks for weeks.

Here’s how Vanilla Tempest pulled it off ↓ https://thehackernews.com/2025/10/microsoft-revokes-200-fraudulent.html

🚨 CVE-2025-9242 — Critical WatchGuard Fireware flaw (CVSS 9.3)

Unauthenticated attackers can exploit a 520-byte overflow in IKEv2 before cert checks, executing code on VPN firewalls — even spawning a Python shell over TCP.

Patch now ↓ https://thehackernews.com/2025/10/researchers-uncover-watchguard-vpn-bug.html

🚨 AI agents don’t make mistakes — they execute them.

One wrong logic chain can turn flawless automation into a flawless catastrophe.

The real risk? Most enterprises don’t even know which bots hold the keys.

Identity is the new firewall. Read the 2025-26 Horizons report ↓ https://thehackernews.com/2025/10/identity-security-your-first-and-last.html

⚠️ A fake tech interview → a real breach.

North Korean hackers merged “BeaverTail” + “OtterCookie” into a new advanced malware—keylogger, wallet stealer, and remote shell all in one.

Learn more ↓ https://thehackernews.com/2025/10/north-korean-hackers-combine-beavertail.html

📄 You open a tax doc.
💻 Windows quietly loads malware.
🛑 Your AV dies.
💀 You’re owned.

That’s how Winos 4.0 and HoldingHands RAT are spreading right now — using Windows’ own Task Scheduler against it.

Details here ↓ https://thehackernews.com/2025/10/silver-fox-expands-winos-40-attacks-to.html

Hackers just dropped a new .NET backdoor disguised as a tax notice.

Open the ZIP → boom, your data’s gone.

It even runs through legit Windows tools so nothing looks off.

Full story → https://thehackernews.com/2025/10/new-net-capi-backdoor-targets-russian.html

💣 Europol just dismantled a SIM farm-for-hire platform that powered 49 million fake accounts used for global fraud.

It let anyone rent verified phone numbers from 80+ countries — to scam, extort, or launder money.

Details → https://thehackernews.com/2025/10/europol-dismantles-sim-farm-network.html

🕵️ China says the NSA hacked its national time servers — the system that keeps everything in sync.

If that clock went down, it could’ve hit banks, power grids, even space launches.

The attack used foreign SMS exploits, forged certs, and 42 stealth tools.

Read → https://thehackernews.com/2025/10/mss-claims-nsa-used-42-cyber-tools-in.html

🚨 131 Chrome extensions were caught turning WhatsApp Web into spam bots.

They look like “CRM tools,” but secretly send bulk messages.

Over 20,000 users already installed them.

Full details ↓ https://thehackernews.com/2025/10/131-chrome-extensions-caught-hijacking.html

🔴 Silent breaches, blockchain malware, and new Android exploits — this week’s threat roundup proves attackers are getting bolder and smarter.

Catch the highlights:

⚡ F5 breach
⚡ EtherHiding malware
⚡ Cisco rootkits
⚡ Pixnapping 2FA theft

Read WEEKLY RECAP → https://thehackernews.com/2025/10/weekly-recap-f5-breached-linux-rootkits.html

🚨 A fake CAPTCHA just breached hospitals, universities, and city networks.

The scary part? Victims copied the attack code themselves — straight from their browser.

It’s called ClickFix, and it hijacks users through “fix this page” pop-ups — no downloads, no phishing email needed.

See how it slips past every control ↓ https://thehackernews.com/2025/10/analysing-clickfix-3-reasons-why.html

A Chinese-linked hacking group breached Europe’s telecom defenses — weaponizing antivirus software.

They planted a backdoor in legitimate Norton and Bkav installs.

Payload: SnappyBee, a new ShadowPad variant delivered via DLL side-loading.

Learn more ↓ https://thehackernews.com/2025/10/hackers-used-snappybee-malware-and.html

Russia’s COLDRIVER hackers rebuilt their malware tools in just 5 days.

Meet NOROBOT, YESROBOT, and MAYBEROBOT — hidden behind fake CAPTCHA checks and PowerShell tricks.

Google just exposed how they did it ↓ https://thehackernews.com/2025/10/google-identifies-three-new-russian.html