π Microsoft just revoked 200+ trusted certificates β used to sign ransomware disguised as Teams installers.
The fake setup files slipped past security checks for weeks.
Hereβs how Vanilla Tempest pulled it off β https://thehackernews.com/2025/10/microsoft-revokes-200-fraudulent.html
The fake setup files slipped past security checks for weeks.
Hereβs how Vanilla Tempest pulled it off β https://thehackernews.com/2025/10/microsoft-revokes-200-fraudulent.html
π€―17π7π5π3π€3π±1
π¨ CVE-2025-9242 β Critical WatchGuard Fireware flaw (CVSS 9.3)
Unauthenticated attackers can exploit a 520-byte overflow in IKEv2 before cert checks, executing code on VPN firewalls β even spawning a Python shell over TCP.
Patch now β https://thehackernews.com/2025/10/researchers-uncover-watchguard-vpn-bug.html
Unauthenticated attackers can exploit a 520-byte overflow in IKEv2 before cert checks, executing code on VPN firewalls β even spawning a Python shell over TCP.
Patch now β https://thehackernews.com/2025/10/researchers-uncover-watchguard-vpn-bug.html
π₯11π3
π¨ AI agents donβt make mistakes β they execute them.
One wrong logic chain can turn flawless automation into a flawless catastrophe.
The real risk? Most enterprises donβt even know which bots hold the keys.
Identity is the new firewall. Read the 2025-26 Horizons report β https://thehackernews.com/2025/10/identity-security-your-first-and-last.html
One wrong logic chain can turn flawless automation into a flawless catastrophe.
The real risk? Most enterprises donβt even know which bots hold the keys.
Identity is the new firewall. Read the 2025-26 Horizons report β https://thehackernews.com/2025/10/identity-security-your-first-and-last.html
π18π5
β οΈ A fake tech interview β a real breach.
North Korean hackers merged βBeaverTailβ + βOtterCookieβ into a new advanced malwareβkeylogger, wallet stealer, and remote shell all in one.
Learn more β https://thehackernews.com/2025/10/north-korean-hackers-combine-beavertail.html
North Korean hackers merged βBeaverTailβ + βOtterCookieβ into a new advanced malwareβkeylogger, wallet stealer, and remote shell all in one.
Learn more β https://thehackernews.com/2025/10/north-korean-hackers-combine-beavertail.html
π€―14π₯6π6π4π€1
π You open a tax doc.
π» Windows quietly loads malware.
π Your AV dies.
π Youβre owned.
Thatβs how Winos 4.0 and HoldingHands RAT are spreading right now β using Windowsβ own Task Scheduler against it.
Details here β https://thehackernews.com/2025/10/silver-fox-expands-winos-40-attacks-to.html
π» Windows quietly loads malware.
π Your AV dies.
π Youβre owned.
Thatβs how Winos 4.0 and HoldingHands RAT are spreading right now β using Windowsβ own Task Scheduler against it.
Details here β https://thehackernews.com/2025/10/silver-fox-expands-winos-40-attacks-to.html
π±11π6π₯3
Hackers just dropped a new .NET backdoor disguised as a tax notice.
Open the ZIP β boom, your dataβs gone.
It even runs through legit Windows tools so nothing looks off.
Full story β https://thehackernews.com/2025/10/new-net-capi-backdoor-targets-russian.html
Open the ZIP β boom, your dataβs gone.
It even runs through legit Windows tools so nothing looks off.
Full story β https://thehackernews.com/2025/10/new-net-capi-backdoor-targets-russian.html
π15π€―11π₯7π5
π£ Europol just dismantled a SIM farm-for-hire platform that powered 49 million fake accounts used for global fraud.
It let anyone rent verified phone numbers from 80+ countries β to scam, extort, or launder money.
Details β https://thehackernews.com/2025/10/europol-dismantles-sim-farm-network.html
It let anyone rent verified phone numbers from 80+ countries β to scam, extort, or launder money.
Details β https://thehackernews.com/2025/10/europol-dismantles-sim-farm-network.html
π₯44π€―12π8π7β‘4π3π±3π€2
π΅οΈ China says the NSA hacked its national time servers β the system that keeps everything in sync.
If that clock went down, it couldβve hit banks, power grids, even space launches.
The attack used foreign SMS exploits, forged certs, and 42 stealth tools.
Read β https://thehackernews.com/2025/10/mss-claims-nsa-used-42-cyber-tools-in.html
If that clock went down, it couldβve hit banks, power grids, even space launches.
The attack used foreign SMS exploits, forged certs, and 42 stealth tools.
Read β https://thehackernews.com/2025/10/mss-claims-nsa-used-42-cyber-tools-in.html
π₯37π14π±13π€8β‘3π3π2π€―1
π¨ 131 Chrome extensions were caught turning WhatsApp Web into spam bots.
They look like βCRM tools,β but secretly send bulk messages.
Over 20,000 users already installed them.
Full details β https://thehackernews.com/2025/10/131-chrome-extensions-caught-hijacking.html
They look like βCRM tools,β but secretly send bulk messages.
Over 20,000 users already installed them.
Full details β https://thehackernews.com/2025/10/131-chrome-extensions-caught-hijacking.html
π14π₯4π€3
π΄ Silent breaches, blockchain malware, and new Android exploits β this weekβs threat roundup proves attackers are getting bolder and smarter.
Catch the highlights:
β‘ F5 breach
β‘ EtherHiding malware
β‘ Cisco rootkits
β‘ Pixnapping 2FA theft
Read WEEKLY RECAP β https://thehackernews.com/2025/10/weekly-recap-f5-breached-linux-rootkits.html
Catch the highlights:
β‘ F5 breach
β‘ EtherHiding malware
β‘ Cisco rootkits
β‘ Pixnapping 2FA theft
Read WEEKLY RECAP β https://thehackernews.com/2025/10/weekly-recap-f5-breached-linux-rootkits.html
π8π1π₯1
π¨ A fake CAPTCHA just breached hospitals, universities, and city networks.
The scary part? Victims copied the attack code themselves β straight from their browser.
Itβs called ClickFix, and it hijacks users through βfix this pageβ pop-ups β no downloads, no phishing email needed.
See how it slips past every control β https://thehackernews.com/2025/10/analysing-clickfix-3-reasons-why.html
The scary part? Victims copied the attack code themselves β straight from their browser.
Itβs called ClickFix, and it hijacks users through βfix this pageβ pop-ups β no downloads, no phishing email needed.
See how it slips past every control β https://thehackernews.com/2025/10/analysing-clickfix-3-reasons-why.html
π32π±10π₯5π€―3β‘2π2
A Chinese-linked hacking group breached Europeβs telecom defenses β weaponizing antivirus software.
They planted a backdoor in legitimate Norton and Bkav installs.
Payload: SnappyBee, a new ShadowPad variant delivered via DLL side-loading.
Learn more β https://thehackernews.com/2025/10/hackers-used-snappybee-malware-and.html
They planted a backdoor in legitimate Norton and Bkav installs.
Payload: SnappyBee, a new ShadowPad variant delivered via DLL side-loading.
Learn more β https://thehackernews.com/2025/10/hackers-used-snappybee-malware-and.html
π₯10π€5π3π€―3π±2
Russiaβs COLDRIVER hackers rebuilt their malware tools in just 5 days.
Meet NOROBOT, YESROBOT, and MAYBEROBOT β hidden behind fake CAPTCHA checks and PowerShell tricks.
Google just exposed how they did it β https://thehackernews.com/2025/10/google-identifies-three-new-russian.html
Meet NOROBOT, YESROBOT, and MAYBEROBOT β hidden behind fake CAPTCHA checks and PowerShell tricks.
Google just exposed how they did it β https://thehackernews.com/2025/10/google-identifies-three-new-russian.html
π14π₯6β‘4π€―4
β οΈ 7 out of 10 threats faced by SOCs begin with phishing.
Phishkits dominate the threat landscape and become increasingly harder to detect.
Act now to set up strong defenses with fresh, actionable intel from 15K orgs β€΅οΈ https://thn.news/threat-intel-tg
Phishkits dominate the threat landscape and become increasingly harder to detect.
Act now to set up strong defenses with fresh, actionable intel from 15K orgs β€΅οΈ https://thn.news/threat-intel-tg
π7π2π€2
β οΈ Your AppSec blind spots are costing you.
The gap between code and cloud runtime drives 90% of delayed fixesβand missed accountability.
Map vulnerabilities, misconfigs, and secrets across your pipeline to regain control.
Cut the noise. Reduce risk. Start now β https://thehacker.news/code-to-cloud-appsec
The gap between code and cloud runtime drives 90% of delayed fixesβand missed accountability.
Map vulnerabilities, misconfigs, and secrets across your pipeline to regain control.
Cut the noise. Reduce risk. Start now β https://thehacker.news/code-to-cloud-appsec
π€6
π₯ Your Cisco, ASUS, QNAP, or Synology router might secretly be part of a botnet.
A new threat called PolarEdge is hiding inside routers, turning them into undetectable spies using a secret TLS server and a hidden config file.
Exploit chain, IOCs & decryption trick β https://thehackernews.com/2025/10/polaredge-targets-cisco-asus-qnap.html
A new threat called PolarEdge is hiding inside routers, turning them into undetectable spies using a secret TLS server and a hidden config file.
Exploit chain, IOCs & decryption trick β https://thehackernews.com/2025/10/polaredge-targets-cisco-asus-qnap.html
π8π₯2π€2
Meta just rolled out new anti-scam tools for WhatsApp & Messenger.
β οΈ Screen-share warnings
π€ AI scam detection
π¨ Instant alerts
... but one setting quietly breaks π encryption.
Learn more β https://thehackernews.com/2025/10/meta-rolls-out-new-tools-to-protect.html
β οΈ Screen-share warnings
π€ AI scam detection
π¨ Instant alerts
... but one setting quietly breaks π encryption.
Learn more β https://thehackernews.com/2025/10/meta-rolls-out-new-tools-to-protect.html
π12π±6π4π₯3
Every new AI tool in your SOC adds another way in for attackers.
The defender might now be the weak spot.
AI agents are making decisions on their own β and trust just became an identity problem.
Learn how to secure them before someone else does β https://thehackernews.com/2025/10/securing-ai-to-benefit-from-ai.html
The defender might now be the weak spot.
AI agents are making decisions on their own β and trust just became an identity problem.
Learn how to secure them before someone else does β https://thehackernews.com/2025/10/securing-ai-to-benefit-from-ai.html
π10π7π₯2