From crypto fines to malware & data leaks — the week’s biggest cyber hits:

🇨🇦 Cryptomus fined $176M
🛰️ Starlink scam crackdown
🤖 AI vuln in Oat++ MCP
📧 Tykit phishing campaign

.... 15+ more important news stories.

Read the latest #ThreatsDay Bulletin 👇 https://thehackernews.com/2025/10/threatsday-bulletin-176m-crypto-fine.html

📢 WEBINAR ALERT!

You can’t secure what you can’t see. AI agents are spreading fast — unseen, unmanaged & risky.

Join this free #cybersecurity session to learn how leading security teams are regaining control & speed.

🗓️ 27 Oct, 2025

🔗 Watch This ↓ https://thehackernews.com/2025/10/secure-ai-at-scale-and-speed-learn.html

North Korean hackers are posing as recruiters—again.

This time, they’re stealing drone tech from Europe’s defense firms.

The trap? A fake job PDF hiding a remote access tool.

It’s been active—undetected—since March.

Read → https://thehackernews.com/2025/10/north-korean-hackers-lure-defense.html

🚨 GlassWorm hits VS Code extensions — 14 infected builds, ~35K installs since Oct 17 2025.

It steals dev creds, drains crypto wallets, turns machines into bots — and auto-updates itself.

Read ↓ https://thehackernews.com/2025/10/self-spreading-glassworm-infects-vs.html

🚨 Hackers turned YouTube into a malware factory. Over 3,000 fake “tutorials” hide stealers like Lumma and Rhadamanthys.

They hijack real channels — likes, comments, and all — to look legit.

Even that “Photoshop crack” or “Roblox cheat” video could infect you.

Read here ↓ https://thehackernews.com/2025/10/3000-youtube-videos-exposed-as-malware.html

Your SOC passed every test.
But your people? Failed the real one.

Modern AEV tools prove your defenses work —
until humans enter the equation.

The next frontier of validation isn’t technical.
It’s behavioral ↓ https://thehackernews.com/expert-insights/2025/10/beyond-tools-why-testing-human.html

🚨 A bug in the FIA driver portal exposed Formula 1 drivers’ personal data — including passports and licenses.

Anyone could become an “admin” with a single API request.

The flaw is now fixed — but it was open for days ↓ https://thehackernews.com/2025/10/threatsday-bulletin-176m-crypto-fine.html#admin-bug-exposes-formula-1-driver-data

India’s BOSS Linux systems are under silent attack.

A Pakistan-linked group just dropped a new Golang RAT — DeskRAT — hidden inside fake government PDFs.

It sticks around with 4 persistence tricks and steals files through WebSockets.

Read ↓ https://thehackernews.com/2025/10/apt36-targets-indian-government-with.html

Microsoft just patched a critical WSUS flaw (CVE-2025-59287) — and attackers are already using it.

One crafted request = full SYSTEM control.

The twist? It comes from BinaryFormatter — the same tool Microsoft killed off last year.

Patch now ↓ https://thehackernews.com/2025/10/microsoft-issues-emergency-patch-for.html

🚨 194,000 fake sites. $1B stolen.

The Smishing Triad is posing as USPS, banks, and toll services — all hosted on U.S. clouds to stay invisible.

Next target: brokerage accounts.

Full report ↓ https://thehackernews.com/2025/10/smishing-triad-linked-to-194000.html

⚡ OpenAI’s new ChatGPT Atlas browser can be hijacked by a fake URL.

A prompt injection disguised as a normal link tricks the omnibox into running hidden commands.

One click, and your AI agent takes orders from attackers.

Read here ↓ https://thehackernews.com/2025/10/chatgpt-atlas-browser-can-be-tricked-by.html

Qilin ransomware just got smarter.

It’s hitting Windows and Linux together, wiping Veeam backups, and using a vulnerable driver to shut down security tools — all in one strike.

Over 100 victims in June alone.

Full story ↓ https://thehackernews.com/2025/10/qilin-ransomware-combines-linux-payload.html

CISOs planning 2026 budgets are rethinking priorities.

Data visibility & DSPM are moving from “nice-to-have” to the foundation for risk reduction, faster audits & ROI.

Read: Why Data Visibility Belongs in Your 2026 Cybersecurity Budget 👇 https://thn.news/security-priority-guide

🔥 The week in cyber: patches weren’t fast enough, trust wasn’t enough, and attackers weren’t waiting.

→ WSUS exploited
→ LockBit 5.0 returns
→ Telegram backdoor
→ F5 breach deepens
→ YouTube malware surge
→ MuddyWater spying
→ Lazarus fake jobs
→ CoPhish OAuth attack
→ Russia bug law
→ UN cyber treaty

⚡ Read the recap: https://thehackernews.com/2025/10/weekly-recap-wsus-exploited-lockbit-50.html

🚨 New exploit targets ChatGPT Atlas AI browser.

Researchers at LayerX found a CSRF flaw that lets attackers inject code into its persistent memory, surviving across browsers, sessions, and devices.

Once infected, even a normal chat can silently execute hidden commands.

Full report ↓ https://thehackernews.com/2025/10/new-chatgpt-atlas-browser-exploit-lets.html

⚠️ WARNING: X users with security keys (like YubiKeys) must re-enroll 2FA by Nov 10, 2025 — or get locked out.

The update moves keys from twitter[.]com to x[.]com as Twitter’s domain is retired.

Details ↓ https://thehackernews.com/2025/10/x-warns-users-with-security-keys-to-re.html

⚡ Security and speed shouldn’t be enemies.

But when AI agents multiply faster than controls can keep up, most orgs fall into firefighting mode.

Join our live session to see how forward-thinking teams are:

✅ Governing thousands of AI agents automatically
✅ Embedding security guardrails that scale
✅ Shipping AI features faster — and safer

Live webinar: Learn how to scale AI securely, without compromise → https://thehacker.news/securing-ai-adoption

⚠️ SideWinder hackers strike again.

A European embassy in New Delhi was hit using fake Adobe Reader updates and signed apps to sneak in StealerBot malware — stealing passwords, screenshots, and files.

Other targets: Sri Lanka, Pakistan, and Bangladesh.

Full report ↓ https://thehackernews.com/2025/10/sidewinder-adopts-new-clickonce-based.html

⚠️ ALERT: A Chrome zero-day (CVE-2025-2783) was exploited to deliver spyware built by Memento Labs — the firm behind past government surveillance tools.

One click in Chromium = full sandbox escape.

Read this → https://thehackernews.com/2025/10/chrome-zero-day-exploited-to-deliver.html