🔥 Agentic AI isn’t just automating—it’s thinking and acting.

Zscaler’s CEO says it’s a bigger shift than cloud or IoT.

The upside? Faster support and instant threat response.
The risk? Rogue AIs scanning your network right now.

Learn why Zero Trust isn’t optional anymore → https://thehackernews.com/videos/2025/10/exploring-agentic-ai-innovation-meets.html

⚙️ If you run industrial gear — check your Red Lion RTUs.

Two CVEs (both 10/10) let anyone pop root via one open port. Water, energy, transport — all at risk.

Patch ASAP. Details here → https://thehackernews.com/2025/10/two-cvss-100-bugs-in-red-lion-rtus.html

🔴 Microsoft just dropped fixes for 183 security flaws.

3 are already being exploited — including one buried in every Windows PC since XP.

...and at the same time, it is ending Windows 10 support (unless you pay).

Details + patch info ↓ https://thehackernews.com/2025/10/two-new-windows-zero-days-exploited-in.html

🔥 New free playbook from Pillar Security : a hands-on framework for red-teaming agentic AI systems.

Covers the AI Kill Chain, context engineering, and the CFS model for crafting and testing realistic attack simulations.

🔗 No sign-up required: https://thn.news/agentic-defend

🚨 Over 100 VS Code extensions leaked access tokens — letting attackers push malicious updates to 150,000+ installs.

A single exposed key could’ve weaponized the software supply chain.

Full story ↓ https://thehackernews.com/2025/10/over-100-vs-code-extensions-exposed.html

👀 F5 just confirmed a nation-state breach that went undetected for months.

Hackers stole BIG-IP source code and data on undisclosed vulnerabilities.

Full story ↓ https://thehackernews.com/2025/10/f5-breach-exposes-big-ip-source-code.html

🚨 China-linked “Jewelbug” hackers quietly lived inside a Russian IT provider for 5 months.

They used Microsoft’s own debugger to slip past defenses — and exfiltrated data to Yandex Cloud.

Full story ↓ https://thehackernews.com/2025/10/chinese-threat-group-jewelbug-quietly.html

🚨 CISA just flagged a 10.0-severity flaw in Adobe Experience Manager.

A single debug page can open the door to remote code execution — no login required.

Attackers are already exploiting it, and many orgs still haven’t patched.

Details ↓ https://thehackernews.com/2025/10/cisa-flags-adobe-aem-flaw-with-perfect.html

This week in ThreatsDay:

⚡ $15B crypto empire seized
🔭 Satellites leaking private calls
💬 MFA phishing kits evolving fast
📡 Cloud tools turned into covert C2

Read the full bulletin → https://thehackernews.com/2025/10/threatsday-bulletin-15b-crypto-bust.html

🔐 Pen tests are meant to protect you. But the classic approach might be costing 💸 you instead.

Admin overheads. Scope creep. Endless retests.

Here’s why traditional pen testing drains time and budget — and how PTaaS fixes it ↓ https://thehackernews.com/2025/10/beware-hidden-costs-of-pen-testing.html

🚨 Hackers just turned a Cisco zero-day (CVE-2025-20352) into a Linux rootkit dropper—hitting routers before the patch dropped.

The backdoor’s universal password was “disco.”

Learn more about the Operation Zero Disco ↓ https://thehackernews.com/2025/10/hackers-deploy-linux-rootkits-via-cisco.html

Security teams are overwhelmed — 960+ alerts a day, and 40% go unchecked.

The real danger? Some of those missed alerts are actual breaches.

AI-SOCs promise to handle every alert automatically — but not all AI delivers.

Here’s how to tell what’s real vs. hype ↓ https://thehackernews.com/2025/10/architectures-risks-and-adoption-how-to.html

Researchers uncovered "LinkPro," a Golang-based Linux rootkit that uses eBPF to hide processes and activate remotely via a secret “magic packet.”

It spread through a malicious Docker image deployed on vulnerable Jenkins servers.

Full report ↓ https://thehackernews.com/2025/10/linkpro-linux-rootkit-uses-ebpf-to-hide.html

🔴 Hackers are hiding malware inside blockchain smart contracts.

They’re pushing stealers like Atomic & Lumma from hacked WordPress sites — updating payloads without ever touching them.

Google found 14,000+ infected pages.

Details here → https://thehackernews.com/2025/10/hackers-abuse-blockchain-smart.html

⚡ North Korean hackers just used the blockchain to hide malware — the first time ever seen.

Google says they used EtherHiding to plant code inside smart contracts, making it nearly impossible to remove and easy to update for just $1.37 in gas fees.

Full story ↓ https://thehackernews.com/2025/10/north-korean-hackers-use-etherhiding-to.html

Get an inside look at Georgetown's Cybersecurity Master's program. Register for the virtual sample class on October 29.

Attend here → https://thn.news/georgetown-cyber-class

🔒 Microsoft just revoked 200+ trusted certificates — used to sign ransomware disguised as Teams installers.

The fake setup files slipped past security checks for weeks.

Here’s how Vanilla Tempest pulled it off ↓ https://thehackernews.com/2025/10/microsoft-revokes-200-fraudulent.html

🚨 CVE-2025-9242 — Critical WatchGuard Fireware flaw (CVSS 9.3)

Unauthenticated attackers can exploit a 520-byte overflow in IKEv2 before cert checks, executing code on VPN firewalls — even spawning a Python shell over TCP.

Patch now ↓ https://thehackernews.com/2025/10/researchers-uncover-watchguard-vpn-bug.html

🚨 AI agents don’t make mistakes — they execute them.

One wrong logic chain can turn flawless automation into a flawless catastrophe.

The real risk? Most enterprises don’t even know which bots hold the keys.

Identity is the new firewall. Read the 2025-26 Horizons report ↓ https://thehackernews.com/2025/10/identity-security-your-first-and-last.html

⚠️ A fake tech interview → a real breach.

North Korean hackers merged “BeaverTail” + “OtterCookie” into a new advanced malware—keylogger, wallet stealer, and remote shell all in one.

Learn more ↓ https://thehackernews.com/2025/10/north-korean-hackers-combine-beavertail.html