π’ WEBINAR ALERT!
You canβt secure what you canβt see. AI agents are spreading fast β unseen, unmanaged & risky.
Join this free #cybersecurity session to learn how leading security teams are regaining control & speed.
ποΈ 27 Oct, 2025
π Watch This β https://thehackernews.com/2025/10/secure-ai-at-scale-and-speed-learn.html
You canβt secure what you canβt see. AI agents are spreading fast β unseen, unmanaged & risky.
Join this free #cybersecurity session to learn how leading security teams are regaining control & speed.
ποΈ 27 Oct, 2025
π Watch This β https://thehackernews.com/2025/10/secure-ai-at-scale-and-speed-learn.html
π₯8
North Korean hackers are posing as recruitersβagain.
This time, theyβre stealing drone tech from Europeβs defense firms.
The trap? A fake job PDF hiding a remote access tool.
Itβs been activeβundetectedβsince March.
Read β https://thehackernews.com/2025/10/north-korean-hackers-lure-defense.html
This time, theyβre stealing drone tech from Europeβs defense firms.
The trap? A fake job PDF hiding a remote access tool.
Itβs been activeβundetectedβsince March.
Read β https://thehackernews.com/2025/10/north-korean-hackers-lure-defense.html
π€13π±6π2
π¨ GlassWorm hits VS Code extensions β 14 infected builds, ~35K installs since Oct 17 2025.
It steals dev creds, drains crypto wallets, turns machines into bots β and auto-updates itself.
Read β https://thehackernews.com/2025/10/self-spreading-glassworm-infects-vs.html
It steals dev creds, drains crypto wallets, turns machines into bots β and auto-updates itself.
Read β https://thehackernews.com/2025/10/self-spreading-glassworm-infects-vs.html
π14π2π₯2
π¨ Hackers turned YouTube into a malware factory. Over 3,000 fake βtutorialsβ hide stealers like Lumma and Rhadamanthys.
They hijack real channels β likes, comments, and all β to look legit.
Even that βPhotoshop crackβ or βRoblox cheatβ video could infect you.
Read here β https://thehackernews.com/2025/10/3000-youtube-videos-exposed-as-malware.html
They hijack real channels β likes, comments, and all β to look legit.
Even that βPhotoshop crackβ or βRoblox cheatβ video could infect you.
Read here β https://thehackernews.com/2025/10/3000-youtube-videos-exposed-as-malware.html
π15π€―12β‘6π₯3
Your SOC passed every test.
But your people? Failed the real one.
Modern AEV tools prove your defenses work β
until humans enter the equation.
The next frontier of validation isnβt technical.
Itβs behavioral β https://thehackernews.com/expert-insights/2025/10/beyond-tools-why-testing-human.html
But your people? Failed the real one.
Modern AEV tools prove your defenses work β
until humans enter the equation.
The next frontier of validation isnβt technical.
Itβs behavioral β https://thehackernews.com/expert-insights/2025/10/beyond-tools-why-testing-human.html
π9π₯1
π¨ A bug in the FIA driver portal exposed Formula 1 driversβ personal data β including passports and licenses.
Anyone could become an βadminβ with a single API request.
The flaw is now fixed β but it was open for days β https://thehackernews.com/2025/10/threatsday-bulletin-176m-crypto-fine.html#admin-bug-exposes-formula-1-driver-data
Anyone could become an βadminβ with a single API request.
The flaw is now fixed β but it was open for days β https://thehackernews.com/2025/10/threatsday-bulletin-176m-crypto-fine.html#admin-bug-exposes-formula-1-driver-data
π€―19π₯6π±3
Indiaβs BOSS Linux systems are under silent attack.
A Pakistan-linked group just dropped a new Golang RAT β DeskRAT β hidden inside fake government PDFs.
It sticks around with 4 persistence tricks and steals files through WebSockets.
Read β https://thehackernews.com/2025/10/apt36-targets-indian-government-with.html
A Pakistan-linked group just dropped a new Golang RAT β DeskRAT β hidden inside fake government PDFs.
It sticks around with 4 persistence tricks and steals files through WebSockets.
Read β https://thehackernews.com/2025/10/apt36-targets-indian-government-with.html
π19π€6π₯5π2π€―2
Microsoft just patched a critical WSUS flaw (CVE-2025-59287) β and attackers are already using it.
One crafted request = full SYSTEM control.
The twist? It comes from BinaryFormatter β the same tool Microsoft killed off last year.
Patch now β https://thehackernews.com/2025/10/microsoft-issues-emergency-patch-for.html
One crafted request = full SYSTEM control.
The twist? It comes from BinaryFormatter β the same tool Microsoft killed off last year.
Patch now β https://thehackernews.com/2025/10/microsoft-issues-emergency-patch-for.html
π18π6π₯2
π¨ 194,000 fake sites. $1B stolen.
The Smishing Triad is posing as USPS, banks, and toll services β all hosted on U.S. clouds to stay invisible.
Next target: brokerage accounts.
Full report β https://thehackernews.com/2025/10/smishing-triad-linked-to-194000.html
The Smishing Triad is posing as USPS, banks, and toll services β all hosted on U.S. clouds to stay invisible.
Next target: brokerage accounts.
Full report β https://thehackernews.com/2025/10/smishing-triad-linked-to-194000.html
π16π±4π₯1
β‘ OpenAIβs new ChatGPT Atlas browser can be hijacked by a fake URL.
A prompt injection disguised as a normal link tricks the omnibox into running hidden commands.
One click, and your AI agent takes orders from attackers.
Read here β https://thehackernews.com/2025/10/chatgpt-atlas-browser-can-be-tricked-by.html
A prompt injection disguised as a normal link tricks the omnibox into running hidden commands.
One click, and your AI agent takes orders from attackers.
Read here β https://thehackernews.com/2025/10/chatgpt-atlas-browser-can-be-tricked-by.html
π±25π14β‘4π₯4
Qilin ransomware just got smarter.
Itβs hitting Windows and Linux together, wiping Veeam backups, and using a vulnerable driver to shut down security tools β all in one strike.
Over 100 victims in June alone.
Full story β https://thehackernews.com/2025/10/qilin-ransomware-combines-linux-payload.html
Itβs hitting Windows and Linux together, wiping Veeam backups, and using a vulnerable driver to shut down security tools β all in one strike.
Over 100 victims in June alone.
Full story β https://thehackernews.com/2025/10/qilin-ransomware-combines-linux-payload.html
π₯16π±6π€―3π1
CISOs planning 2026 budgets are rethinking priorities.
Data visibility & DSPM are moving from βnice-to-haveβ to the foundation for risk reduction, faster audits & ROI.
Read: Why Data Visibility Belongs in Your 2026 Cybersecurity Budget π https://thn.news/security-priority-guide
Data visibility & DSPM are moving from βnice-to-haveβ to the foundation for risk reduction, faster audits & ROI.
Read: Why Data Visibility Belongs in Your 2026 Cybersecurity Budget π https://thn.news/security-priority-guide
π₯10π2
π₯ The week in cyber: patches werenβt fast enough, trust wasnβt enough, and attackers werenβt waiting.
β WSUS exploited
β LockBit 5.0 returns
β Telegram backdoor
β F5 breach deepens
β YouTube malware surge
β MuddyWater spying
β Lazarus fake jobs
β CoPhish OAuth attack
β Russia bug law
β UN cyber treaty
β‘ Read the recap: https://thehackernews.com/2025/10/weekly-recap-wsus-exploited-lockbit-50.html
β WSUS exploited
β LockBit 5.0 returns
β Telegram backdoor
β F5 breach deepens
β YouTube malware surge
β MuddyWater spying
β Lazarus fake jobs
β CoPhish OAuth attack
β Russia bug law
β UN cyber treaty
β‘ Read the recap: https://thehackernews.com/2025/10/weekly-recap-wsus-exploited-lockbit-50.html
π₯18π€3π1
π¨ New exploit targets ChatGPT Atlas AI browser.
Researchers at LayerX found a CSRF flaw that lets attackers inject code into its persistent memory, surviving across browsers, sessions, and devices.
Once infected, even a normal chat can silently execute hidden commands.
Full report β https://thehackernews.com/2025/10/new-chatgpt-atlas-browser-exploit-lets.html
Researchers at LayerX found a CSRF flaw that lets attackers inject code into its persistent memory, surviving across browsers, sessions, and devices.
Once infected, even a normal chat can silently execute hidden commands.
Full report β https://thehackernews.com/2025/10/new-chatgpt-atlas-browser-exploit-lets.html
π19π₯10π±1
β οΈ WARNING: X users with security keys (like YubiKeys) must re-enroll 2FA by Nov 10, 2025 β or get locked out.
The update moves keys from twitter[.]com to x[.]com as Twitterβs domain is retired.
Details β https://thehackernews.com/2025/10/x-warns-users-with-security-keys-to-re.html
The update moves keys from twitter[.]com to x[.]com as Twitterβs domain is retired.
Details β https://thehackernews.com/2025/10/x-warns-users-with-security-keys-to-re.html
π16π€5π2β‘1
β‘ Security and speed shouldnβt be enemies.
But when AI agents multiply faster than controls can keep up, most orgs fall into firefighting mode.
Join our live session to see how forward-thinking teams are:
β Governing thousands of AI agents automatically
β Embedding security guardrails that scale
β Shipping AI features faster β and safer
Live webinar: Learn how to scale AI securely, without compromise β https://thehacker.news/securing-ai-adoption
But when AI agents multiply faster than controls can keep up, most orgs fall into firefighting mode.
Join our live session to see how forward-thinking teams are:
β Governing thousands of AI agents automatically
β Embedding security guardrails that scale
β Shipping AI features faster β and safer
Live webinar: Learn how to scale AI securely, without compromise β https://thehacker.news/securing-ai-adoption
π6π2
β οΈ SideWinder hackers strike again.
A European embassy in New Delhi was hit using fake Adobe Reader updates and signed apps to sneak in StealerBot malware β stealing passwords, screenshots, and files.
Other targets: Sri Lanka, Pakistan, and Bangladesh.
Full report β https://thehackernews.com/2025/10/sidewinder-adopts-new-clickonce-based.html
A European embassy in New Delhi was hit using fake Adobe Reader updates and signed apps to sneak in StealerBot malware β stealing passwords, screenshots, and files.
Other targets: Sri Lanka, Pakistan, and Bangladesh.
Full report β https://thehackernews.com/2025/10/sidewinder-adopts-new-clickonce-based.html
π13π6π₯4β‘3
β οΈ ALERT: A Chrome zero-day (CVE-2025-2783) was exploited to deliver spyware built by Memento Labs β the firm behind past government surveillance tools.
One click in Chromium = full sandbox escape.
Read this β https://thehackernews.com/2025/10/chrome-zero-day-exploited-to-deliver.html
One click in Chromium = full sandbox escape.
Read this β https://thehackernews.com/2025/10/chrome-zero-day-exploited-to-deliver.html
π₯17π3
Google Workspace isnβt secure by default.
Many startups operate with open sharing, broad app access, and limited oversight.
The risk? It often looks completely normal.
See how lean teams are locking it down β https://thehackernews.com/2025/10/is-your-google-workspace-as-secure-as.html
Many startups operate with open sharing, broad app access, and limited oversight.
The risk? It often looks completely normal.
See how lean teams are locking it down β https://thehackernews.com/2025/10/is-your-google-workspace-as-secure-as.html
π₯11π3
AI-driven attacks move faster than humans can react.
The real risk? Teams flying blind.
ANYRUN flips the script β predicting attacks before they strike. 99% unique IOCs. Zero lag. Full context.
Early detection turns panic into power β https://thehackernews.com/2025/10/why-early-threat-detection-is-must-for.html
The real risk? Teams flying blind.
ANYRUN flips the script β predicting attacks before they strike. 99% unique IOCs. Zero lag. Full context.
Early detection turns panic into power β https://thehackernews.com/2025/10/why-early-threat-detection-is-must-for.html
π₯5