🚨 CISA KEV 1[−]
29 Sep KEVCISA Adds Five Known Exploited Vulnerabilities to CatalogCISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2021-21311 Adminer Server-Side Request Forgery Vulnerability CVE-2025-20352 Cisco IOS and IOS XE Stack-based Buffer Overflow Vulnerab…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
29 SepNotepad++ DLL Hijack Flaw Lets Attackers Run Malicious CodeSecurity researchers have identified a critical DLL hijacking vulnerability in Notepad++ version 8.8.3, tracked as CVE-2025-56383. This flaw enables attackers to execute arbitrary code by replacing legitimate Dynamic Link Library (DLL) files within the application’s plugin …GBHACKERS.COM
29 SepSUSE Rancher Flaws Allow Attackers to Lock Out Admin AccountsA critical security vulnerability in SUSE Rancher Manager has been discovered that enables attackers with elevated privileges to lock out administrative accounts, potentially disrupting entire Kubernetes cluster management operations. The flaw, tracked as CVE-2024-58260, car…GBHACKERS.COM
29 SepWhatsApp 0-Click Flaw Abused via Malicious DNG Image FileA newly discovered zero-click remote code execution (RCE) vulnerability in WhatsApp is putting millions of Apple users at risk. Researchers from DarkNavyOrg have demonstrated a proof-of-concept (PoC) exploit that leverages two distinct flaws to compromise iOS, macOS, an…GBHACKERS.COM
29 SepChinese hackers breached critical infrastructure globally using enterprise network gearA Chinese state-sponsored hacker group called RedNovember has conducted a global espionage campaign targeting critical infrastructure between June 2024 and July 2025, compromising defense contractors, government agencies, and major corporations while exploiting vulnerabilities fa…CSOONLINE.COM
29 SepAttackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035) - Help Net Securitysubmitted by kid to cybersecurity 2 points | 0 comments https://www.helpnetsecurity.com/2025/09/26/fortra-goanywhere-zero-day-cve-2025-10035/SH.ITJUST.WORKS
29 SepIncrease in Scans for Palo Alto Global Protect Vulnerability (CVE-2024-3400), (Mon, Sep 29th)We are all aware of the abysmal state of security appliances, no matter their price tag. Ever so often, we see an increase in attacks against some of these vulnerabilities, trying to mop up systems missed in earlier exploit waves. Currently, on source in particular, %%i…ISC.SANS.EDU
29 SepApple Patches Single Vulnerability CVE-2025-43400, (Mon, Sep 29th)It is typical for Apple to release a ".0.1" update soon after releasing a major new operating system. These updates typically fix various functional issues, but this time, they also fix a security vulnerability. The security vulnerability not only affects the "26" releases of iOS…ISC.SANS.EDU
⚠️ VULNERABILITY DISCLOSURE 25[−]
29 SepLockbit Is BackEmerging Cybersecurity Threats: Lockbit 5.0, Salesforce AI Vulnerabilities, and China's Cyber Intelligence Advancements In this episode of 'Cybersecurity Today,' host Jim Love discusses the latest cybersecurity threats, including the emergence of Lockbit 5.0 ransomware which can …CYBERSECURITYTODAY.LIBSYN.COM
29 SepGoogle Project Zero Discloses Apple Vulnerability Allowing ASLR BypassGoogle Project Zero researcher Jann Horn has disclosed a novel vulnerability in Apple’s macOS and iOS systems that could potentially allow attackers to bypass Address Space Layout Randomization (ASLR) protections through pointer leaks in serialization processes. Vulnerabili…GBHACKERS.COM
29 SepThreat Actors Exploiting Dynamic DNS Providers for Malicious ActivityCybersecurity researchers have identified a growing trend where threat actors are increasingly exploiting Dynamic DNS providers to host malicious infrastructure, posing significant risks to enterprise organizations worldwide. Dynamic DNS providers, also known as publicly rentable…GBHACKERS.COM
29 SepSVG Files Abused to Deploy PureMiner Malware and Exfiltrate DataCybercriminals are exploiting SVG files as an initial attack vector in a multi-stage campaign designed to impersonate Ukrainian government communications. FortiGuard Labs has uncovered a sophisticated phishing campaign targeting Ukrainian government agencies through malicious Sca…GBHACKERS.COM
29 SepAgentic AI in IT security: Where expectations meet realityAgentic AI has quickly shifted from lab demos to real-world security operations centers (SOC) deployments. Unlike traditional automation scripts, autonomous software agents are designed to act on signals and execute security workflows intelligently, correlating logs, enriching al…CSOONLINE.COM
29 SepCoherence: Insider risk strategy’s new core principleI have been addressing insiders and insider risks for the better part of 40 years. Different names, same issue: Those breaking trust and those making mistakes both lead to undesirable outcomes. In addressing insider risk I can attest, there is no shortage of frameworks, nor produ…CSOONLINE.COM
29 SepFormbricks Signature Verification Flaw Lets Attackers Reset User PasswordsA critical vulnerability in the open source Formbricks experience management toolbox allows attackers to reset any user’s password without authorization. Published three days ago as advisory GHSA-7229-q9pv-j6p4 by maintainer mattinannt, the flaw stems from missing JWT s…GBHACKERS.COM
29 SepCybercriminals Exploit Facebook and Google Ads as Tools for Stealing Sensitive DataCybercriminals expand malvertising campaigns from Facebook to Google Ads and YouTube, hijacking accounts to distribute crypto-stealing malware targeting financial platform users worldwide. A sophisticated malvertising campaign that initially targeted Facebook users with fake Trad…GBHACKERS.COM
29 SepLive interviews from Oktane 2025: threats, AI in apps, and AI in cybersecurity tools -... - ESW #426How identity security can keep pace with the evolving threat landscape, with Brett Winterford Today’s threat landscape has never been more complex. Malicious actors are leveraging tools like generative AI to develop more creative social engineering attacks that can have serious r…YOUTUBE.COM
29 SepAkira Ransomware’s Exploitation of SonicWall Vulnerability ContinuesIn one attack, the hackers leveraged the Datto RMM utility on a domain controller and various other legitimate tools to evade detection. The post Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues appeared first on SecurityWeek .SECURITYWEEK.COM
29 SepDutch Teens Arrested for Allegedly Helping Russian HackersOne of the two 17-year-old boys allegedly walked by law enforcement and embassy offices carrying a Wi-Fi sniffer. The post Dutch Teens Arrested for Allegedly Helping Russian Hackers appeared first on SecurityWeek .SECURITYWEEK.COM
29 SepHackers Exploit Weaponized Microsoft Teams Installer to Deploy Oyster MalwareA sophisticated malvertising campaign has been targeting organizations through a weaponized Microsoft Teams installer that delivers the dangerous Oyster malware, according to a recent investigation by cybersecurity experts. The attack demonstrates an alarming evolution in threat …GBHACKERS.COM
29 SepForensic-timeliner: A Windows Forensics Tool for DFIR InvestigatorsForensic-Timeliner is a fast, open-source command-line tool designed to help digital forensics and incident response (DFIR) teams quickly build a unified timeline of Windows artifacts. By automatically collecting, filtering, and merging CSV output from popular triage tools, it cr…GBHACKERS.COM
29 SepXWorm campaign shows a shift toward fileless malware and in-memory evasion tacticsIn a newly disclosed multi-stage threat campaign, attackers were seen skipping disk and leaning on in-memory tricks to deliver the XWorm remote access trojan (RAT). According to Forcepoint Labs’ findings, the campaign uses an encrypted shellcode that executes a .NET dropper and r…CSOONLINE.COM
29 SepCloud Security Alliance führt neues SaaS-Framework einMit dem SaaS Security Capability Framework (SSCF) hat die Cloud Security Alliance (CSA) einen neunen Sicherheitsstandart festgelegt. Danielala – shutterstock.com Das SaaS Security Capability Framework (SSCF) der Cloud Security Alliance (CSA) soll SaaS-Anbietern dabei helfen, Zero…CSOONLINE.COM
29 Sep⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & MoreCybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway. From hidden software bugs to massive DDoS attacks and new ransomware tricks, this week’s roundup gives you the biggest security moves to know. Whether you’re prote…THEHACKERNEWS.COM
29 SepNew TamperedChef Malware Exploits Productivity Tools to Access and Exfiltrate Sensitive DataA sophisticated malware campaign dubbed “TamperedChef” is exploiting trojanized productivity tools—disguised as seemingly benign applications—to bypass security controls, establish persistence, and siphon sensitive information from targeted systems. On September 22, 2025, Field E…GBHACKERS.COM
29 SepCan We Trust AI To Write Vulnerability Checks? Here's what we foundCan AI speed up writing vulnerability checks without sacrificing quality? Intruder put it to the test. Their researchers found where AI helps, where it falls short, and why human oversight is still critical. See what they discovered in practice. [...]BLEEPINGCOMPUTER.COM
29 SepCISA and UK NCSC Release Joint Guidance for Securing OT SystemsCISA, in collaboration with the Federal Bureau of Investigation, the United Kingdom’s National Cyber Security Centre, and other international partners has released new joint cybersecurity guidance: [Creating and Maintaining a Definitive View of Your Operational Technology (OT) Ar…CISA.GOV
29 SepHarrods suffers new data breach exposing 430,000 customer recordsUK retail giant Harrods has disclosed a new cybersecurity incident after hackers compromised a third-party supplier and stole 430,000 records with sensitive e-commerce customer information. [...]BLEEPINGCOMPUTER.COM
29 SepNew Botnet Loader-as-a-Service Exploiting Routers and IoT Devices to Deploy Mirai Payloadssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/new-botnet-loader-as-a-service-exploiting-routers/SH.ITJUST.WORKS
29 SepUK govt backs JLR with £1.5 billion loan guarantee after cyberattackThe UK Government is providing Jaguar Land Rover (JLR) with a £1.5 billion loan guarantee to restore its supply chain after a catastrophic cyberattack forced the automaker to halt production. [...]BLEEPINGCOMPUTER.COM
29 SepThreat Actors Exploiting SonicWall Firewalls to Deploy Akira Ransomware Using Malicious Loginssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/sonicwall-firewalls-akira-ransomware/SH.ITJUST.WORKS
29 SepCISA Strengthens Commitment to SLTT GovernmentsThe Cybersecurity and Infrastructure Security Agency (CISA) announced that it has transitioned to a new model to better equip state, local, tribal, and territorial (SLTT) governments to strengthen shared responsibility nationwide. CISA is supporting our SLTT partners with access …CISA.GOV
29 SepJapan's largest brewer suspends operations due to cyberattackAsahi Group Holdings, Ltd (Asahi), the brewer of Japan's top-selling beer, has disclosed a cyberattack that disrupted several of its operations. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 10[−]
29 SepCSO30 Awards 2025 celebrate Australia’s top cybersecurity leadersAustralia’s top cybersecurity leaders and their teams have been recognised at this year’s CSO30 Awards. Held in conjunction with the CIO50 , the CSO30 Australia Awards is aligned to Foundry’s global awards program and celebrates the leading individuals and organisations deliverin…CSOONLINE.COM
🔥 INCIDENT REPORTING 11[−]
29 SepWelcoming CERN to Have I Been PwnedPresently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite It's hard to explain the significance of CERN. It's the birthplace of the World Wide Web and the home of the largest machine …TROYHUNT.COM
29 SepCyberattack on JLR Prompts £1.5 Billion UK Government InterventionThe government has announced a support package, but a cybersecurity expert has raised some concerns. The post Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention appeared first on SecurityWeek .SECURITYWEEK.COM
29 SepAbusing Notion’s AI Agent for Data TheftNotion just released version 3.0, complete with AI agents. Because the system contains Simon Willson’s lethal trifecta , it’s vulnerable to data theft though prompt injection. First, the trifecta: The lethal trifecta of capabilities is: Access to your private data …SCHNEIER.COM
29 SepCybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login AttemptsSecurity teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours—dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication—often originatin…GBHACKERS.COM
29 SepBeijing's RedNovember hacked critical US, global orgssubmitted by kid to cybersecurity 1 points | 0 comments https://www.theregister.com/2025/09/27/rednovember_chinese_espionage/SH.ITJUST.WORKS
29 SepJaguar Land Rover Confirms Gradual Restart of Operations Post-CyberattackJaguar Land Rover (JLR) has announced the controlled resumption of manufacturing operations following a significant cyberattack that disrupted its production facilities. The British luxury automaker confirmed that some sections of its manufacturing operations will resume in the c…GBHACKERS.COM
29 SepUK government bails out Jaguar Land Rover with £1.5B loan after hack disrupts vehicle production for weeksThe Indian-owned carmaking giant will be bailed out after a cyberattack stalled car production and its downstream supply chain. Critics argue that the bailout sends the wrong message to hackers and crime groups.TECHCRUNCH.COM
29 SepMedusa Ransomware Claims Comcast Data Breach, Demands $1.2Msubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/medusa-ransomware-comcast-data-breach/SH.ITJUST.WORKS
29 SepHarrods Reveals Supply Chain Breach Impacting Online Customerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/harrods-supply-chain-breach-online/SH.ITJUST.WORKS
29 SepRansomware gang sought BBC reporter’s help in hacking media giantThreat actors claiming to represent the Medusa ransomware gang tempted a BBC correspondent to become an insider threat by offering a significant amount of money. [...]BLEEPINGCOMPUTER.COM
29 SepThis month in security with Tony Anscombe – September 2025 editionThe past 30 days have seen no shortage of new threats and incidents that brought into sharp relief the need for well-thought-out cyber-resilience plansWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 15[−]
29 SepISC Stormcast For Monday, September 29th, 2025 https://isc.sans.edu/podcastdetail/9632, (Mon, Sep 29th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
29 SepTwo Dutch Teenagers Arrested for Wi-Fi Sniffing ActivitiesDutch authorities have arrested two 17-year-old boys on suspicion of “state interference” in a cybersecurity case with alleged connections to Russian espionage operations. The teenagers appeared in court on Thursday, with one remanded in custody and the other placed u…GBHACKERS.COM
29 SepJunge Onliner tappen oft in Phishing-FallenLaut einer Umfrage fällt die jüngere Generation leichter auf Phishing herein. janews – shutterstock.com Obwohl sie digital versierter sind als jede andere Generation, fallen auch jüngere Onliner – die sogenannten Digital Natives – vergleichsweise leicht auf Betrugsmaschen im Netz…CSOONLINE.COM
29 SepNew ModStealer Evades Antivirus, Targets macOS Users to Steal Sensitive DataA sophisticated new malware strain targeting macOS users has emerged, capable of bypassing traditional antivirus solutions while specifically targeting developers and cryptocurrency holders. The cross-platform threat, dubbed ModStealer, represents the latest evolution in macOS-fo…GBHACKERS.COM
29 SepAgentic AI and the Looming Board-Level Security CrisisPrevent an Agentic AI security crisis. Learn why governance, clear outcomes and strong guardrails are essential for AI project success. The post Agentic AI and the Looming Board-Level Security Crisis appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
29 SepNew Olymp Loader Malware-as-a-Service Promises Defender Bypass with Auto Certificate SigningOlymp Loader, a newly emerged Malware-as-a-Service (MaaS) offering, has rapidly gained traction across underground forums and Telegram since its debut on June 5, 2025. Developed by a trio of seasoned Assembly coders under the alias “OLYMPO,” the loader boasts fully Assembly-based…GBHACKERS.COM
29 SepSafeHill Emerges from Stealth With $2.6 Million Pre-Seed FundingCo-founder Hector Monsegur, formerly known as “Sabu,” a black hat hacker and leader of LulzSec, now serves as SafeHill’s chief research officer. The post SafeHill Emerges from Stealth With $2.6 Million Pre-Seed Funding appeared first on SecurityWeek .SECURITYWEEK.COM
29 SepThreatBook Launches Best-of-Breed Advanced Threat Intelligence SolutionSingapore, Singapore, September 29th, 2025, CyberNewsWire ThreatBook, a global leader in cyber threat intelligence, detection and response, today announced the worldwide launch[1] of ThreatBook Advanced Threat Intelligence (“ThreatBook ATI”). Spearheaded from its offices in Singa…GBHACKERS.COM
29 SepAcreed Infostealer Gaining Popularity Among Cybercriminals for C2 via Steam PlatformAcreed, a novel infostealer first observed in February 2025, has rapidly gained traction among threat actors seeking discreet credential and cryptocurrency data harvesting. Leveraging a unique command-and-control (C2) mechanism via the Steam platform’s community profiles, Acreed …GBHACKERS.COM
29 SepFake Microsoft Teams installers push Oyster malware via malvertisingsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/fake-microsoft-teams-installers-push-oyster-malware-via-malvertising/SH.ITJUST.WORKS
29 SepNew Spear-Phishing Attack Deploys DarkCloud Malware to Steal Keystrokes and CredentialsAdversaries don’t work 9–5 and neither do we. At eSentire, our 24/7 SOCs are staffed with elite threat hunters and cyber analysts who hunt, investigate, contain and respond to threats within minutes. Backed by threat intelligence, tactical threat response and advanced threat anal…GBHACKERS.COM
29 SepGoogle Ads Used to Spread Trojan Disguised as TradingView Premiumsubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/tradingview-scam-expands-to-google-youtube/SH.ITJUST.WORKS
29 SepEvilAI Malware Masquerades as AI Tools to Infiltrate Global OrganizationsThreat actors have been observed using seemingly legitimate artificial intelligence (AI) tools and software to sneakily slip malware for future attacks on organizations worldwide. According to Trend Micro, the campaign is using productivity or AI-enhanced tools to deliver malware…THEHACKERNEWS.COM
29 SepNews Alert: ThreatBook launches ATI Platform, targets gaps in Asia-Pacific threat detectionSINGAPORE, Sept. 29, 2025, CyberNewswire — ThreatBook , a global leader in cyber threat intelligence, detection and response, today announced the worldwide launch[1] of ThreatBook Advanced Threat Intelligence (“ThreatBook ATI”). Spearheaded from its offices in Singapore and Hong …LASTWATCHDOG.COM
29 SepNew Olymp Loader Malware-as-a-Service Promises Defender Bypass with Auto Certificate Signingsubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/new-olymp-loader/SH.ITJUST.WORKS
🌐 CYBER THREAT LANDSCAPE 3[−]
29 SepFirst Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP PackageCybersecurity researchers have discovered what has been described as the first-ever instance of a Model Context Protocol (MCP) server spotted in the wild, raising software supply chain risks. According to Koi Security, a legitimate-looking developer managed to slip in rogue code …THEHACKERNEWS.COM
29 SepThe State of AI in the SOC 2025 - Insights from Recent StudySecurity leaders are embracing AI for triage, detection engineering, and threat hunting as alert volumes and burnout hit breaking points. A comprehensive survey of 282 security leaders at companies across industries reveals a stark reality facing modern Security Operations Center…THEHACKERNEWS.COM
29 SepIntroducing the CASI LeaderboardExplore the new AI security index for emerging trends in AI security.F5.COM
📡 INFOSEC NEWS 9[−]
29 SepMicrosoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email SecurityMicrosoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated using large language models (LLMs) to obfuscate payloads and evade security defenses. "Appearing to be aided by a large language model (LL…THEHACKERNEWS.COM
29 SepJoint guidance on creating and maintaining a definitive view of your operational technology architectureThis joint guidance has been developed with contributions from partnering agencies and is part of a series of publications aiming to draw attention to the importance of cyber security in operational technology.CYBER.GC.CA
29 SepOpenAI is routing GPT-4o to safety models when it detects harmful activitiesOver the weekend, some people noticed that GPT-4o is routing requests to an unknown model out of nowhere. Turns out it's a "safety" feature. [...]BLEEPINGCOMPUTER.COM
29 SepHow to set up anti-phishing security in Kaspersky for Android | Kaspersky official blogWe show you how to set up all three layers of the updated anti-phishing protection in Kaspersky for Android.KASPERSKY.COM
29 SepWhat is security hardening? | Kaspersky official blogHow to avert potential threats by configuring organizations’ systems and networks the right way.KASPERSKY.COM
29 SepChatGPT tests free trial for paid plans, rolls out cheaper Go in more regionsOpenAI is offering some users a free trial for ChatGPT Plus, which costs $20. In addition, $4 GPT Go is now available in Indonesia. [...]BLEEPINGCOMPUTER.COM
29 SepBrave launches 'Ask Brave' feature to fuse AI with traditional searchBrave Software, the creator of the privacy-focused web browser and search engine, has introduced a new subsystem called Ask Brave that unifies search and AI chat into a single interface. [...]BLEEPINGCOMPUTER.COM
29 SepSophos named a Leader in the IDC MarketScape™: Worldwide Extended Detection and Response (XDR) Software 2025A milestone that reflects our progress.SOPHOS.COM
29 SepUK convicts "Bitcoin Queen" in world’s largest cryptocurrency seizureThe Metropolitan Police has secured a conviction in what is believed to be the world's largest cryptocurrency seizure, valued at more than £5.5 billion ($7.3 billion). [...]BLEEPINGCOMPUTER.COM