matlock.ca // THREAT INTELLIGENCE — 2025-10-01

91Articles

10Categories

2025-10-01Date

🚨

CISOs advised to rethink vulnerability management as exploits sharply riseEnterprise attack surfaces continue to expand rapidly, with more than 20,000 new vulnerabilities disclosed in the first half of 2025, straining already hard-pressed security teams. Nearly 35% (6,992) of these vulnerabilities have publicly available exploit code, according to the …

KEVCSOONLINE.COM — 01 Oct 2025

🐛

Threat actors could retrieve valid usernames from VMware by exploiting vulnerabilities

CSOONLINE.COM — 01 Oct 2025

🐛

48+ Cisco Firewalls Hit by Actively Exploited 0-Day Vulnerability

KEVGBHACKERS.COM — 01 Oct 2025

🐛

Cisco IOS/IOS XE SNMP Vulnerabilities Exploited in Ongoing Attacks, Warns CISA

KEVGBHACKERS.COM — 01 Oct 2025

🐛

Red Hat OpenShift AI Vulnerability Lets Attackers Seize Infrastructure Control

GBHACKERS.COM — 01 Oct 2025

🐛

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

THEHACKERNEWS.COM — 01 Oct 2025

🐛

Microsoft plots new path for Sentinel, adding agentic AI features

CSOONLINE.COM — 01 Oct 2025

🐛

Chinese APT group Phantom Taurus targets gov and telecom organizations

CSOONLINE.COM — 01 Oct 2025

⚠️

$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

THEHACKERNEWS.COM — 01 Oct 2025

⚠️

Don’t drink or drive, say cyberattackers

CSOONLINE.COM — 01 Oct 2025

⚠️

Wie CISOs schlechte Produkte enttarnen

CSOONLINE.COM — 01 Oct 2025

⚠️

CISA 2015 cyber threat info-sharing law lapses amid government shutdown

CSOONLINE.COM — 01 Oct 2025

⚠️

Top 10 Best Autonomous Endpoint Management Software In 2025

GBHACKERS.COM — 01 Oct 2025

⚠️

Government shutdown deepens US cyber risk, exposing networks to threat actors

CSOONLINE.COM — 01 Oct 2025

⚠️

Battering RAM Exploit Bypasses Modern Protections in Intel, AMD Cloud Processors

GBHACKERS.COM — 01 Oct 2025

⚠️

Google Publishes Security Hardening Guide to Counter UNC6040 Threats

GBHACKERS.COM — 01 Oct 2025

⚠️

Future Forward: CIO 2025 Outlook - Cybersecurity, AI, and Economic Uncertainty? - Aman... - BSW #415

YOUTUBE.COM — 2025-10-01

⚠️

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability

SECURITYWEEK.COM — 01 Oct 2025

⚠️

Hackers Abuse EV Certificates to Sign Completely Undetectable DMG Malware

GBHACKERS.COM — 01 Oct 2025

⚠️

Use of Generative AI in Scams

SCHNEIER.COM — 2025-10-01

⚠️

2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

THEHACKERNEWS.COM — 01 Oct 2025

⚠️

Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

THEHACKERNEWS.COM — 01 Oct 2025

⚠️

New FlipSwitch Hooking Method Overcomes Linux Kernel Defenses

GBHACKERS.COM — 01 Oct 2025

⚠️

Smishing Campaigns Exploit Cellular Routers to Target Belgium - Infosecurity Magazine

SH.ITJUST.WORKS — 1 Oct 2025

⚠️

Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

THEHACKERNEWS.COM — 01 Oct 2025

⚠️

Chinese State-Sponsored Hackers Exploiting Network Edge Devices to Harvest Sensitive Data

GBHACKERS.COM — 01 Oct 2025

⚠️

Ukraine Warns of Weaponized XLL Files Delivering CABINETRAT Malware via Zip Archives

GBHACKERS.COM — 01 Oct 2025

⚠️

Get Your Game On! 3 Ways to Use the 2025 Cyberawareness Month Resource Kit

KNOWBE4.COM — 01 Oct 2025

⚠️

Top 10 Best Vulnerability Management Software in 2025

GBHACKERS.COM — 01 Oct 2025

⚠️

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

KEVSH.ITJUST.WORKS — 1 Oct 2025

⚠️

WestJet data breach exposes travel details of 1.2 million customers

BLEEPINGCOMPUTER.COM — 01 Oct 2025

⚠️

Cybersecurity Awareness Month: Security starts with you

MICROSOFT.COM — 01 Oct 2025

⚠️

Microsoft to force install Microsoft 365 companion apps in October

BLEEPINGCOMPUTER.COM — 01 Oct 2025

⚠️

Your favourite phone apps might be leaking your company’s secrets

FORTRA.COM — 01 Oct 2025

⚠️

Smashing Security podcast #437: Salesforce’s trusted domain of doom

GRAHAMCLULEY.COM — 01 Oct 2025

⚠️

Risky Business #809 -- Hackers try to pay a journalist for access to the BBC

RISKY.BIZ — 01 Oct 2025

📋

Multiple NVIDIA Flaws Allow Attackers to Escalate Privileges on Systems

GBHACKERS.COM — 01 Oct 2025

📢

Chinese hacking group ‘Phantom Taurus’ targets governments

INFOSEC.PUB — 1 Oct 2025

📢

Chinese hacking group ‘Phantom Taurus’ targets governments

SH.ITJUST.WORKS — 1 Oct 2025

📢

Cyber-Bedrohungslage in der EU verschärft sich

CSOONLINE.COM — 01 Oct 2025

📢

NIST Publishes Guide for Protecting ICS Against USB-Borne Threats

SECURITYWEEK.COM — 01 Oct 2025

📢

Introducing Sophos Advisory Services

SOPHOS.COM — 01 Oct 2025

📢

How To Simplify CISA's Zero Trust Roadmap with Modern Microsegmentation

BLEEPINGCOMPUTER.COM — 01 Oct 2025

📢

Sudo security advisory (AV25-631)

CYBER.GC.CA — 2025-10-01

🔥

Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs

THEHACKERNEWS.COM — 01 Oct 2025

🔥

New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones

THEHACKERNEWS.COM — 01 Oct 2025

🔥

New DNS Malware ‘Detour Dog’ Uses TXT Records to Deliver Strela Stealer

GBHACKERS.COM — 01 Oct 2025

🔥

The Case for Multidomain Visibility

PALOALTONETWORKS.COM — 01 Oct 2025

🔥

WestJet Confirms Data Breach Exposing Customer Personal Information

GBHACKERS.COM — 01 Oct 2025

🔥

Data breach at Canadian airline WestJet affects 1.2M passengers

TECHCRUNCH.COM — 01 Oct 2025

🔥

Allianz Life says July data breach impacts 1.5 million people

BLEEPINGCOMPUTER.COM — 01 Oct 2025

🔥

Google Drive for desktop gets AI-powered ransomware detection

BLEEPINGCOMPUTER.COM — 01 Oct 2025

🔥

Data breach at dealership software provider impacts 766k clients

BLEEPINGCOMPUTER.COM — 01 Oct 2025

🕵️

ISC Stormcast For Wednesday, October 1st, 2025 https://isc.sans.edu/podcastdetail/9636, (Wed, Oct 1st)

ISC.SANS.EDU — 01 Oct 2025

🕵️

MatrixPDF Campaign Evades Gmail Filters to Deliver Malicious Payloads

GBHACKERS.COM — 01 Oct 2025

🕵️

Google Gemini Vulnerabilities Let Hackers Steal Saved Data and Live Location

GBHACKERS.COM — 01 Oct 2025

🕵️

Beijing-backed burglars master .NET to target government web servers

SH.ITJUST.WORKS — 1 Oct 2025

🕵️

Microsoft Sentinel Launches AI-Driven Agentic SIEM Platform for Enterprise Security

GBHACKERS.COM — 01 Oct 2025

🕵️

Battering RAM Attack Breaks Intel and AMD Security Tech With $50 Device

SECURITYWEEK.COM — 01 Oct 2025

🕵️

Spotlight report: Securing the cloud

US.RESOURCES.CSOONLINE.COM — 01 Oct 2025

🕵️

Industry groups worry about cyber info sharing as key US law is set to expire | Reuters

SH.ITJUST.WORKS — 1 Oct 2025

🕵️

Cybersecurity Awareness Month 2025:Prioritizing Identity to Safeguard Critical Infrastructure

SECURITYWEEK.COM — 01 Oct 2025

🕵️

SVG Security Analysis Toolkit to Detect Malicious Scripts Hidden in SVG files

SH.ITJUST.WORKS — 1 Oct 2025

🕵️

Descope Raises $35 Million in Seed Round Extension

SECURITYWEEK.COM — 01 Oct 2025

🕵️

New Malware-as-a-Service Olymp Loader Promises Defender-Bypass With Automatic Certificate Signing

SH.ITJUST.WORKS — 1 Oct 2025

🕵️

'Trifecta' of Gemini Flaws Turn AI Into Attack Vehicle

SH.ITJUST.WORKS — 1 Oct 2025

🕵️

Canadian Airline WestJet Says Hackers Stole Customer Data

SECURITYWEEK.COM — 01 Oct 2025

🕵️

Chinese APT ‘Phantom Taurus’ Targeting Organizations With Net-Star Malware

SECURITYWEEK.COM — 01 Oct 2025

🕵️

Top 100 World’s Best Cybersecurity Companies in 2025

GBHACKERS.COM — 01 Oct 2025

🕵️

Malicious PyPI Package Mimics as SOCKS5 Proxy Tool Attacking Windows Platforms

GBHACKERS.COM — 01 Oct 2025

🕵️

Senior Travel Scams Used by Threat Actors to Distribute Datzbro Malware

GBHACKERS.COM — 01 Oct 2025

🕵️

Going DEEP: A Simple Framework for a Complex Problem

KNOWBE4.COM — 01 Oct 2025

🕵️

OpenSSL Vulnerabilities Allow Private Key Recovery, Code Execution, DoS Attacks

SECURITYWEEK.COM — 01 Oct 2025

🕵️

Building Trust in AI: KnowBe4's Journey Toward ISO 42001 Certification

KNOWBE4.COM — 01 Oct 2025

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 1 Oct 2025

🕵️

'Delightful' Red Hat OpenShift AI bug allows full takeover

INFOSEC.PUB — 1 Oct 2025

🕵️

US gov shutdown leaves IT projects hanging, security defenders a skeleton crew

INFOSEC.PUB — 1 Oct 2025

🌐

New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

THEHACKERNEWS.COM — 01 Oct 2025

🌐

Android malware uses VNC to give attackers hands-on access

BLEEPINGCOMPUTER.COM — 01 Oct 2025

🌐

Adobe Analytics bug leaked customer tracking data to other tenants

BLEEPINGCOMPUTER.COM — 01 Oct 2025

🎙️

50,000 Cisco Firewalls Exposed

CYBERSECURITYTODAY.LIBSYN.COM — 01 Oct 2025

📡

How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

THEHACKERNEWS.COM — 01 Oct 2025

📡

Microsoft: Media Creation Tool broken on Windows 11 Arm64 PCs

BLEEPINGCOMPUTER.COM — 01 Oct 2025

📡

Final 3 days to score extra discounts on community passes to TechCrunch Disrupt 2025

TECHCRUNCH.COM — 01 Oct 2025

📡

UK government tries again to access encrypted Apple customer data: report

TECHCRUNCH.COM — 01 Oct 2025

📡

F-Droid project threatened by Google's new dev registration rules

BLEEPINGCOMPUTER.COM — 01 Oct 2025

📡

New bug in classic Outlook can only be fixed via Microsoft support

BLEEPINGCOMPUTER.COM — 01 Oct 2025

📡

Anker offered to pay Eufy camera owners to share videos for training its AI

TECHCRUNCH.COM — 01 Oct 2025

📡

Emails claim Oracle data theft in new Clop-linked extortion campaign

BLEEPINGCOMPUTER.COM — 01 Oct 2025

📡

Clop extortion emails claim theft of Oracle E-Business Suite data

BLEEPINGCOMPUTER.COM — 01 Oct 2025

📡

Cybersecurity Awareness Month 2025: Knowledge is power

WELIVESECURITY.COM — 01 Oct 2025