⚠️ VULNERABILITY DISCLOSURE 7[−]
4 OctExtortion gang opens data leak site to squeeze victims of its Salesforce attacksThe Scattered Lapsus$ Hunters gang, which says it has stolen data from the Salesforce instances of dozens of international companies in recent months, upped its extortion game today by listing their names on a new data leak site. The list of alleged victims includes Salesforce it…CSOONLINE.COM
4 OctPoC exploit Released for VMware Workstation guest-to-host escape Vulnerabilitysubmitted by cm0002 to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/vmware-workstation-vulnerability/INFOSEC.PUB
4 OctOctober Cybersecurity Month in Review: Insider Threats, AI's Role, and Cybercrime TrendsIn this episode of 'Cybersecurity Today: Our Month in Review,' host Jim welcomes a panel including Tammy Harper from Flair, Laura Payne from White Tuque, and David Shipley, CEO of Beauceron Securities. The discussion kicks off with an overview of their plans for Cybersecurity Mon…CYBERSECURITYTODAY.LIBSYN.COM
4 OctScanning Activity on Palo Alto Networks Portals Jump 500% in One DayThreat intelligence firm GreyNoise disclosed on Friday that it has observed a spike in scanning activity targeting Palo Alto Networks login portals. The company said it observed a nearly 500% increase in IP addresses scanning Palo Alto Networks login portals on October 3, 2025, t…THEHACKERNEWS.COM
4 OctShinyHunters launches Salesforce data leak site to extort 39 victimssubmitted by BrikoX to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/shinyhunters-starts-leaking-data-stolen-in-salesforce-attacks/ An extortion group has launched a new data leak site to publicly extort dozens of companies impacted by a wave …SH.ITJUST.WORKS
4 OctCommetJacking attack tricks Comet browser into stealing emailssubmitted by BrikoX to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/commetjacking-attack-tricks-comet-browser-into-stealing-emails/ A new attack called ‘CometJacking’ exploits URL parameters to pass to Perplexity’s Comet AI browser hidden ins…SH.ITJUST.WORKS
4 OctCometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data ThiefCybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity's agentic AI browser Comet by embedding malicious prompts within a seemingly innocuous link to siphon sensitive data, including from connected services, like email and calend…THEHACKERNEWS.COM
🔥 INCIDENT REPORTING 4[−]
4 OctArtists&Clients - 95,351 breached accountsIn August 2025, the "marketplace that connects artists to prospective clients" Artists&Clients, suffered a data breach and subsequent ransom demand of US$50k . The data was subsequently leaked publicly and included 95k unique email addresses alongside usernames, IP addresses …HAVEIBEENPWNED.COM
4 Oct3rd Party Providing Discord Customer Service Breachedsubmitted by HexesofVexes to cybersecurity 1 points | 0 comments https://www.theverge.com/news/792032/discord-customer-service-data-breach-hack “Age verification is 100% safe” (!)SH.ITJUST.WORKS
4 OctHackers steal identifiable Discord user data in third-party breachHackers stole partial payment information and personally identifying data associated with some Discord users after compromising a third-party customer service provider. [...]BLEEPINGCOMPUTER.COM
4 OctDiscord discloses data breach after hackers steal support ticketsHackers stole partial payment information and personally identifiable data, including names and government-issued IDs, from some Discord users after compromising a third-party customer service provider. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 1[−]
4 OctLeaked Apple iPad Pro M5 benchmark shows it's faster than some laptop CPUsA new leaked benchmark shows Apple's alleged M5 chip on an iPad, and it's almost as fast as a desktop CPU. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 7[−]
4 OctMassive surge in scans targeting Palo Alto Networks login portalsA spike in suspicious scans targeting Palo Alto Networks login portals indicates clear reconnaissance efforts from suspicious IP addresses, researchers warn. [...]BLEEPINGCOMPUTER.COM
4 OctOpenAI prepares $4 ChatGPT Go for several new countriesOpenAI has been testing a new, cheaper ChatGPT plan called "Go," and it's now rolling out to more regions. [...]BLEEPINGCOMPUTER.COM
4 OctEvent startup Partiful wasn’t stripping GPS locations from user-uploaded photosThe event planning startup, which has raised over $27M from a16z and others, fixed the bug after TechCrunch found that Partiful was not removing granular location data from users' profile photos.TECHCRUNCH.COM
4 OctOpenAI wants ChatGPT to be your emotional supportGPT-5 isn't as good as GPT-4o when it comes to emotional support, but that changes today. [...]BLEEPINGCOMPUTER.COM
4 OctChatGPT social could be a thing, as leak shows direct messages supportOpenAI doesn't want ChatGPT to remain just a chatbot for interacting with a large language model. [...]BLEEPINGCOMPUTER.COM
4 OctOpenAI rolls out GPT Codex Alpha with early access to new modelsOpenAI's Codex is already making waves in the vibe coding vertical, and it's now set to get even better. [...]BLEEPINGCOMPUTER.COM
4 OctLeaked Apple iPad Pro M5 benchmark shows massive improvementsA new leaked benchmark shows Apple's alleged M5 chip on an iPad, and it's almost as fast as a desktop CPU. [...]BLEEPINGCOMPUTER.COM