277Articles
9Categories
2025-10-14Date
🚨 CISA KEV 1[−]
14 Oct KEVCISA Adds Five Known Exploited Vulnerabilities to CatalogCISA has added five new vulnerabilities to its  Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2016-7836 SKYSEA Client View Improper Authentication Vulnerability CVE-2025-6264 Rapid7 Velociraptor Incorrect Default Permissions Vu…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 179[−]
14 OctElastic Cloud Enterprise Flaw Lets Attackers Run Malicious CommandsElastic has released a critical security update for Elastic Cloud Enterprise (ECE) addressing a template engine injection flaw that could allow attackers with admin privileges to execute arbitrary commands and exfiltrate sensitive data. Tracked as CVE-2025-37729 and rated CVSS 9.…GBHACKERS.COM
14 Oct KEVOracle issues second emergency patch for E-Business Suite in two weeksOracle has issued its second emergency security update in less than two weeks for its E-Business Suite (EBS), patching a high-severity information disclosure vulnerability that security experts warn could become the next target for ransomware groups already circling the widely de…CSOONLINE.COM
14 OctSonicWall VPNs face a breach of their own after the September cloud-backup falloutJust weeks after SonicWall disclosed an incident that exposed data from its MySonicWall cloud backup platform, new findings from Huntress suggest the situation is far from over — this time pointing to a fresh wave of SonicWall SSLVPN compromises. According to Huntress, a new roun…CSOONLINE.COM
14 OctSAP NetWeaver Memory Corruption Flaw Lets Attackers Send Corrupted Logon TicketsA newly disclosed vulnerability in SAP NetWeaver AS ABAP and ABAP Platform (CVE-2025-42902) allows unauthenticated attackers to crash server processes by sending malformed SAP Logon or SAP Assertion Tickets. Rated Medium severity with a 5.3 CVSS 3.1 score, the…GBHACKERS.COM
14 OctPolarEdge C2 Communication via Custom Binary Protocol with Custom TLS ServerIn early 2025, security researchers unveiled a sophisticated botnet implant named PolarEdge, which relies on a bespoke TLS server and a proprietary binary protocol to carry out unauthenticated command-and-control operations. PolarEdge first emerged in January 2025 when honeypots …GBHACKERS.COM
14 Oct KEVOracles silently fixes zero-day exploit leaked by ShinyHuntersOracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. [...]BLEEPINGCOMPUTER.COM
14 OctCVE-2025-47989 Azure Connected Machine Agent Elevation of Privilege VulnerabilityImproper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-48004 Microsoft Brokering File System Elevation of Privilege VulnerabilityUse after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-50174 Windows Device Association Broker Service Elevation of Privilege VulnerabilityUse after free in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-53782 Microsoft Exchange Server Elevation of Privilege VulnerabilityIncorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55247 .NET Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55315 ASP.NET Security Feature Bypass VulnerabilityInconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-24990 Windows Agere Modem Driver Elevation of Privilege VulnerabilityMicrosoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. **Fax mod…MSRC.MICROSOFT.COM
14 OctCVE-2025-24052 Windows Agere Modem Driver Elevation of Privilege VulnerabilityMicrosoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. **Fax mod…MSRC.MICROSOFT.COM
14 OctCVE-2025-55320 Configuration Manager Elevation of Privilege VulnerabilityImproper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55325 Windows Storage Management Provider Information Disclosure VulnerabilityBuffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55333 Windows BitLocker Security Feature Bypass VulnerabilityIncomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
14 OctCVE-2025-55335 Windows NTFS Elevation of Privilege VulnerabilityUse after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55336 Windows Cloud Files Mini Filter Driver Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55338 Windows BitLocker Security Feature Bypass VulnerabilityMissing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
14 OctCVE-2025-55339 Windows Network Driver Interface Specification Driver Elevation of Privilege VulnerabilityOut-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55340 Windows Remote Desktop Protocol Security Feature BypassImproper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55676 Windows USB Video Class System Driver Information Disclosure VulnerabilityGeneration of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55677 Windows Device Association Broker Service Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55681 Desktop Windows Manager Elevation of Privilege VulnerabilityOut-of-bounds read in Windows DWM allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55685 Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityUse after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55686 Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityUse after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55687 Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS) allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55689 Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityUse after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55700 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityOut-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-55701 Windows Authentication Elevation of Privilege VulnerabilityImproper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58715 Windows Speech Runtime Elevation of Privilege VulnerabilityInteger overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58716 Windows Speech Runtime Elevation of Privilege VulnerabilityImproper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58717 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityOut-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-58719 Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityUse after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58722 Microsoft DWM Core Library Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58728 Windows Bluetooth Service Elevation of Privilege VulnerabilityUse after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58732 Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityUse after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58735 Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityUse after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59185 NTLM Hash Disclosure Spoofing VulnerabilityExternal control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59186 Windows Kernel Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59195 Microsoft Graphics Component Denial of Service VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to deny service locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59196 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59199 Software Protection Platform (SPP) Elevation of Privilege VulnerabilityImproper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59200 Data Sharing Service Spoofing VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59201 Network Connection Status Indicator (NCSI) Elevation of Privilege VulnerabilityImproper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59202 Windows Remote Desktop Services Elevation of Privilege VulnerabilityUse after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59204 Windows Management Services Information Disclosure VulnerabilityUse of uninitialized resource in Windows Management Services allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59207 Windows Kernel Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59211 Windows Push Notification Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59228 Microsoft SharePoint Remote Code Execution VulnerabilityImproper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59231 Microsoft Excel Remote Code Execution VulnerabilityAccess of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59233 Microsoft Excel Remote Code Execution VulnerabilityAccess of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59234 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59235 Microsoft Excel Information Disclosure VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59236 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59237 Microsoft SharePoint Remote Code Execution VulnerabilityDeserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59242 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-49708 Microsoft Graphics Component Elevation of Privilege VulnerabilityUse after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59243 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59249 Microsoft Exchange Server Elevation of Privilege VulnerabilityWeak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59250 JDBC Driver for SQL Server Spoofing VulnerabilityImproper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59254 Microsoft DWM Core Library Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59255 Windows DWM Core Library Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-54957 MITRE CVE-2025-54957: Integer overflow in Dolby Digital Plus audio decoderDeserialization of untrusted data in Microsoft Windows Codecs Library allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59257 Windows Local Session Manager (LSM) Denial of Service VulnerabilityImproper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59258 Windows Active Directory Federation Services (ADFS) Information Disclosure VulnerabilityInsertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59259 Windows Local Session Manager (LSM) Denial of Service VulnerabilityImproper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59277 Windows Authentication Elevation of Privilege VulnerabilityImproper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59280 Windows SMB Client Tampering VulnerabilityImproper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-47979 Microsoft Failover Cluster Information Disclosure VulnerabilityInsertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-54132 GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram ToolCursor is a code editor built for programming with AI. In versions below 1.3, Mermaid (which is used to render diagrams) allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attack…MSRC.MICROSOFT.COM
14 OctCVE-2025-59281 Xbox Gaming Services Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in XBox Gaming Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59282 Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59284 Windows NTLM Spoofing VulnerabilityExposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59288 Playwright Spoofing VulnerabilityImproper verification of cryptographic signature in GitHub allows an unauthorized attacker to perform spoofing over an adjacent network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59290 Windows Bluetooth Service Elevation of Privilege VulnerabilityUse after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59291 Confidential Azure Container Instances Elevation of Privilege VulnerabilityExternal control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59292 Azure Compute Gallery Elevation of Privilege VulnerabilityExternal control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59294 Windows Taskbar Live Preview Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack.MSRC.MICROSOFT.COM
14 OctCVE-2025-59295 Windows URL Parsing Remote Code Execution VulnerabilityHeap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59494 Azure Monitor Agent Elevation of Privilege VulnerabilityImproper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2016-9535 MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerabilitytif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow." …MSRC.MICROSOFT.COM
14 OctCVE-2025-59502 Remote Procedure Call Denial of Service VulnerabilityUncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-48813 Virtual Secure Mode Spoofing VulnerabilityUse of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-25004 PowerShell Elevation of Privilege VulnerabilityImproper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-53717 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege VulnerabilityReliance on untrusted inputs in a security decision in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-50152 Windows Kernel Elevation of Privilege VulnerabilityOut-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-53150 Windows Digital Media Elevation of Privilege VulnerabilityUse after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-50175 Windows Digital Media Elevation of Privilege VulnerabilityUse after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-53139 Windows Hello Security Feature Bypass VulnerabilityCleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-53768 Xbox IStorageService Elevation of Privilege VulnerabilityUse after free in Xbox allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55240 Visual Studio Elevation of Privilege VulnerabilityImproper access control in Visual Studio allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55248 .NET, .NET Framework, and Visual Studio Information Disclosure VulnerabilityInadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-55326 Windows Connected Devices Platform Service (Cdpsvc) Remote Code Execution VulnerabilityUse after free in Connected Devices Platform Service (Cdpsvc) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-55328 Windows Hyper-V Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55330 Windows BitLocker Security Feature Bypass VulnerabilityImproper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
14 OctCVE-2025-55331 Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityUse after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55332 Windows BitLocker Security Feature Bypass VulnerabilityImproper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
14 OctCVE-2025-55334 Windows Kernel Security Feature Bypass VulnerabilityCleartext storage of sensitive information in Windows Kernel allows an unauthorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55337 Windows BitLocker Security Feature Bypass VulnerabilityImproper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
14 OctCVE-2025-55678 DirectX Graphics Kernel Elevation of Privilege VulnerabilityUse after free in Windows DirectX allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55679 Windows Kernel Information Disclosure VulnerabilityImproper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55680 Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityTime-of-check time-of-use (toctou) race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55682 Windows BitLocker Security Feature Bypass VulnerabilityImproper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
14 OctCVE-2025-55683 Windows Kernel Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55684 Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityUse after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55688 Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityUse after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55690 Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityUse after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55691 Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityUse after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55692 Windows Error Reporting Service Elevation of Privilege VulnerabilityImproper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55693 Windows Kernel Elevation of Privilege VulnerabilityUse after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55694 Windows Error Reporting Service Elevation of Privilege VulnerabilityImproper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55695 Windows WLAN AutoConfig Service Information Disclosure VulnerabilityOut-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55696 NtQueryInformation Token function (ntifs.h) Elevation of Privilege VulnerabilityTime-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55697 Azure Local Elevation of Privilege VulnerabilityHeap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-55698 DirectX Graphics Kernel Denial of Service VulnerabilityNull pointer dereference in Windows DirectX allows an authorized attacker to deny service over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-55699 Windows Kernel Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58714 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImproper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58718 Remote Desktop Client Remote Code Execution VulnerabilityUse after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-58720 Windows Cryptographic Services Information Disclosure VulnerabilityUse of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58724 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege VulnerabilityImproper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58725 Windows COM+ Event System Service Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58726 Windows SMB Server Elevation of Privilege VulnerabilityImproper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-58727 Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58729 Windows Local Session Manager (LSM) Denial of Service VulnerabilityImproper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-58730 Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityUse after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58731 Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityUse after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58733 Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityUse after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58734 Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityUse after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58736 Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityUse after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58737 Remote Desktop Protocol Remote Code Execution VulnerabilityUse after free in Windows Remote Desktop allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58738 Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityUse after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-58739 Microsoft Windows File Explorer Spoofing VulnerabilityExposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59184 Storage Spaces Direct Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows High Availability Services allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59187 Windows Kernel Elevation of Privilege VulnerabilityImproper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59188 Microsoft Failover Cluster Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59189 Microsoft Brokering File System Elevation of Privilege VulnerabilityUse after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59190 Windows Search Service Denial of Service VulnerabilityImproper input validation in Microsoft Windows Search Component allows an unauthorized attacker to deny service locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59191 Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityHeap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59192 Storport.sys Driver Elevation of Privilege VulnerabilityBuffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59193 Windows Management Services Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59194 Windows Kernel Elevation of Privilege VulnerabilityUse of uninitialized resource in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59197 Windows ETL Channel Information Disclosure VulnerabilityInsertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59198 Windows Search Service Denial of Service VulnerabilityImproper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59203 Windows State Repository API Server File Information Disclosure VulnerabilityInsertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59205 Windows Graphics Component Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59208 Windows MapUrlToZone Information Disclosure VulnerabilityOut-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59209 Windows Push Notification Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59213 Configuration Manager Elevation of Privilege VulnerabilityImproper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59214 Microsoft Windows File Explorer Spoofing VulnerabilityExposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59221 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59222 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59223 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59224 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59225 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59226 Microsoft Office Visio Remote Code Execution VulnerabilityUse after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59227 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59229 Microsoft Office Denial of Service VulnerabilityUncaught exception in Microsoft Office allows an unauthorized attacker to deny service locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59232 Microsoft Excel Information Disclosure VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59238 Microsoft PowerPoint Remote Code Execution VulnerabilityUse after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59241 Windows Health and Optimized Experiences Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-2884 Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation[CVE-2025-2884](https://www.cve.org/https://www.cve.org/CVERecord?id=CVE-2025-2884) is regarding a vulnerability in CG TPM2.0 Reference implementation's CryptHmacSign helper function that is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with …MSRC.MICROSOFT.COM
14 OctCVE-2025-59244 NTLM Hash Disclosure Spoofing VulnerabilityExternal control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59248 Microsoft Exchange Server Spoofing VulnerabilityImproper input validation in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59230 Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityImproper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59253 Windows Search Service Denial of Service VulnerabilityImproper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59260 Microsoft Failover Cluster Virtual Driver Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59261 Windows Graphics Component Elevation of Privilege VulnerabilityTime-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59275 Windows Authentication Elevation of Privilege VulnerabilityImproper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59278 Windows Authentication Elevation of Privilege VulnerabilityImproper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59285 Azure Monitor Agent Elevation of Privilege VulnerabilityDeserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-59287 Windows Server Update Service (WSUS) Remote Code Execution VulnerabilityDeserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
14 OctCVE-2025-59289 Windows Bluetooth Service Elevation of Privilege VulnerabilityDouble free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
14 OctCVE-2025-47827 MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image. MITRE created this CVE on their behalf. The documented Win…MSRC.MICROSOFT.COM
14 OctCVE-2025-59497 Microsoft Defender for Linux Denial of Service VulnerabilityTime-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.MSRC.MICROSOFT.COM
14 Oct KEVOracle silently fixes zero-day exploit leaked by ShinyHuntersOracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 35[−]
14 OctEU to sign UN Convention on CybercrimeThe Council of Europe has authorized the European Commission and member states to sign the United Nations Convention against Cybercrime. The international treaty establishes common standards at the global level to improve cooperation on cybercrime and the exchange of evidence in …CSOONLINE.COM
14 OctClevo UEFI Leak Allows Signing of Malicious Firmware with BootGuard KeysClevo accidentally exposed private keys used in its Intel Boot Guard implementation, allowing attackers to sign malicious firmware that would be trusted during the earliest boot stages. The issue is tracked as Vulnerability Note VU#538470 and was published on October 13, 2025. Re…GBHACKERS.COM
14 OctFBI Shuts Down Breach Forums and New Cyber Threats UnveiledIn this episode of Cybersecurity Today, host David Shipley discusses several major events, including the FBI's takedown of the Breach Forums portal. This site was associated with a significant Salesforce data breach and extortion campaign led by groups like Shiny Hunters and Scat…CYBERSECURITYTODAY.LIBSYN.COM
14 OctSimple Prompt Injection Lets Hackers Bypass OpenAI Guardrails FrameworkSecurity researchers have discovered a fundamental vulnerability in OpenAI’s newly released Guardrails framework that can be exploited using basic prompt injection techniques. The vulnerability enables attackers to circumvent the system’s safety mechanisms and generat…GBHACKERS.COM
14 OctIvanti Patches 13 Endpoint Manager Flaws Allowing Remote Code ExecutionIvanti has disclosed 13 vulnerabilities in Ivanti Endpoint Manager (EPM), including two high-severity issues that could enable privilege escalation and remote code execution, and eleven medium-severity SQL injection flaws. While there is no evidence of in-the-wild exploitation, I…GBHACKERS.COM
14 OctCISOs must rethink the tabletop, as 57% of incidents have never been rehearsedNearly three out of every five (57%) significant cyber incidents involve attacks the cybersecurity team had not prepared for, suggesting CISOs need to re-evaluate — and in some cases recommit to — their tabletop strategies. According to the Cytactic 2025 State of Cyber Incident R…CSOONLINE.COM
14 OctThreat Actors Exploit ScreenConnect to Gain Unauthorized Remote AccessA recent surge in threat actors leveraging remote management and monitoring (RMM) tools for initial access has intensified scrutiny of platforms once reserved for legitimate IT administration. While AnyDesk has waned in popularity among adversaries due to improved detection, Conn…GBHACKERS.COM
14 OctPoC Released for Sudo chroot Flaw Allowing Local Privilege EscalationA new proof-of-concept (PoC) exploit has been published for a critical flaw in the widely used sudo utility. This vulnerability enables any local user to escape a chroot jail and execute commands with root privileges. Organizations relying on sudo are urged to audit and…GBHACKERS.COM
14 OctNorth Korean IT Workers Use VPNs and Laptop Farms to Evade Identity VerificationIn a sprawling network of covert remote labor, more than 10,000 North Korean IT professionals have infiltrated global technology and freelance marketplaces by exploiting VPNs, virtual private servers (VPS), and so-called “laptop farms” to conceal their true origins. State-backed …GBHACKERS.COM
14 OctInside the OWASP GenAI Security Project - Steve Wilson - ASW #352Interest and participation in the OWASP GenAI Security Project has exploded over the last two years. Steve Wilson explains why it was important for the project to grow beyond just a Top Ten list and address more audiences than just developers. He also talks about how the growth o…YOUTUBE.COM
14 OctRMPocalypse: New Attack Breaks AMD Confidential ComputingA vulnerability in RMP initialization allows the AMD processor’s x86 cores to maliciously control parts of the initial RMP state. The post RMPocalypse: New Attack Breaks AMD Confidential Computing appeared first on SecurityWeek .SECURITYWEEK.COM
14 OctMalicious NPM Packages Used in Sophisticated Developer CyberattackIn October 2025, security researchers uncovered an unprecedented phishing campaign that weaponizes the npm ecosystem—not by infecting developers during package installation, but by abusing the unpkg.com CDN as a disposable hosting platform for malicious JavaScript. By seeding ove…GBHACKERS.COM
14 OctThe Trump Administration’s Increased Use of Social Media SurveillanceThis chilling paragraph is in a comprehensive Brookings report about the use of tech to deport people from the US: The administration has also adapted its methods of social media surveillance. Though agencies like the State Department have gathered millions of handles and monitor…SCHNEIER.COM
14 OctSalesforce Extortion Group Leaks Data After FBI Disruptionsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bankinfosecurity.in/salesforce-extortion-group-leaks-data-after-fbi-disruption-a-29710SH.ITJUST.WORKS
14 OctRMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential ComputingChipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing guarantees provided by Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). The attack, per ETH Zürich researchers Benedict S…THEHACKERNEWS.COM
14 OctNew Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without PermissionsAndroid devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users' knowledge pixel-by-pixel. The attack has…THEHACKERNEWS.COM
14 OctDiscord Weaponized as C2 Server Across Popular Open-Source Package RepositoriesMalicious packages on popular registries are abusing Discord webhooks to exfiltrate sensitive files and host telemetry, bypassing traditional C2 infrastructure and blending into legitimate HTTPS traffic. Discord webhooks are simple HTTPS URLs that accept POST requests; they requi…GBHACKERS.COM
14 OctMicrosoft restrains exploited legacy IE mode in Edge browser - iTnewssubmitted by kid to cybersecurity 1 points | 0 comments https://www.itnews.com.au/news/microsoft-restrains-exploited-legacy-ie-mode-in-edge-browser-620995SH.ITJUST.WORKS
14 OctHarvard Is First Confirmed Victim of Oracle EBS Zero-Day HackHackers have posted over 1 Tb of information allegedly stolen from Harvard on the Cl0p data leak website. The post Harvard Is First Confirmed Victim of Oracle EBS Zero-Day Hack appeared first on SecurityWeek .SECURITYWEEK.COM
14 OctSecure Boot bypass risk on nearly 200,000 Linux Framework sytemsAround 200,000 Linux computer systems from American computer maker Framework were shipped with signed UEFI shell components that could be exploited to bypass Secure Boot protections. [...]BLEEPINGCOMPUTER.COM
14 OctSecurity firms debate CVE credit in overlapping vulnerability reportsFuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs' reports without crediting them. Gecko denies any wrongdoing, calling the allegations a misunderstanding ove…BLEEPINGCOMPUTER.COM
14 OctOops! It's a kernel stack use-after-free: Exploiting NVIDIA's GPU Linux driversThis article details two bugs discovered in the NVIDIA Linux Open GPU Kernel Modules and demonstrates how they can be exploited. The bugs can be triggered by an attacker controlling a local unprivileged process. Their security implications were confirmed via a proof of concept th…QUARKSLAB.COM
14 OctMicrosoft raises the bar: A smarter way to measure AI for cybersecurityExCyTIn-Bench is Microsoft’s newest open-source benchmarking tool designed to evaluate how well AI systems perform real-world cybersecurity investigations. The post Microsoft raises the bar: A smarter way to measure AI for cybersecurity appeared first on Microsoft Security Blog .MICROSOFT.COM
14 OctSecurity firms dispute credit for overlapping CVE reportsFuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs' reports without crediting them. Gecko denies any wrongdoing, calling the allegations a misunderstanding ove…BLEEPINGCOMPUTER.COM
14 OctChinese Hackers Exploit ArcGIS Server as Backdoor for Over a YearThreat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year. The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon, which is …THEHACKERNEWS.COM
14 OctCISA Releases One Industrial Control Systems AdvisoryCISA released one Industrial Control Systems (ICS) advisory on October 14, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-287-01 Rockwell Automation 1715 EtherNet/IP Comms Module CISA encoura…CISA.GOV
14 OctMicrosoft Patch Tuesday October 2025, (Tue, Oct 14th)I am experimenting today with a little bit of a cleaned-up patch overview. I removed vulnerabilities that affect Microsoft&#;x26;#;39;s cloud systems (but appreciate Microsoft listing them at all), as well as vulnerabilities in third-party software lik…ISC.SANS.EDU
14 OctMicrosoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flawsToday is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. Get patching! [...]BLEEPINGCOMPUTER.COM
14 Oct KEVMicrosoft Patch Tuesday October 2025 – 172 Vulnerabilities Fixed Along with 4 Zero-daysIn its October 2025 Patch Tuesday release, Microsoft addressed a staggering 172 security vulnerabilities across its vast ecosystem, with four zero-day flaws stealing the spotlight, two of which are already being exploited in the wild. This massive security update targets a wide r…GBHACKERS.COM
14 OctThis new Android exploit can steal everything on your screen - even 2FA codes | ZDNETsubmitted by kid to cybersecurity 1 points | 0 comments https://www.zdnet.com/article/this-new-pixnapping-exploit-can-steal-everything-on-your-android-screen-even-2fa-codes/SH.ITJUST.WORKS
14 OctScattered Lapsus$ Hunters extortion site goes dark: What’s next?Is this really the end of the road for the notorious Scattered Lapsus$ Hunters ransomware alliance? Last week, the extortion supergroup had its dark web and clearnet domains seized by police , the latest setback to befall the alliance that had threatened to release Salesforce dat…CSOONLINE.COM
14 OctTrend Micro launches new integration with Zscaler to deliver real-time, Risk-Based Zero Trust AccessDiscover how Trend Vision One™ integrates with Zscaler to unify detection and access enforcement, accelerate threat containment, reduce dwell time, and deliver seamless Zero Trust protection for modern enterprises.TRENDMICRO.COM
14 OctBikers, Apple, Storm-657, Astaroth, EES, Salesforce, Aaran Leyland, and more... - SWN #520Bikers, Apple, Storm-657, Astaroth, EES, Salesforce, Aaran Leyland, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-520YOUTUBE.COM
14 Oct KEVPatch Tuesday, October 2025 ‘End of 10’ EditionMicrosoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least three vulnerabilities that are already being actively exploited. October's Patch Tuesday also marks the final month that Microsoft will ship securi…KREBSONSECURITY.COM
14 OctCompany Wrecked by Ransomware Only Spent 120,000 Pounds Per Year on Cyber SecurityDo you remember the story of the UK-based logistics company that closed due to ransomware and laid off 730 workers?  Today in an article about a warning to UK businesses about cyber incidents, their “director” said they “were throwing £120,000 a year at [cyber-security] with…TAOSECURITY.BLOGSPOT.COM
📋 SECURITY BULLETINS 3[−]
14 OctWindows 10 Still on Over 40% of Devices as It Reaches End of SupportUsers can continue receiving important security updates for Windows 10 by enrolling in the ESU program. The post Windows 10 Still on Over 40% of Devices as It Reaches End of Support appeared first on SecurityWeek .SECURITYWEEK.COM
14 OctFinal Windows 10 Patch Tuesday update rolls out as support endsIn what marks the end of an era, Microsoft has released the Windows 10 KB5066791 cumulative update, the final free update for the operating system as it reaches the end of its support lifecycle. [...]BLEEPINGCOMPUTER.COM
14 OctCybersecurity Awareness Month 2025: Why software patching matters more than everAs the number of software vulnerabilities continues to increase, delaying or skipping security updates could cost your business dearly.WELIVESECURITY.COM
📢 SECURITY ADVISORIES 12[−]
14 OctMoving Beyond Awareness: How Threat Hunting Builds ReadinessEvery October brings a familiar rhythm - pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and checklists in my inbox. Halloween may be just around the corner, yet for those of us in cybersecurity, Security Awareness Month is the true seasonal…THEHACKERNEWS.COM
14 OctMicrosoft: Exchange 2016 and 2019 have reached end of supportMicrosoft has reminded that Exchange Server 2016 and 2019 reached the end of support and advised IT administrators to upgrade servers to Exchange Server SE or migrate to Exchange Online. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 8[−]
14 Oct178,000+ Invoices Expose Customer Data from Invoicely PlatformA significant data exposure incident has affected the cloud-based invoicing platform Invoicely, potentially compromising sensitive information belonging to customers worldwide. The exposed database contained 178,519 files in various formats including Excel spreadsheets, CSV files…GBHACKERS.COM
14 Octnpm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord ChannelsCybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2) channel to transmit stolen data to actor-controlled webhooks. Webhooks on Discord are a way to post messages to channel…THEHACKERNEWS.COM
14 OctVom CISO zum Chief Risk Architectsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2666021407.jpg?quality=50&strip=all 7000w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2666021407.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
14 OctSimonMed Data Breach Exposes Sensitive Information of 1.2 Million PatientsSimonMed Imaging has confirmed that an external hacking incident compromised the personal data of 1,275,669 patients, making it one of the largest healthcare breaches of the year. The breach, which occurred on January 21, 2025, but was not discovered until January 28, exposed nam…GBHACKERS.COM
14 OctSonicWall VPN accounts breached using stolen creds in widespread attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/sonicwall-vpn-accounts-breached-using-stolen-creds-in-widespread-attacks/SH.ITJUST.WORKS
14 OctSimonMed says 1.2 million patients impacted in January data breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/simonmed-says-12-million-patients-impacted-in-january-data-breach/SH.ITJUST.WORKS
14 OctWhen AI Agents Join the Teams: The Hidden Security Shifts No One ExpectsAI assistants are no longer just helping — they're acting. Autonomous agents now open tickets, fix incidents, and make decisions faster than humans can monitor. As "Shadow AI" spreads, learn from Token Security why orgs must govern these agents like powerful new identities before…BLEEPINGCOMPUTER.COM
14 OctHyperBunker Raises Seed Funding to Launch Next-Generation Anti-Ransomware DeviceInvestors are placing bets on a hardware-based approach to data security in a market dominated by software solutions for ransomware resilience. The post HyperBunker Raises Seed Funding to Launch Next-Generation Anti-Ransomware Device appeared first on SecurityWeek .SECURITYWEEK.COM
🕵️ THREAT INTELLIGENCE 31[−]
14 OctTA585 Deploys Novel Web-Injection to Deliver MonsterV2 Malware on WindowsAs cybercrime continues to evolve, new adversaries and innovative tactics challenge defenders daily. The recently emerged threat group TA585 exemplifies this shift, deploying sophisticated malware campaigns that highlight the changing nature of the cybercrime landscape. TA585R…GBHACKERS.COM
14 OctResearchers Expose TA585’s MonsterV2 Malware Capabilities and Attack ChainCybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns. The Proofpoint Threat Research Team described the threat activity cluster as sophis…THEHACKERNEWS.COM
14 OctCyberangriff auf Bundesagentursrcset="https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2605814619.jpg?quality=50&strip=all 4500w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_2605814619.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
14 OctHackers Mimic as OpenAI and Sora Services to Steal Login CredentialsHackers have launched a sophisticated phishing campaign impersonating both OpenAI and the recently released Sora 2 AI service. By cloning legitimate-looking landing pages, these actors are duping users into submitting their login credentials, participating in faux “gift” surveys,…GBHACKERS.COM
14 OctGcore Mitigates Record-Breaking 6 Tbps DDoS AttackLuxembourg, October 14th, 2025, CyberNewsWire Surge in scale and sophistication highlights rising threats to tech and digital infrastructure Gcore, the global edge AI, cloud, network, and security solutions provider, has successfully mitigated one of the largest DDoS attacks reco…GBHACKERS.COM
14 OctCISO Conversations: Are Microsoft’s Deputy CISOs a Signpost to the Future?SecurityWeek talks to Microsoft Deputy CISOs (dCISOs) Ann Johnson and Mark Russinovich. The post CISO Conversations: Are Microsoft’s Deputy CISOs a Signpost to the Future? appeared first on SecurityWeek .SECURITYWEEK.COM
14 OctBeyond the Black Box: Building Trust and Governance in the Age of AIBalancing innovation with ethical governance is crucial for ensuring fairness, accountability, and public trust in the age of intelligent machines. The post Beyond the Black Box: Building Trust and Governance in the Age of AI appeared first on SecurityWeek .SECURITYWEEK.COM
14 OctPixnapping Attack Steals Data From Google, Samsung Android PhonesGoogle has released a partial patch for the Pixnapping attack and is working on an additional fix. The post Pixnapping Attack Steals Data From Google, Samsung Android Phones appeared first on SecurityWeek .SECURITYWEEK.COM
14 OctOpenAI’s Guardrails Can Be Bypassed by Simple Prompt Injection Attacksubmitted by kid to cybersecurity 3 points | 0 comments https://hackread.com/openai-guardrails-bypass-prompt-injection-attack/SH.ITJUST.WORKS
14 OctChinese hackers abuse geo-mapping tool for year-long persistenceChinese state hackers remained undetected in a target environment for more than a year by turning a component in the ArcGIS geo-mapping tool into a web shell. [...]BLEEPINGCOMPUTER.COM
14 Oct2 Radiology Practices Disclose Hacks Affecting 1.5M Patientssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.in/2-radiology-practices-notifying-nearly-15-million-hacks-a-29711SH.ITJUST.WORKS
14 OctInvoicely Database Leak Exposes 180,000 Sensitive Recordssubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/invoicely-database-leak-expose-sensitive-records/SH.ITJUST.WORKS
14 OctFraud Prevention Firm Resistant AI Raises $25 MillionResistant AI will use the funding to expand its fraud detection and transaction monitoring offerings to new markets. The post Fraud Prevention Firm Resistant AI Raises $25 Million appeared first on SecurityWeek .SECURITYWEEK.COM
14 OctHackers Use Court-Themed Phishing to Deliver Info-Stealer MalwareA novel phishing campaign has emerged targeting Colombian users by abusing judicial notifications and weaponizing Scalable Vector Graphics (SVG) files. This sophisticated attack begins with a carefully crafted Spanish-language email impersonating the “17th Municipal Civil Court o…GBHACKERS.COM
14 OctRealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbackssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/realblindingedr-tool/SH.ITJUST.WORKS
14 OctSAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRMSAP has rolled out additional protections for insecure deserialization bugs resolved in NetWeaver AS Java recently. The post SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM appeared first on SecurityWeek .SECURITYWEEK.COM
14 OctCybereason Acquired by MSSP Giant LevelBlueThis is LevelBlue’s third acquisition this year, after Trustwave and Aon’s Cybersecurity & IP Litigation Consulting groups. The post Cybereason Acquired by MSSP Giant LevelBlue appeared first on SecurityWeek .SECURITYWEEK.COM
14 OctSweet Security Named Cloud Security Leader and CADR Leader in Latio Cloud Security ReportTel Aviv, Israel, October 14th, 2025, CyberNewsWire Sweet Security, a leader in Runtime Cloud and AI security solutions, today announced that it has been recognized as both a Cloud Security Leader and a Cloud Application Detection & Response (CADR) Leader in the 2025 Cloud Se…GBHACKERS.COM
14 OctCriminal IP to Showcase ASM and CTI Innovations at GovWare 2025 in SingaporeTorrance, United States, October 14th, 2025, CyberNewsWire Criminal IP at Booth J30 | Sands Expo Singapore | October 21 – 23, 2025 Criminal IP, a global cybersecurity company, announced its participation in GovWare 2025, Asia’s largest cybersecurity conference, which wi…GBHACKERS.COM
14 OctUpcoming Speaking EngagementsThis is a current list of where and when I am scheduled to speak: I and Nathan E. Sanders will be giving a book talk on Rewiring Democracy at the Harvard Kennedy School’s Ash Center in Cambridge, Massachusetts, USA, on October 22, 2025 at noon ET. I and Nathan E. Sanders will be …SCHNEIER.COM
14 OctNews Alert: Gcore neutralizes record DDoS attack — underscores need for adaptive mitigationLUXEMBOURG, Oct. 14, 2025, CyberNewswire — Gcore , the global edge AI, cloud, network, and security solutions provider, has successfully mitigated one of the largest DDoS attacks recorded to date. The large-scale, multi-regional DDoS attack reached a peak bandwidth of … (mo…LASTWATCHDOG.COM
14 OctNews alert: Sweet Security named cloud, CADR leader for AI-driven runtime threat detectionTEL AVIV, Israel, Oct. 14, 2025, CyberNewswire: Sweet Security , a leader in Runtime Cloud and AI security solutions, today announced that it has been recognized as both a Cloud Security Leader and a Cloud Application Detection & Response (CADR) … (more…) The post News …LASTWATCHDOG.COM
14 OctSatellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Datasubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.wired.com/story/satellites-are-leaking-the-worlds-secrets-calls-texts-military-and-corporate-data/ archive.ph/g1RBdINFOSEC.PUB
14 OctNew Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCssubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2025/10/new-rust-based-malware-chaosbot-hijacks.htmlSH.ITJUST.WORKS
14 OctHackers Use Court-Themed Phishing to Deliver Info-Stealer Malwaresubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/info-stealer-malware/SH.ITJUST.WORKS
14 OctHacker Group TA585 Emerges With Advanced Attack Infrastructure - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/ta585-advanced-attack/SH.ITJUST.WORKS
14 OctChinese Hackers Use Trusted ArcGIS App For Year-Long Persistence - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/chinese-hackers-use-trusted-arcgis/SH.ITJUST.WORKS
14 OctSonicwall confirms exfil of all (encrypted/encoded) connected firewall backup configurationssubmitted by Appoxo to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/sonicwall-confirms-that-hackers-stole/SH.ITJUST.WORKS
14 OctMalicious crypto-stealing VSCode extensions resurface on OpenVSXA threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and plant backdoors. [...]BLEEPINGCOMPUTER.COM
14 OctISC Stormcast For Wednesday, October 15th, 2025 https://isc.sans.edu/podcastdetail/9656, (Tue, Oct 14th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
🎙️ PODCASTS 1[−]
14 OctThe AI Fix #72: The AI hype train, space data centers, and lifelike robot headsIn episode 72 of The AI Fix, GPT-5's "secret sauce" turns out to be phrases from adult websites, Irish police beg TikTokers to stop faking AI home intruders, Jeff Bezos pitches gigawatt data centers in space, OpenAI rolls out Agent Kit for drag-and-drop agents, and a Chinese star…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 7[−]
14 OctWhat AI Reveals About Web Applications— and Why It MattersBefore an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understa…THEHACKERNEWS.COM
14 OctShift left, stay ahead: The case for early threat prevention"'Shift left’ is a very trendy concept over the past few years [in application security]. The weird thing is, prevention is seen as something that's kind of old school in endpoint security or security operations."SOPHOS.COM
14 OctSatellites found exposing unencrypted data, including phone calls and some military commsResearchers spent the past year alerting affected organizations, including T-Mobile and AT&T, but warn that large amounts of satellite data will remain unencrypted and exposed for some years to come.TECHCRUNCH.COM
14 OctMicrosoft warns that Windows 10 reaches end of support todayMicrosoft has reminded customers today that Windows 10 has reached the end of support and will no longer receive patches for newly discovered security vulnerabilities. [...]BLEEPINGCOMPUTER.COM
14 OctUS seizes $15 billion in crypto from 'pig butchering' kingpinThe U.S. Department of Justice has seized $15 billion in bitcoin from the leader of Prince Group, a criminal organization that stole billions of dollars from victims in the United States through cryptocurrency investment scams, also known as romance baiting or pig butchering. [..…BLEEPINGCOMPUTER.COM
14 OctWindows 11 KB5066835 and KB5066793 updates releasedMicrosoft has released Windows 11 KB5066835 and KB5066793 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities and issues. [...]BLEEPINGCOMPUTER.COM
14 OctNew Android Pixnapping attack steals MFA codes pixel-by-pixelA new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing them to derive the content. [...]BLEEPINGCOMPUTER.COM