matlock.ca // THREAT INTELLIGENCE

100Articles

9Categories

2025-10-15Date

🚨

CISA Alerts on Rapid7 Velociraptor Flaw Exploited in Ransomware CampaignsThe Cybersecurity and Infrastructure Security Agency has added a critical vulnerability in Rapid7 Velociraptor to its Known Exploited Vulnerabilities catalogue, warning that threat actors are actively exploiting the flaw in ransomware attacks. The vulnerability, tracked as CVE-20…

KEVGBHACKERS.COM — 15 Oct 2025

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-54253 Adobe Experience Manager Forms Code Execution Vulnerability This type of vulnerability is a frequent attack vector for malici…

KEVCISA.GOV — Wed, 15 Oct 25 1

🐛

October 2025 Patch Tuesday: Holes in Windows Server Update Service and an ancient modem driver

KEVCSOONLINE.COM — 15 Oct 2025

🐛

Hackers Exploit Windows Remote Access Connection Manager 0-Day in Ongoing Attacks

GBHACKERS.COM — 15 Oct 2025

🐛

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

THEHACKERNEWS.COM — 15 Oct 2025

🐛

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

THEHACKERNEWS.COM — 15 Oct 2025

🐛

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

THEHACKERNEWS.COM — 15 Oct 2025

🐛

FortiOS CLI Bypass Flaw Lets Attackers Run Arbitrary System Commands

GBHACKERS.COM — 15 Oct 2025

🐛

FortiPAM & FortiSwitch Manager Flaw Allows Attackers to Bypass Authentication

GBHACKERS.COM — 15 Oct 2025

🐛

Chrome Use-After-Free Flaw Lets Attackers Execute Arbitrary Code

GBHACKERS.COM — 15 Oct 2025

🐛

Windows Agere Modem Driver 0-Day Exploited in Active Privilege Escalation Attacks

KEVGBHACKERS.COM — 15 Oct 2025

🐛

Adobe Security Update Fixes Critical CVE-2025-49553 Bug

SH.ITJUST.WORKS — 15 Oct 2025

🐛

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits

TRENDMICRO.COM — 15 Oct 2025

⚠️

Pro-Russian Hacktivists Target Government, Finance and E-Commerce Sites

GBHACKERS.COM — 15 Oct 2025

⚠️

Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flaws

SECURITYWEEK.COM — 15 Oct 2025

⚠️

Adobe Patches Critical Vulnerability in Connect Collaboration Suite

SECURITYWEEK.COM — 15 Oct 2025

⚠️

13 cybersecurity myths organizations need to stop believing

CSOONLINE.COM — 15 Oct 2025

⚠️

TigerJack Hackers Target Developer Marketplaces with 11 Malicious VS Code Extensions

GBHACKERS.COM — 15 Oct 2025

⚠️

Automating Compliance and Risk with Agentic AI as CISOs (R)Evolve - Trevor Horwitz - BSW #417

YOUTUBE.COM — 2025-10-15

⚠️

Critical Veeam Backup RCE Flaws Allow Remote Execution of Malicious Code

GBHACKERS.COM — 15 Oct 2025

⚠️

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

KEVTHEHACKERNEWS.COM — 15 Oct 2025

⚠️

Microsoft IIS Exploit Allows Unauthenticated Attackers to Run Arbitrary Code

GBHACKERS.COM — 15 Oct 2025

⚠️

Apple’s Bug Bounty Program

SCHNEIER.COM — 2025-10-15

⚠️

Beyond the checklist: Building adaptive GRC frameworks for agentic AI

CSOONLINE.COM — 15 Oct 2025

⚠️

TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

CSOONLINE.COM — 15 Oct 2025

⚠️

How Attackers Bypass Synced Passkeys

THEHACKERNEWS.COM — 15 Oct 2025

⚠️

Introducing MAESTRO: A framework for securing generative and agentic AI

CSOONLINE.COM — 15 Oct 2025

⚠️

Flax Typhoon exploited ArcGIS to gain long-term access

KEVCSOONLINE.COM — 15 Oct 2025

⚠️

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws

SH.ITJUST.WORKS — 15 Oct 2025

⚠️

F5 says hackers stole undisclosed BIG-IP flaws, source code

BLEEPINGCOMPUTER.COM — 15 Oct 2025

⚠️

F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data

SECURITYWEEK.COM — 15 Oct 2025

⚠️

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

THEHACKERNEWS.COM — 15 Oct 2025

⚠️

Hackers Breach F5 and Stole BIG-IP Source Code and Undisclosed Vulnerability Data

GBHACKERS.COM — 15 Oct 2025

⚠️

CISA Directs Federal Agencies to Mitigate Vulnerabilities in F5 Devices

CISA.GOV — Wed, 15 Oct 25 1

⚠️

F5 says hackers stole undisclosed BIG-IP flaws, source code

SH.ITJUST.WORKS — 15 Oct 2025

⚠️

F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion

THEHACKERNEWS.COM — 15 Oct 2025

⚠️

Fortra cops to exploitation of GoAnywhere file-transfer service defect

SH.ITJUST.WORKS — 15 Oct 2025

⚠️

F5 network compromised

SOPHOS.COM — 15 Oct 2025

⚠️

MCPTotal Launches to Power Secure Enterprise MCP Workflows

CSOONLINE.COM — 15 Oct 2025

⚠️

PowerSchool hacker gets sentenced to four years in prison

BLEEPINGCOMPUTER.COM — 15 Oct 2025

⚠️

Source code and vulnerability info stolen from F5 Networks

CSOONLINE.COM — 15 Oct 2025

⚠️

58% of CISOs are boosting AI security budgets

CSOONLINE.COM — 15 Oct 2025

⚠️

MCPTotal Launches to Power Secure Enterprise MCP Workflows

GBHACKERS.COM — 15 Oct 2025

⚠️

Risky Business #810 -- Data extortion attacks have a silver lining

RISKY.BIZ — 15 Oct 2025

📋

High-Severity Vulnerabilities Patched by Fortinet and Ivanti

SECURITYWEEK.COM — 15 Oct 2025

📋

ICS Patch Tuesday: Fixes Announced by Siemens, Schneider, Rockwell, ABB, Phoenix Contact

SECURITYWEEK.COM — 15 Oct 2025

📋

Microsoft: Sept Windows Server updates cause Active Directory issues

BLEEPINGCOMPUTER.COM — 15 Oct 2025

📋

October Patch Tuesday beats January ’25 record

SOPHOS.COM — 15 Oct 2025

📋

F5 releases BIG-IP patches for stolen security vulnerabilities

BLEEPINGCOMPUTER.COM — 15 Oct 2025

📢

NCSC Issues Warning as UK Sees Four Cyber Attacks a Week

GBHACKERS.COM — 15 Oct 2025

📢

Microsoft security advisory - October 2025 monthly rollup (AV25-666)

CYBER.GC.CA — 2025-10-15

📢

Adobe security advisory (AV25-667)

CYBER.GC.CA — 2025-10-15

📢

UK: 130% Spike in “Nationally Significant” Cyber Incidents - Infosecurity Magazine

SH.ITJUST.WORKS — 15 Oct 2025

📢

Fortinet security advisory (AV25-668)

CYBER.GC.CA — 2025-10-15

📢

NCSC warns companies to prepare for a day when your screens go dark

FORTRA.COM — 15 Oct 2025

📢

F5 security advisory (AV25-669)

CYBER.GC.CA — 2025-10-15

📢

CISA Issues Emergency Directive to Address Critical Vulnerabilities in F5 Devices

CISA.GOV — Wed, 15 Oct 25 1

📢

[Control systems] ABB security advisory (AV25-670)

CYBER.GC.CA — 2025-10-15

📢

Google Chrome security advisory (AV25-671)

CYBER.GC.CA — 2025-10-15

📢

Cisco security advisory (AV25-672)

CYBER.GC.CA — 2025-10-15

📢

BreachLock Named Representative Provider for Penetration Testing as a Service (PTaaS) in New Gartner® Report

GBHACKERS.COM — 15 Oct 2025

📢

Secure the Edge with Prisma Browser and the Essential Eight

PALOALTONETWORKS.COM — 15 Oct 2025

🔥

Hello Cake - 22,907 breached accounts

HAVEIBEENPWNED.COM — 15 Oct 2025

🔥

Clipboard Pictures Exfiltration in Python Infostealer, (Wed, Oct 15th)

ISC.SANS.EDU — 15 Oct 2025

🔥

Hacker attackieren Vergabeportal für öffentliche Aufträge

CSOONLINE.COM — 15 Oct 2025

🔥

GhostBat RAT Android Malware Poses as Fake RTO Apps to Steal Banking Data from Indian Users

GBHACKERS.COM — 15 Oct 2025

🔥

Deutsche Logistik schlecht vor Cyberattacken geschützt

CSOONLINE.COM — 15 Oct 2025

🔥

Hackers claim attacks on Texas electric co-ops | Cybernews

SH.ITJUST.WORKS — 15 Oct 2025

🔥

Capita Fined £14m After 2023 Breach that Hit 6.6 Million People - Infosecurity Magazine

SH.ITJUST.WORKS — 15 Oct 2025

🔥

Customer Service Firm 5CA Denies Responsibility for Discord Data Breach

SECURITYWEEK.COM — 15 Oct 2025

🔥

BlackSuit Ransomware Breaches Corporate Network Using Single Compromised VPN Credential

GBHACKERS.COM — 15 Oct 2025

🔥

Clothing giant MANGO discloses data breach exposing customer info

BLEEPINGCOMPUTER.COM — 15 Oct 2025

🔥

The importance of hardening customer support tools against cyberattacks

MICROSOFT.COM — 15 Oct 2025

🔥

Fake LastPass, Bitwarden breach alerts lead to PC hijacks

BLEEPINGCOMPUTER.COM — 15 Oct 2025

🔥

Capita to pay £14 million for data breach impacting 6.6 million people

BLEEPINGCOMPUTER.COM — 15 Oct 2025

🔥

AL25-014 Security Incident impacting F5

CYBER.GC.CA — 2025-10-15

🔥

Smashing Security podcast #439: A breach, a burnout, and a bit of Fleetwood Mac

GRAHAMCLULEY.COM — 15 Oct 2025

🔥

Hackers steal data of fashion retailer Mango’s customers

GRAHAMCLULEY.COM — 15 Oct 2025

🕵️

RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks

INFOSEC.PUB — 15 Oct 2025

🕵️

Telegram Becomes the Nerve Center for Modern Hacktivist Operations

GBHACKERS.COM — 15 Oct 2025

🕵️

UEFI Shell Flaws Let Hackers Disable Secure Boot on Over 200,000 Laptops

GBHACKERS.COM — 15 Oct 2025

🕵️

Pixnapping Attack Hijacks Google Authenticator 2FA Codes in Under 30 Seconds

GBHACKERS.COM — 15 Oct 2025

🕵️

End of Support for Windows 10 Sparks Security Fears Among Millions of Users

GBHACKERS.COM — 15 Oct 2025

🕵️

Chinese Hackers Use Geo-Mapping Tool for Year-Long Persistence

GBHACKERS.COM — 15 Oct 2025

🕵️

Oracle issues second emergency patch for E-Business Suite in two weeks | CSO Online

SH.ITJUST.WORKS — 15 Oct 2025

🕵️

Study reveals satellites comms spilling unencrypted data • The Register

SH.ITJUST.WORKS — 15 Oct 2025

🕵️

Webinar Today: Fact vs. Fiction – The Truth About API Security

SECURITYWEEK.COM — 15 Oct 2025

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 15 Oct 2025

🕵️

SecurityWeek to Host 2025 ICS Cybersecurity Conference October 27-30 in Atlanta

SECURITYWEEK.COM — 15 Oct 2025

🕵️

News Alert: MCPTotal unveils the first platform to secure Model Context Protocol workflows

LASTWATCHDOG.COM — 15 Oct 2025

🕵️

338 Malicious npm Packages Linked to North Korean Hackers | eSecurity Planet

SH.ITJUST.WORKS — 15 Oct 2025

🕵️

Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months

THEHACKERNEWS.COM — 15 Oct 2025

🕵️

ISC Stormcast For Thursday, October 16th, 2025 https://isc.sans.edu/podcastdetail/9658, (Wed, Oct 15th)

ISC.SANS.EDU — 15 Oct 2025

🕵️

IT service desks: The security blind spot that may put your business at risk

WELIVESECURITY.COM — 15 Oct 2025

🌐

How to spot dark web threats on your network using NDR

BLEEPINGCOMPUTER.COM — 15 Oct 2025

📡

Inspiring Futures: Empowering the Next Generation of Girls in Tech

SOPHOS.COM — 15 Oct 2025

📡

Cyber giant F5 Networks says government hackers had ‘long-term’ access to its systems, stole code and customer data

TECHCRUNCH.COM — 15 Oct 2025

📡

Sophos Firewall v22 is now available in early access

SOPHOS.COM — 15 Oct 2025

📡

WireTap and Battering RAM: attacks on TEEs | Kaspersky official blog

KASPERSKY.COM — 15 Oct 2025

📡

YouTube is down worldwide with playback error

BLEEPINGCOMPUTER.COM — 15 Oct 2025