🚨 CISA KEV 1[−]
20 Oct KEVCISA Adds Five Known Exploited Vulnerabilities to CatalogCISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2022-48503 Apple Multiple Products Unspecified Vulnerability CVE-2025-2746 Kentico Xperience Staging Sync Server Digest Password Auth…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
20 OctForeign hackers breached a US nuclear weapons plant via SharePoint flawsA foreign threat actor infiltrated the Kansas City National Security Campus (KCNSC) , a key manufacturing site within the National Nuclear Security Administration (NNSA), exploiting unpatched Microsoft SharePoint vulnerabilities, according to a source involved in an August incide…CSOONLINE.COM
20 OctNetwork security devices endanger orgs with ’90s era flawsEnterprises have long relied on firewalls, routers, VPN servers, and email gateways to protect their networks from attacks. Increasingly, however, these network edge devices are becoming security liabilities themselves. Every few weeks, another crisis plays out: Security teams sc…CSOONLINE.COM
20 OctPoC Released for Linux-PAM Vulnerability Enabling Local Root Privilege EscalationA new proof-of-concept (PoC) has been released for a serious vulnerability tracked as CVE-2025-8941, affecting the Pluggable Authentication Modules (PAM) used across Linux distributions. The flaw, rated 7.8 (High) on the CVSS scale, allows local attackers to elevate privileges to…GBHACKERS.COM
20 OctOver 75,000 WatchGuard security devices vulnerable to critical RCENearly 76,000 WatchGuard Firebox network security appliances are exposed on the public web and still vulnerable to a critical issue (CVE-2025-9242) that could allow a remote attacker to execute code without authentication. [...]BLEEPINGCOMPUTER.COM
20 OctOver 75,000 WatchGuard security devices vulnerable to critical RCEsubmitted by tonytins to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/over-75-000-watchguard-security-devices-vulnerable-to-critical-rce/ Nearly 76,000 WatchGuard Firebox network security appliances are exposed on the public web and still vul…SH.ITJUST.WORKS
⚠️ VULNERABILITY DISCLOSURE 17[−]
20 OctChina Accuses US of Cyberattack on National Time CenterThe Ministry of State Security alleged that the NSA exploited vulnerabilities in the messaging services of a foreign mobile phone brand to steal sensitive information. The post China Accuses US of Cyberattack on National Time Center appeared first on SecurityWeek .SECURITYWEEK.COM
20 OctCritical Security Alerts: TikTok Malware & Europol's SIM Farm TakedownIn this episode of Cybersecurity Today, host David Shipley covers the latest developments in cyber threats and law enforcement victories. Topics include: cybercriminals using TikTok videos to disseminate malware through click-fix attacks, Europol shutting down a massive SIM farm …CYBERSECURITYTODAY.LIBSYN.COM
20 OctMSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time SystemsChina on Sunday accused the U.S. National Security Agency (NSA) of carrying out a "premeditated" cyber attack targeting the National Time Service Center (NTSC), as it described the U.S. as a "hacker empire" and the "greatest source of chaos in cyberspace." The Ministry of State S…THEHACKERNEWS.COM
20 OctUsing Syscall() for Obfuscation/Fileless Activity, (Mon, Oct 20th)I found another piece of malware this weekend. This one looks more like a proof-of-concept because the second-stage payload is really "simple", but it attracted my attention because it uses a nice technique to obfuscate the code.
ISC.SANS.EDU
20 OctMitigating attacks against AI-enabled Apps, Replacing the CIA triad, Enterprise News - ESW #429Segment 1: David Brauchler on AI attacks and stopping them David Brauchler says AI red teaming has proven that eliminating prompt injection is a lost cause. And many developers inadvertently introduce serious threat vectors into their applications – risks they must later eliminat…YOUTUBE.COM
20 OctVulnerability in Dolby Decoder Can Allow Zero-Click AttacksOn Android, the out-of-bounds write issue can be triggered during the processing of media files without user interaction. The post Vulnerability in Dolby Decoder Can Allow Zero-Click Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
20 OctAgentic AI’s OODA Loop ProblemThe OODA loop—for observe, orient, decide, act—is a framework to understand decision-making in adversarial situations. We apply the same framework to artificial intelligence agents, who have to make their decisions with untrustworthy observations and orientation. To s…SCHNEIER.COM
20 OctThreat actors are spreading malicious extensions via VS marketplacesCareless developers publishing Visual Studio extensions to two open marketplaces have been including access tokens and other secrets that can be exploited by threat actors, a security vendor has found. The discovery was made earlier this year by researchers at Wiz, who quietly wo…CSOONLINE.COM
20 OctWatchGuard VPN Vulnerability Let Remote Attacker Execute Arbitrary Codesubmitted by kid to cybersecurity 2 points | 0 comments https://cybersecuritynews.com/watchguard-vpn-vulnerability/SH.ITJUST.WORKS
20 OctConnectWise Patches Critical Flaw in Automate RMM ToolAttackers could exploit vulnerable deployments to intercept and tamper with communications in certain configurations. The post ConnectWise Patches Critical Flaw in Automate RMM Tool appeared first on SecurityWeek .SECURITYWEEK.COM
20 OctAnalysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security BreachesClickFix, FileFix, fake CAPTCHA — whatever you call it, attacks where users interact with malicious scripts in their web browser are a fast-growing source of security breaches. ClickFix attacks prompt the user to solve some kind of problem or challenge in the browser — most…THEHACKERNEWS.COM
20 OctPoC Exploit Released for Linux-PAM Vulnerability Allowing Root Privilege Escalationsubmitted by kid to cybersecurity 2 points | 0 comments https://cybersecuritynews.com/poc-exploit-linux-pam-vulnerability/SH.ITJUST.WORKS
20 OctInside the attack chain: Threat activity targeting Azure Blob StorageAzure Blob Storage is a high-value target for threat actors due to its critical role in storing and managing massive amounts of unstructured data at scale across diverse workloads and is increasingly targeted through sophisticated attack chains that exploit misconfigurations, exp…MICROSOFT.COM
20 OctCISA: High-severity Windows SMB flaw now exploited in attacksCISA says threat actors are now actively exploiting a high-severity Windows SMB privilege escalation vulnerability that can let them gain SYSTEM privileges on unpatched systems. [...]BLEEPINGCOMPUTER.COM
20 OctSouth Korea Seeks to Arrest Dozens of Online Scam Suspects Repatriated From CambodiaSouth Korea faces public calls to take stronger action to protect its nationals from being forced into overseas online scam centers. The post South Korea Seeks to Arrest Dozens of Online Scam Suspects Repatriated From Cambodia appeared first on SecurityWeek .SECURITYWEEK.COM
20 OctDNS0.EU private DNS service shuts down over sustainability issuesThe DNS0.EU non-profit public DNS service focused on European users announced its immediate shut down due to time and resource constraints. [...]BLEEPINGCOMPUTER.COM
20 OctSimple to Ask: Is Your SOC AI Ready? Not Simple to Answer!Gemini made blog illustration In early 1900s, factory owners bolted the new electric dynamo onto their old, central-shaft-and-pulley systems. They thought they were modernizing, but they were just doing a “retrofit.” The massive productivity boom didn’t arrive until they complete…MEDIUM.COM
📋 SECURITY BULLETINS 3[−]
20 OctMicrosoft warns of Windows smart card auth issues after October updatesMicrosoft says the October 2025 Windows security updates are causing smart card authentication and certificate issues due to a change designed to strengthen the Windows Cryptographic Services. [...]BLEEPINGCOMPUTER.COM
20 OctMicrosoft fixes Windows Server Active Directory sync issuesMicrosoft is rolling out a fix for Active Directory issues affecting some Windows Server 2025 systems after installing security updates released since September. [...]BLEEPINGCOMPUTER.COM
20 OctMicrosoft: October updates break USB input in Windows RecoveryMicrosoft has confirmed that this month's security updates disable USB mice and keyboards in the Windows Recovery Environment (WinRE), making it unusable. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 10[−]
20 OctCISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attacksubmitted by cm0002 to cybersecurity 2 points | 0 comments https://thehackernews.com/2025/10/cisa-flags-adobe-aem-flaw-with-perfect.htmlINFOSEC.PUB
20 OctChina wirft den USA Cyberangriffe auf Zeitbehörde vorChina und USA werfen sich gegenseitig immer wieder Cyberangriffe vor. rawf8 – shutterstock.com China hat den USA Cyberangriffe auf eine zentrale staatliche Zeitbehörde vorgeworfen. Nach Angaben des Ministeriums für Staatssicherheit soll die US-Nachrichtendienstbehörde NSA seit Mä…CSOONLINE.COM
20 OctCybersecurity Awareness Month 2025: Building resilience against ransomwareRansomware rages on and no organization is too small to be targeted by cyber-extortionists. How can your business protect itself against the threat?WELIVESECURITY.COM
🔥 INCIDENT REPORTING 7[−]
20 OctChina Accuses US of Cyberattack on National Time Center - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/china-accuses-us-of-cyberattack-on-national-time-center/SH.ITJUST.WORKS
20 OctHacker verkaufen Daten von Geiger im Darknetsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?quality=50&strip=all 5616w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
20 OctCollins Aerospace claimed by Everest ransomware | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/security/colins-aerospace-attack-claimed-by-everest-linking-ransomware-group-to-europe-airports-disruption/SH.ITJUST.WORKS
20 Oct⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & MoreIt’s easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest incidents show that long-term, silent breaches are becoming the norm. The best defense now isn’t just patching fast, but watching smarter and staying alert fo…THEHACKERNEWS.COM
20 OctFind hidden malicious OAuth apps in Microsoft 365 using CazadoraMalicious OAuth apps can hide inside Microsoft 365 tenants. Huntress Labs' Cazadora script helps uncover rogue apps before they lead to a breach. Dive deeper in their Tradecraft Tuesday sessions. [...]BLEEPINGCOMPUTER.COM
20 Oct[Cybersecurity Awareness Month]: Keeping Enkryptor at Bay: How We All Can Help Beat Back RansomwareRansomware is the gift that keeps on giving… and taking.KNOWBE4.COM
20 OctRetail giant Muji halts online sales after ransomware attack on supplierJapanese retail company Muji has taken offline its store due to a logistics outage caused by a ransomware attack at its delivery partner, Askul. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 18[−]
20 OctAmerican Airlines Subsidiary Envoy Air Hit by Oracle HackEnvoy Air, which operates the American Eagle brand, has confirmed that business information was stolen by hackers. The post American Airlines Subsidiary Envoy Air Hit by Oracle Hack appeared first on SecurityWeek .SECURITYWEEK.COM
20 OctWeekly Update 474Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. You're not going to believe this - the criminals that took the Qantas data ignored the injunction 😮 I know, I know, we're all a bit stunned that mak…TROYHUNT.COM
20 OctNSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 MillionThe judge ruled that punitive damages of $167 million awarded by a jury were excessive. The post NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million appeared first on SecurityWeek .SECURITYWEEK.COM
20 OctMajor AWS outage takes down Fortnite, Alexa, Snapchat, and moresubmitted by kid to cybersecurity 1 points | 0 comments https://www.theverge.com/news/802486/aws-outage-alexa-fortnite-snapchat-offlineSH.ITJUST.WORKS
20 OctConnectWise fixes Automate bug allowing AiTM update attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/connectwise-fixes-automate-bug-allowing-aitm-update-attacks/SH.ITJUST.WORKS
20 OctLumma Stealer Activity Drops After DoxxingThe identities of alleged core members of the Lumma Stealer group were exposed in an underground doxxing campaign. The post Lumma Stealer Activity Drops After Doxxing appeared first on SecurityWeek .SECURITYWEEK.COM
20 OctSIM Farm Dismantled in Europe, Seven ArrestedThe individuals ran a highly sophisticated cybercrime-as-a-service (CaaS) platform that caused roughly €5 million (~$5.8 million) in losses. The post SIM Farm Dismantled in Europe, Seven Arrested appeared first on SecurityWeek .SECURITYWEEK.COM
20 OctMicrosoft Revokes 200+ Fake Certificates Used in Teams Malware Attacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/microsoft-revokes-200-fake/SH.ITJUST.WORKS
20 OctMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
20 OctChina-linked Salt Typhoon hackers attempt to infiltrate European telco - Help Net Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2025/10/20/salt-typhoon-apt-telecommunications-europe/SH.ITJUST.WORKS
20 Oct131 Malicious Chrome Extensions Discovered Targeting WhatsApp UsersA new wave of spamware targeting WhatsApp Web users has emerged, as the Socket Threat Research Team revealed the discovery of 131 malicious Chrome extensions actively flooding the Chrome Web Store. These extensions are not conventional malware, but function as high-risk automatio…GBHACKERS.COM
20 OctWinos 4.0 Malware Uses Weaponized PDFs Posing as Government Departments to Infect Windows MachinesSecurity researchers are tracking a high-severity malware campaign that uses weaponized PDF files to distribute the Winos 4.0 malware. The threat actors impersonate government departments to trick users into opening malicious documents that infect Microsoft Windows machines. The …GBHACKERS.COM
20 OctHalf of Young People in the UK Cite Non-Consensual Deepfakes as a Top FearA new survey found that 50% of UK residents aged 16 to 34 cite deepfake nudes as their top worry related to AI technology, SecurityBrief reports.KNOWBE4.COM
20 OctMassive AWS Outage Halt The Internet – Disrupting Snapchat, Prime Video, Canva, and MoreA catastrophic Amazon Web Services (AWS) outage struck on October 20, 2025, bringing down major platforms like Snapchat, Amazon Prime Video, and Canva, and revealing the internet’s dangerous dependence on a single cloud provider. Starting at 12:11 a.m. PDT (12:41 p.m. IST), a DNS…GBHACKERS.COM
20 OctSophos Intelix for Microsoft Copilot now brings threat intelligence directly into CopilotWorld-class threat intelligence available directly where analysts work.SOPHOS.COM
20 OctSelf-spreading GlassWorm malware hits OpenVSX, VS Code registriessubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/self-spreading-glassworm-malware-hits-openvsx-vs-code-registries/SH.ITJUST.WORKS
20 OctISC Stormcast For Tuesday, October 21st, 2025 https://isc.sans.edu/podcastdetail/9664, (Mon, Oct 20th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
20 OctAmazon outage breaks much of the internet | TechCrunchsubmitted by ItWasntme223 to cybersecurity 1 points | 0 comments https://techcrunch.com/2025/10/20/amazon-dns-outage-breaks-much-of-the-internet/INFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 4[−]
20 Oct131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam CampaignCybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale. The 131 spamware extensions share the same codebase, design patterns, and infrastructure,…THEHACKERNEWS.COM
20 OctFrom inbox clutter to costly compromise: Why email threats still matterEmail-based attacks aren’t relics of the past. They’re active, sophisticated, and increasingly lucrative for attackers.SOPHOS.COM
20 OctSelf-spreading GlassWorm malware hits OpenVSX, VS Code registriesA new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with self-spreading malware called GlassWorm that has been installed an estimated 35,800 times. [...]BLEEPINGCOMPUTER.COM
20 OctInternship Offers for the 2025-2026 SeasonThe internship season is back at Quarkslab! Our internship positions cover a wide range of topics and expertise, and aim at tackling new challenges in various fields.QUARKSLAB.COM
📡 INFOSEC NEWS 6[−]
20 OctAWS outage crashes Amazon, PrimeVideo, Fortnite, Perplexity and moreAWS outage has taken down millions of websites, including Amazon.com, PrimeVideo, Perplexity AI, Canva and more. [...]BLEEPINGCOMPUTER.COM
20 OctMany Online Services and Websites Affected by an AWS Outage, (Mon, Oct 20th)The info is spreading across the news websites: For approximatively two hours, many online services or websites are suffering of an Amazon Web Services outage. Some affected services:
ISC.SANS.EDU
20 OctHundreds of masked ICE agents doxxed by hackers, as personal details posted on TelegramHundreds of US government officials working for the FBI, ICE, and Department of Justice have had their personal data leaked by a notorious hacking group. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
20 OctHow to configure privacy and security in ChatGPT | Kaspersky official blogA comprehensive guide to configuring privacy and security in ChatGPT: data collection and usage, memory, Temporary Chats, connectors, and account security.KASPERSKY.COM
20 OctAmazon DNS outage breaks much of the internetThe outage affected websites like Coinbase and Fortnite, and disrupted services like Signal, Zoom and Amazon's own products, including Ring.TECHCRUNCH.COM
20 OctAWS outage crashes Amazon, Prime Video, Fortnite, Perplexity and moreAWS outage has taken down millions of websites, including Amazon.com, Prime Video, Perplexity AI, Canva and more. [...]BLEEPINGCOMPUTER.COM