🚨 CISA KEV 3[−]
21 Oct KEVCISA Warns of Actively Exploited Windows SMB VulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting the security flaw in the wild. The vulner…GBHACKERS.COM
21 Oct KEVCISA Warns of Oracle E-Business Suite SSRF Vulnerability Actively Exploited in AttacksThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle E-Business Suite vulnerability to its Known Exploited Vulnerabilities catalog after detecting active exploitation in the wild. The security flaw, tracked as CVE-2025-61884, poses significant r…GBHACKERS.COM
21 Oct KEVCISA confirms hackers exploited Oracle E-Business Suite SSRF flawCISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog. [...]BLEEPINGCOMPUTER.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
21 Oct KEVFive New Exploited Bugs Land in CISA's Catalog — Oracle and Microsoft Among TargetsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite (EBS) has been weaponized in real-…THEHACKERNEWS.COM
21 OctMicrosoft Windows Cloud Minifilter Flaw Enables Privilege EscalationA critical security vulnerability in Microsoft Windows Cloud Minifilter has been patched, addressing a race condition that allowed attackers to escalate privileges and create files anywhere on the system. The vulnerability, tracked as CVE-2025-55680, was discovered by security re…GBHACKERS.COM
21 Oct KEVCISA Confirms Exploitation of Latest Oracle EBS VulnerabilityThe cybersecurity agency has added CVE-2025-61884 to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Confirms Exploitation of Latest Oracle EBS Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
21 OctLANSCOPE Endpoint Manager Flaw Allows Remote Code ExecutionA critical security flaw has been found in the on-premise edition of LANSCOPE Endpoint Manager that could let attackers run malicious code on vulnerable machines. The issue, tracked as CVE-2025-61932, involves a remote code execution vulnerability in two core components: the Clie…GBHACKERS.COM
21 OctApache Syncope Groovy Flaw Allows Remote Code InjectionApache Syncope, has disclosed a critical security vulnerability that allows authenticated administrators to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-57738, impacts all Apache Syncope versions 3.x before 3.0.14 and 4.x before 4.0.2, exposing organi…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 23[−]
21 OctUS NSA alleged to have launched a cyber attack on a Chinese agencyChina’s claim that the US National Security Agency (NSA) was behind a cyber attack against the country’s timekeeping centre could be true, says an expert. “From a technical perspective, China’s allegation about an NSA hack on its national timekeeping center is plausible and align…CSOONLINE.COM
21 OctOver 71,000 WatchGuard Devices Exposed to Remote Code Execution AttacksThe cybersecurity community has raised a serious alarm following the recent daily reporting of vulnerable WatchGuard devices impacted by a major security flaw. According to new data published on October 18, 2025, security researchers at Shadowserver observed over 71,000 WatchGuar…GBHACKERS.COM
21 OctAdaptixC2 Emerges in npm Supply-Chain Exploit Against DevelopersCybersecurity researchers at Kaspersky have uncovered a sophisticated supply chain attack targeting the npm ecosystem, where threat actors distributed the AdaptixC2 post-exploitation framework through a malicious package disguised as a legitimate proxy utility. The discovery high…GBHACKERS.COM
21 OctCISOs’ security priorities reveal an augmented cyber agendaTechnology may be changing rapidly but one thing remains constant: It’s not an easy time to be a CSO. The role continues to evolve with security leaders taking on even more responsibilities , and 76% reporting that understanding which security solutions best fit their company has…CSOONLINE.COM
21 OctHackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom NetworkA European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group known as Salt Typhoon. The organization, per Darktrace, was targeted in the first week of July 2025, with the attackers exploiting a Cit…THEHACKERNEWS.COM
21 OctOver 73,000 WatchGuard Firebox Devices Impacted by Recent Critical FlawAffecting the Fireware OS iked process, the vulnerability can lead to remote code execution and does not require authentication. The post Over 73,000 WatchGuard Firebox Devices Impacted by Recent Critical Flaw appeared first on SecurityWeek .SECURITYWEEK.COM
21 OctReacting to Ransomware and Setting Secure Defaults - Rob Allen - ASW #353Ransomware attacks typically don't care about memory safety and dependency scanning, they often target old, unpatched vulns and too often they succeed. Rob Allen shares some of the biggest cases he's seen, what they have in common, and what appsec teams could do better to help th…YOUTUBE.COM
21 OctSTRATEGIC REEL: Inside the ‘Mind of a Hacker’ — turning attacker logic against themAPI sprawl. Encrypted traffic. Hyperconnected users. Today’s digital business surfaces present attackers with fertile ground—not for brute-force break-ins, but for subtle, sustained manipulation. A10 Networks Field CISO Jamison Utter calls this shift “defending with the mind of a…LASTWATCHDOG.COM
21 OctAI-enabled ransomware attacks: CISO’s top security concern — with good reasonAs ransomware attacks accelerate in speed and sophistication, 38% of security leaders rank AI-enabled ransomware as their top concern — the most frequently cited worry about AI-related security issues according to CSO’s new 2025 Security Priorities study. That concern appears to …CSOONLINE.COM
21 Oct KEVCISA Warns of Exploited Apple, Kentico, Microsoft VulnerabilitiesLeading to code execution, authentication bypass, and privilege escalation, the flaws were added to CISA’s KEV list. The post CISA Warns of Exploited Apple, Kentico, Microsoft Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
21 OctCyberheistNews Vol 15 #42 [Heads Up] Fake 'Support Calls' Used to Breach Your Salesforce AccountsKNOWBE4.COM
21 Oct KEVBritisches Militär von Cyberattacke getroffenGroßbritannien wird immer häufiger Ziel von schwerwiegenden Cyberangriffen. Jetzt hat es das Militär getroffen. Pilotsevas – shutterstock.com Laut einem Bericht der britischen Zeitung Daily Mail ist es russischen Hackern gelungen, Hunderte sensibler Militärdokumente zu ergaunern.…CSOONLINE.COM
21 OctMicrosoft 365 Copilot Flaw Lets Hackers Steal Sensitive Data via Indirect Prompt Injection A vulnerability in Microsoft 365 Copilot allowed attackers to trick the AI assistant into fetching and exfiltrating sensitive tenant data by hiding instructions in a document. The AI then encoded the data into a malicious Mermaid diagram that, when clicked, sent the stolen …GBHACKERS.COM
21 Oct KEVCISA Warns of Windows SMB Vulnerability Actively Exploited in Attackssubmitted by kid to cybersecurity 4 points | 0 comments https://cybersecuritynews.com/windows-smb-vulnerability-exploited/SH.ITJUST.WORKS
21 OctGoogle kills its cookie killerPrivacy Sandbox, Google’s attempt to create an alternative to cookies, looks like it has reached the end of the line. The company has announced that it is discontinuing 11 Privacy Sandbox technologies — pretty much the entire gamut. Privacy Sandbox VP Anthony Chavez said in a blo…CSOONLINE.COM
21 OctThe AI Fix #73: Google Gemini is a gambling addict, and how to poison an AIIn episode 73 of The AI Fix, AI now writes more web content than humans and more books by ex-British prime ministers than ex-British prime ministers. Mark eats a dodgy prawn, Google discovers a new pathway to treating cancer, a lawyer gets skewered for using AI over and over agai…GRAHAMCLULEY.COM
21 OctApple alerts exploit developer that his iPhone was targeted with government spywareA developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and fired. Weeks later, Apple notified him that his personal iPhone was targeted with spyware.TECHCRUNCH.COM
21 OctNotorious Chinese hacking group Salt Typhoon found lurking in European telecom networkssubmitted by Hotznplotzn to cybersecurity 2 points | 0 comments https://www.techradar.com/pro/security/notorious-chinese-hacking-group-salt-typhoon-found-lurking-in-european-comms-networks cross-posted from: lemmy.sdf.org/post/44445362 Archived Notorious hacking group Salt Typhoo…INFOSEC.PUB
21 OctNotorious Chinese hacking group Salt Typhoon found lurking in European telecom networkssubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://www.techradar.com/pro/security/notorious-chinese-hacking-group-salt-typhoon-found-lurking-in-european-comms-networks cross-posted from: lemmy.sdf.org/post/44445362 Archived Notorious hacking group Salt Typhoo…SH.ITJUST.WORKS
21 OctCISA Releases 10 Industrial Control Systems AdvisoriesCISA released 10 Industrial Control Systems (ICS) advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-294-01 Rockwell Automation 1783-NATR ICSA-25-294-02 Rockwell Automation Compact GuardLog…CISA.GOV
21 OctHackers exploit 34 zero-days on first day of Pwn2Own IrelandOn the first day of Pwn2Own Ireland 2025, security researchers exploited 34 unique zero-days and collected $522,500 in cash awards. [...]BLEEPINGCOMPUTER.COM
21 OctNews Alert: Sendmarc taps veteran email security leader Dan Levinson to expand U.S. footprintWILMINGTON, Del., Oct. 21, 2025, CyberNewswire — Sendmarc has announced the appointment of Dan Levinson as Customer Success Director – North America, furthering the company’s regional expansion and commitment to providing expert, locally aligned support to organizations acr…LASTWATCHDOG.COM
21 OctSynthient Stealer Log Threat Data - 182,962,095 breached accountsDuring 2025, Synthient aggregated billions of records of "threat data" from various internet sources . The data contained 183M unique email addresses alongside the websites they were entered into and the passwords used. After normalising and deduplicating the data, 183 million un…HAVEIBEENPWNED.COM
📋 SECURITY BULLETINS 3[−]
21 OctWindows 11 KB5070773 emergency update fixes Windows Recovery issuesMicrosoft has released an emergency update to fix the Windows Recovery Environment (WinRE), which became unusable on systems with USB mice and keyboards after installing the October 2025 security updates. [...]BLEEPINGCOMPUTER.COM
21 OctSecurity patch or self-inflicted DDoS? Microsoft update knocks out key enterprise functionsAn October 2025 Microsoft Windows security update is wreaking havoc on enterprises, impacting multiple systems with bugs ranging from annoying to showstopper. The update in KB5066835 was intended to strengthen Windows cryptography, by moving from the older Cryptographic Services …CSOONLINE.COM
21 OctTP-Link warns of critical command injection flaw in Omada gatewaysTP-Link has made firmware updates available for a broad range of Omada gateway models to address four vulnerabilities, among which a critical pre-auth OS command injection. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 3[−]
21 OctSBOM Pioneer Allan Friedman Joins NetRise to Advance Supply Chain VisibilityNetRise appointed the former CISA Senior Advisor and Strategist as a Strategic Advisor. The post SBOM Pioneer Allan Friedman Joins NetRise to Advance Supply Chain Visibility appeared first on SecurityWeek .SECURITYWEEK.COM
🔥 INCIDENT REPORTING 13[−]
21 OctNew LOSTKEYS Malware Tied to Russian State-Sponsored Hacker Group COLDRIVERRussian state-sponsored threat actor COLDRIVER, long known for targeting high-profile NGOs, policy advisors, and dissidents, has been linked to a rapidly evolving malware campaign following the public disclosure of its LOSTKEYS malware in May 2025. After details of LOSTKEYS surfa…GBHACKERS.COM
21 OctHow I Almost Got Hacked By A 'Job Interview'submitted by cm0002 to cybersecurity 1 points | 0 comments https://blog.daviddodda.com/how-i-almost-got-hacked-by-a-job-interviewINFOSEC.PUB
21 OctAWS Resolves Major Outage After Nearly 24 Hours of Service DisruptionAmazon Web Services experienced a significant service disruption in its US-EAST-1 region that lasted nearly 24 hours, affecting over 140 services and causing widespread issues for customers worldwide. The outage began late on October 19, 2025, and was fully resolved by the aftern…GBHACKERS.COM
21 OctThreat Actors Reportedly Marketing Monolock Ransomware on Dark Web ForumsA recent surge in underground cybercrime chatter has shone a spotlight on Monolock Ransomware V1.0, as multiple posts on dark web forums claim that the malicious software is now available for purchase. Cybersecurity researchers monitoring illicit marketplaces report that threat a…GBHACKERS.COM
21 OctRetail giant Muji halts online sales after ransomware attack on suppliersubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/retail-giant-muji-halts-online-sales-after-ransomware-attack-on-supplier/SH.ITJUST.WORKS
21 OctColdRiver Drops Fresh Malware on Targetssubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/coldriver-drops-fresh-malware-targetsSH.ITJUST.WORKS
21 OctDecoding Microsoft 365 Audit Logs Using Bitfield Mapping: An Investigation ReportUnderstanding exactly how users authenticate to cloud services is crucial for effective security monitoring. A recently refined bitfield mapping technique decodes the opaque UserAuthenticationMethod values in Microsoft 365 audit logs, transforming numeric codes into actionable, h…GBHACKERS.COM
21 OctRussian Lynk group leaks sensitive UK MoD files, including info on eight military basessubmitted by kid to cybersecurity 2 points | 0 comments https://securityaffairs.com/183640/data-breach/russian-lynk-group-leaks-sensitive-uk-mod-files-including-info-on-eight-military-bases.htmlSH.ITJUST.WORKS
21 OctNew Luma Infostealer Malware Steals Browser Data, Cryptocurrency, and Remote Access AccountsLuma Infostealer, a malware-as-a-service (MaaS) offering, has emerged as a potent threat targeting high-value credentials such as web browser cookies, cryptocurrency wallets, and VPN/RDP account information. Beyond isolated theft, threat actors are employing Luma in the initial i…GBHACKERS.COM
21 OctOfficial Xubuntu website compromised to serve malware - Help Net Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2025/10/21/xubuntu-website-compromised-malware/SH.ITJUST.WORKS
21 OctGovernment, Industrial Servers Targeted in China-Linked ‘PassiveNeuron’ CampaignA threat actor has been infecting servers of high-profile entities with backdoors to exfiltrate information and deploy additional payloads. The post Government, Industrial Servers Targeted in China-Linked ‘PassiveNeuron’ Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
21 OctInside the Synthient Threat DataPresently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Where is your data on the internet? I mean, outside the places you've consciously provided it, where has it now flowed to and is b…TROYHUNT.COM
21 OctWide World of Cyber: A deep dive on the F5 hackIn this edition of the Wide World of Cyber podcast Patrick Gray talks to Chris Krebs and Alex Stamos about the F5 incident. They talk about what happened, whether it’s a big deal, and why private equity ownership of mid-tier cybersecurity companies is often a red flag.RISKY.BIZ
🕵️ THREAT INTELLIGENCE 21[−]
21 OctTwo major security vulnerabilities discovered in 7-Zip, affecting Windows userssubmitted by hellfire103 to cybersecurity 3 points | 0 comments https://alternativeto.net/news/2025/10/two-major-security-vulnerabilities-discovered-in-7-zip-affecting-windows-users/SH.ITJUST.WORKS
21 OctPakistani Cyber Actors Impersonating ‘NIC eEmail Services’ to Target Indian GovernmentPakistan-based advanced persistent threat group APT36, also known as TransparentTribe, is actively targeting Indian government entities with a sophisticated spear-phishing campaign using email lures themed as “NIC eEmail Services.” This campaign leverages lookalike domains and we…GBHACKERS.COM
21 OctGoogle Identifies Three New Russian Malware Families Created by COLDRIVER HackersA new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an increased "operations tempo" from the threat actor. The findings come from Google Threat Intelligence Group (GTIG), which s…THEHACKERNEWS.COM
21 OctCavalry Werewolf APT Targets Multiple Sectors Using FoalShell and StallionRATFrom May to August 2025, an advanced persistent threat group known as Cavalry Werewolf—also tracked as YoroTrooper and Silent Lynx—executed a sophisticated attack campaign targeting Russia’s public sector and vital industries such as energy, mining, and manufacturing. The coordin…GBHACKERS.COM
21 OctMyanmar Military Shuts Down Major Cybercrime Center and Detains Over 2,000 PeopleMyanmar is notorious for hosting cyberscam operations responsible for bilking people all over the world. The post Myanmar Military Shuts Down Major Cybercrime Center and Detains Over 2,000 People appeared first on SecurityWeek .SECURITYWEEK.COM
21 OctA Cybersecurity Merit BadgeScouting America (formerly known as Boy Scouts) has a new badge in cybersecurity. There’s an image in the article; it looks good. I want one.SCHNEIER.COM
21 OctNew GlassWorm Threat Uses Stealthy Code to Target OpenVSX ExtensionsGlassWorm is the world’s first self-propagating worm targeting VS Code extensions in the OpenVSX marketplace, unleashing invisible malicious payloads and decentralized command infrastructure that make it nearly impossible to detect or dismantle. First identified on October 17, 20…GBHACKERS.COM
21 OctSupply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ MalwareThe malware uses invisible Unicode characters to hide its code and blockchain-based infrastructure to prevent takedowns. The post Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware appeared first on SecurityWeek .SECURITYWEEK.COM
21 OctDataminr to Acquire ThreatConnect for $290 MillionThe goal is to combine Dataminr’s data signals platform with ThreatConnect’s deep internal data capabilities. The post Dataminr to Acquire ThreatConnect for $290 Million appeared first on SecurityWeek .SECURITYWEEK.COM
21 OctData brokers are constantly doxing us, and we can’t do anything about it | Cybernewssubmitted by kid to cybersecurity 3 points | 0 comments https://cybernews.com/security/data-brokers-doxing-interview/SH.ITJUST.WORKS
21 OctAI Social Engineering Top Cyber Threat for 2026, ISACA Survey Reveals - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/ai-social-engineering-top-cyber/SH.ITJUST.WORKS
21 OctVeeam to Acquire Data Security Firm Securiti AI for $1.7 BillionThe acquisition will unify data resilience with DSPM, privacy, governance, and AI trust across production and secondary data. The post Veeam to Acquire Data Security Firm Securiti AI for $1.7 Billion appeared first on SecurityWeek .SECURITYWEEK.COM
21 OctPassiveNeuron Targets High-Profile Servers to Deploy MalwareA sophisticated cyberespionage campaign dubbed PassiveNeuron has emerged from the shadows after months of dormancy, with security researchers uncovering fresh details about its operations and attack methods. The campaign, first detected in June 2024, has resurfaced with renewed v…GBHACKERS.COM
21 OctSendmarc appoints Dan Levinson as Customer Success Director in North AmericaWilmington, Delaware, October 21st, 2025, CyberNewsWire Sendmarc has announced the appointment of Dan Levinson as Customer Success Director – North America, furthering the company’s regional expansion and commitment to providing expert, locally aligned support to organizati…GBHACKERS.COM
21 OctDefakto Raises $30 Million for Non-Human IAM PlatformDefakto’s Series B funding, which brings the total raised to $50 million, was led by XYZ Venture Capital. The post Defakto Raises $30 Million for Non-Human IAM Platform appeared first on SecurityWeek .SECURITYWEEK.COM
21 OctRussian Coldriver Hackers Deploy New ‘NoRobot’ Malware - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/russian-coldriver-hackers-new/SH.ITJUST.WORKS
21 OctRussian hackers evolve malware pushed in "I am not a robot" captchasThe Russian state-backed Star Blizzard hacker group has ramped up operations with new, constantly evolving malware families (NoRobot, MaybeRobot) deployed in complex delivery chains that start with ClickFix social engineering attacks. [...]BLEEPINGCOMPUTER.COM
21 OctGravwell Closes $15.4M Funding Round to Expand Data Analytics and Security PlatformThe Series A round was led by Two Bear Capital and included participation from Gula Tech Adventures, Next Frontier Capital, and others. The post Gravwell Closes $15.4M Funding Round to Expand Data Analytics and Security Platform appeared first on SecurityWeek .SECURITYWEEK.COM
21 OctThe new Microsoft Security Store unites partners and innovationThe Microsoft Security Store is the gateway for customers to easily discover, buy, and deploy trusted security solutions and AI agents from leading partners. The post The new Microsoft Security Store unites partners and innovation appeared first on Microsoft Security Blog .MICROSOFT.COM
21 OctThe Afterlife, AWS, ClickFix, Agentic AI, Robot Lumberjacks, Robocalls, Aaran Leyland - SWN #522The Afterlife, AWS, ClickFix, Agentic AI Galore, Robot Lumberjacks, Robocalls, Aaran Leyland, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-522 This segment is sponsored by Th…YOUTUBE.COM
21 OctRead Instructions First- NY major terror UMN NYU Columbia distracted with Thompson all originated from same placesubmitted by mandatstory to cybersecurity 1 points | 0 comments https://web.archive.org/web/20251021021325/https://medium.com/@newyork202511/tim-walz-paid-nazis-for-10m-terrorized-at-umn-nyu-columbia-sacrificing-brian-thompson-to-distract-1a8e808e5d8c cross-posted from: lemmy.wor…SH.ITJUST.WORKS
🌐 CYBER THREAT LANDSCAPE 4[−]
21 OctJohn Bolton charged over classified emails after Iranian hack of his AOL accountFormer US national security adviser John Bolton is the latest in a line of Donald Trump's critics to find themselves on the sharp end of charges from the US Department of Justice. Bolton, who left the White Hose in 2021 and wrote a tell-all memoir describing Trump as unfit for of…BITDEFENDER.COM
21 OctPolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet CampaignCybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge. PolarEdge was first documented by Sekoia in February 2025, attributing it to a campaign targeting routers from Cisco, ASUS, QNAP, and Synology with the goal of corralling them in…THEHACKERNEWS.COM
21 OctFast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer CapabilitiesTrend Research examines the latest version of the Vidar stealer, which features a full rewrite in C, a multithreaded architecture, and several enhancements that warrant attention. Its timely evolution suggests that Vidar is positioning itself to occupy the space left after Lumma …TRENDMICRO.COM
21 OctVidar Stealer 2.0 adds multi-threaded data theft, better evasionThe operators of Vidar Stealer, one of the most successful malware-as-a-service (MaaS) operations of the past decade, have released a new major version to reflect massive improvements in the malware. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 12[−]
21 OctGetting salty with LLMs: SophosAI unveils new defense against jailbreaking at CAMLIS 2025On October 22-24, SophosAI will present research on ‘LLM salting’ (a novel countermeasure against jailbreaks) and command line classification at CAMLIS 2025SOPHOS.COM
21 OctAnnouncing the latest evolution of our Security Operations portfolioNew innovations in identity protection, expanded security services, and advancements in AI, and threat detection and response to strengthen cybersecurity outcomesSOPHOS.COM
21 OctIntroducing Sophos Identity Threat Detection and Response (ITDR)Neutralize identity-based threats before they can impact your business.SOPHOS.COM
21 OctSecuring AI to Benefit from AIArtificial intelligence (AI) holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It can help teams cut through alert fatigue, spot patterns faster, and bring a level of scale that human analysts alone can’t match. But realiz…THEHACKERNEWS.COM
21 OctMicrosoft fixes bug preventing users from opening classic OutlookMicrosoft has fixed a major bug preventing Microsoft 365 users from launching the classic Outlook email client on Windows systems. [...]BLEEPINGCOMPUTER.COM
21 OctWhat time is it? Accuracy of pool.ntp.org., (Tue, Oct 21st)Yesterday, Chinese security services published a story alleging a multi-year attack against the systems operating the Chinese standard time (CST), sometimes called Beijing Standard Time. China uses only one time zone across the country, and has not used daylight saving time since…ISC.SANS.EDU
21 OctMaximizing gateway security: Beyond the basic configurationGateways can do more than route traffic, they can also strengthen your entire security posture. Learn how NordLayer combines ZTNA, firewalls, and private gateways to secure hybrid teams and keep networks compliant. [...]BLEEPINGCOMPUTER.COM
21 OctMeta Rolls Out New Tools to Protect WhatsApp and Messenger Users from ScamsMeta on Tuesday said it's launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company said it's introducing new warnings on WhatsApp when users attempt to share their screen with an unknown contact during a video call so as to preven…THEHACKERNEWS.COM
21 OctMicrosoft: Recent Windows updates cause login issues on some PCsMicrosoft has confirmed that Windows updates released since August 29, 2025, are breaking authentication on systems sharing Security Identifiers. [...]BLEEPINGCOMPUTER.COM
21 OctHow to use DeepSeek both privately and securely | Kaspersky official blogWe explain how to configure privacy settings in DeepSeek, how to use the chatbot securely, and how to deploy it locally.KASPERSKY.COM
21 OctCursor, Windsurf IDEs riddled with 94+ n-day Chromium vulnerabilitiesThe latest releases of Cursor and Windsurf integrated development environments are vulnerable to more than 94 known and patched security issues in the Chromium browser and the V8 JavaScript engine. [...]BLEEPINGCOMPUTER.COM
21 OctHow Trend Micro Empowers the SOC with Agentic SIEMBy delivering both XDR leadership and Agentic SIEM innovation under one platform, Trend is redefining what security operations can be.TRENDMICRO.COM