🚨 CISA KEV 1[−]
23 Oct KEVLanscope Endpoint Manager Zero-Day Exploited in the WildThe bug has been exploited in the wild as a zero-day and the US cybersecurity agency CISA has added it to its KEV catalog. The post Lanscope Endpoint Manager Zero-Day Exploited in the Wild appeared first on SecurityWeek .SECURITYWEEK.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 11[−]
23 OctOver 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce FlawE-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce and Magento Open Source platforms, with more than 250 attack attempts recorded against multiple stores over the past 24 hours. The …THEHACKERNEWS.COM
23 Oct KEVCritical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA ConfirmsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild. The vulnerability, CVE-…THEHACKERNEWS.COM
23 OctCritical Argument Injection Flaw in AI Agents Enables Remote Code ExecutionAI-powered agents are increasingly relied upon to execute tasks like code analysis, file management, and automating workflows. However, a newly highlighted vulnerability argument injection shows how attackers can use these very capabilities to achieve remote code execution (RCE),…GBHACKERS.COM
23 OctTARmageddon Security Flaw in Rust Library Could Lead to Config Tampering and RCEThe Edera security team has discovered a critical vulnerability in the async-tar Rust library and its descendants, including the widely-used tokio-tar. Dubbed TARmageddon and assigned CVE-2025-62518, this flaw carries a CVSS score of 8.1 (High) and enables attackers to execute re…GBHACKERS.COM
23 OctActive Exploits Target Magento and Adobe Commerce RCE, Attackers Inject WebshellsUnauthenticated attackers are actively exploiting a critical vulnerability affecting Adobe Commerce and Magento platforms worldwide. The flaw, tracked as CVE-2025-54236 and dubbed SessionReaper, enables remote code execution and customer account takeover on thousands of onli…GBHACKERS.COM
23 OctJira Vulnerability Lets Attackers Alter Files Accessible to the Jira JVM ProcessAtlassian has disclosed a critical path traversal vulnerability affecting Jira Software Data Center and Server that could allow authenticated attackers to modify files accessible to the Jira Java Virtual Machine (JVM) process. The vulnerability, tracked as CVE-2025-22167, carries…GBHACKERS.COM
23 OctCache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technicasubmitted by otters_raft to cybersecurity 1 points | 0 comments https://arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/ The makers of BIND, the Internet’s most widely used software for resolving domain names, are warning o…INFOSEC.PUB
23 OctCache poisoning vulnerabilities found in 2 DNS resolving apps - Ars Technicasubmitted by otters_raft to cybersecurity 1 points | 0 comments https://arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/ The makers of BIND, the Internet’s most widely used software for resolving domain names, are warning o…SH.ITJUST.WORKS
23 OctCVE-2025-59500 Azure Notification Service Elevation of Privilege VulnerabilityImproper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
23 OctCVE-2025-59273 Azure Event Grid System Elevation of Privilege VulnerabilityImproper access control in Azure Event Grid allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
23 OctCVE-2025-59503 Azure Compute Resource Provider Elevation of Privilege VulnerabilityServer-side request forgery (ssrf) in Azure Compute Gallery allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 20[−]
23 OctCritical MCP Server Flaw Exposes Over 3,000 Servers and Thousands of API KeysA critical vulnerability in Smithery.ai, a popular Model Context Protocol (MCP) server hosting service, exposed over 3,000 AI servers and thousands of API keys to potential attackers. Security researchers discovered a simple path traversal flaw that enabled unauthorized access to…GBHACKERS.COM
23 OctBIND 9 Vulnerabilities Expose DNS Servers to Cache Poisoning and DoSThe Internet Systems Consortium (ISC) has disclosed three critical vulnerabilities in BIND 9, the most widely deployed DNS software globally. All three vulnerabilities were publicly disclosed on October 22, 2025, affecting DNS resolvers and potentially impacting millions of users…GBHACKERS.COM
23 OctNew Malware Toolkit from MuddyWater Delivers Phoenix Backdoor to Global TargetsGroup-IB Threat Intelligence has uncovered a sophisticated phishing campaign orchestrated by the Iran-linked Advanced Persistent Threat group MuddyWater, targeting international organizations worldwide to gather foreign intelligence. The campaign demonstrates the threat actorR…GBHACKERS.COM
23 OctWhy must CISOs slay a cyber dragon to earn business respect?How CISOs respond to a major security incident can be a make-or-break moment for their career. Although one in four security leaders find themselves replaced after a ransomware attack , for example, other CISOs are finding incident-hardened experiences — with transparent and succ…CSOONLINE.COM
23 OctManipulating the meeting notetaker: The rise of AI summarization optimizationThese days, the most important meeting attendee isn’t a person: It’s the AI notetaker. This system assigns action items and determines the importance of what is said. If it becomes necessary to revisit the facts of the meeting, its summary is treated as impartial evidence. But cl…CSOONLINE.COM
23 Oct“Jingle Thief” Hackers Exploit Cloud Infrastructure to Steal Millions in Gift CardsCybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud. "Jingle Thief attackers use phishing and smish…THEHACKERNEWS.COM
23 OctBIND Updates Address High-Severity Cache Poisoning FlawsThe vulnerabilities allow attackers to predict source ports and query IDs BIND will use, and to inject forged records into the cache. The post BIND Updates Address High-Severity Cache Poisoning Flaws appeared first on SecurityWeek .SECURITYWEEK.COM
23 OctOpenAI Faces DHS Request to Disclose User’s ChatGPT Prompts in InvestigationOver the past year, federal agents struggled to uncover who operated a notorious child exploitation site on the dark web. Their search took an unexpected turn when the suspect revealed their use of ChatGPT, marking a significant moment in digital investigations. Federal Warrant S…GBHACKERS.COM
23 OctWarlock Ransomware Exploits SharePoint ToolShell Zero-Day in New Attack CampaignChinese-linked threat actors behind the Warlock ransomware operation have emerged as a significant cybersecurity concern following their exploitation of a critical Microsoft SharePoint vulnerability. The group’s sophisticated attack infrastructure, combined with evidence of…GBHACKERS.COM
23 OctSerious F5 BreachThis is bad: F5, a Seattle-based maker of networking software, disclosed the breach on Wednesday. F5 said a “sophisticated” threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a “long-t…SCHNEIER.COM
23 OctExploitation of Critical Adobe Commerce Flaw Puts Many eCommerce Sites at RiskPatched in September, the SessionReaper bug could be exploited without authentication to bypass a security feature. The post Exploitation of Critical Adobe Commerce Flaw Puts Many eCommerce Sites at Risk appeared first on SecurityWeek .SECURITYWEEK.COM
23 OctJingle Thief Hackers Exploit the Festive Season with Weaponized Gift Card ScamsCybersecurity researchers have uncovered a sophisticated campaign targeting global retail and consumer services organizations through credential theft and gift card fraud. Dubbed “Jingle Thief,” this operation exploits the festive shopping season when companies are mo…GBHACKERS.COM
23 OctHackers exploiting critical "SessionReaper" flaw in Adobe Magentosubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/hackers-exploiting-critical-sessionreaper-flaw-in-adobe-magento/SH.ITJUST.WORKS
23 OctCybercriminals Impersonate Aid Agencies to Lure Victims with Fake Financial OffersScammers have intensified their efforts to defraud vulnerable populations through sophisticated impersonation schemes and fraudulent financial aid offers, according to recent intelligence monitoring and law enforcement findings. The threat landscape reveals a coordinated, interna…GBHACKERS.COM
23 OctThreatsDay Bulletin: $176M Crypto Fine, Hacking Formula 1, Chromium Vulns, AI Hijack & MoreCriminals don’t need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse trusted systems like OAuth and package registries. If your stack or habits make any of those easy, you’re already a target. This week&…THEHACKERNEWS.COM
23 OctVulnerability in Perplexity’s Comet Browser Screenshot Feature Allows Malicious Prompt InjectionResearchers have discovered a critical security vulnerability in Perplexity’s Comet AI browser that allows attackers to inject malicious commands through hidden text in screenshots. The vulnerability, disclosed on October 21, 2025, demonstrates how AI-powered browsers can b…GBHACKERS.COM
23 OctCISA warns of Lanscope Endpoint Manager flaw exploited in attacksThe Cybersecurity & Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in the Motex Landscope Endpoint Manager. [...]BLEEPINGCOMPUTER.COM
23 OctCISA Releases Eight Industrial Control Systems AdvisoriesCISA released eight Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-296-01 AutomationDirect Productivity Suite ICSA-25-296-02 ASKI Energy ALS-Mini-…CISA.GOV
23 OctIts Always DNS - PSW #897In the security news: * When in doubt, blame DNS, you're almost always correct * How to Make Windows 11 great, or at least suck less * CSRF is the least of your problems * Shady exploits * Linux security table stakes (not steaks) * The pill camera * Give AI access to your UART * …YOUTUBE.COM
23 OctNews Alert: SquareX reveals new browser threat — AI sidebars cloned to exploit user trustPALO ALTO, Calif., Oct. 23, 2025, CyberNewswire: SquareX released critical research exposing a new class of attack targeting AI browsers. The AI Sidebar Spoofing attack leverages malicious browser extensions to impersonate trusted AI sidebar interfaces, which is used to trick …LASTWATCHDOG.COM
📋 SECURITY BULLETINS 1[−]
23 OctHP pulls update that broke Microsoft Entra ID auth on some AI PCsHP has pulled an HP OneAgent software update for Windows 11 that mistakenly deleted Microsoft certificates required for some organizations to log in to Microsoft Entra ID, effectively disconnecting them from their company's cloud environments. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 1[−]
🔥 INCIDENT REPORTING 11[−]
23 OctCyberangriff auf Jaguar ist teuerster in britischer GeschichteDer Hackerangriff auf den Autobauer Jaguar Land Rover hat die britische Regierung viel Geld gekostet. GAlexS – shutterstock.com Der Cyberangriff auf den britischen Autobauer Jaguar Land Rover war nach Einschätzung von Experten der wirtschaftlich schädlichste in der Geschichte des…CSOONLINE.COM
23 OctNew Python-Based RAT Disguised as Minecraft App Steals Sensitive User DataThreat researchers at Netskope have uncovered a sophisticated new Remote Access Trojan (RAT) written in Python that masquerades as “Nursultan Client,” a legitimate Minecraft application popular in Eastern-European and Russian gaming communities. The malware leverages …GBHACKERS.COM
23 OctSocGholish Malware Using Compromised Sites to Deliver Ransomware – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and Moresubmitted by kid to cybersecurity 2 points | 0 comments https://hackread.com/socgholish-malware-compromised-sites-ransomware/SH.ITJUST.WORKS
23 OctRansomware gang steals meeting videos, financial secrets from fence wholesaler | The Record from Recorded Future Newssubmitted by kid to cybersecurity 1 points | 0 comments https://therecord.media/ransomware-gang-steals-meeting-video-fence-manufacturerSH.ITJUST.WORKS
23 OctNorth Korean Lazarus hackers targeted European defense companiesNorth Korean Lazarus hackers compromised three European companies in the defense sector through a coordinated Operation DreamJob campaign leveraging fake recruitment lures. [...]BLEEPINGCOMPUTER.COM
23 OctMicrosoft stoppt Ransomware-Angriffe auf Teams-Nutzersrcset="https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1719459637.jpg?quality=50&strip=all 4500w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1719459637.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
23 OctMinimizing liability is not the same as security: Lessons learned from Collin's Aerospace cyberattackIn late September 2025, several European airports reported significant delays and flight cancellations due to issues with their check-in and passenger systems. Collin’s Aerospace, the vendor of the vMUSE check-in system, had been hit by a ransomware attack.KNOWBE4.COM
23 OctAgenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD TechniquesTrend™ Research identified a sophisticated Agenda ransomware attack that deployed a Linux variant on Windows systems. This cross-platform execution can make detection challenging for enterprises.TRENDMICRO.COM
23 OctPhishing Campaign Impersonates Password ManagersA phishing campaign is impersonating LastPass and Bitwarden with phony breach notifications, BleepingComputer reports.KNOWBE4.COM
23 OctToys “R” Us Canada warns customers' info leaked in data breachToys "R" Us Canada has sent notices of a data breach to customers informing them of a security incident where threat actors leaked customer records they had previously stolen from its systems. [...]BLEEPINGCOMPUTER.COM
23 OctMinimizing liability is not the same as security: Lessons from Recent Airport Cyber DisruptionsIn late September 2025, several European airports reported significant delays and flight cancellations due to disruptions with their check-in and passenger systems. As a global leader in aviation technology and the backbone of passenger travel, protection of systems and customer …KNOWBE4.COM
🕵️ THREAT INTELLIGENCE 16[−]
23 OctISC Stormcast For Thursday, October 23rd, 2025 https://isc.sans.edu/podcastdetail/9668, (Thu, Oct 23rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
23 OctPhantomCaptcha RAT Uses Weaponized PDFs and “ClickFix” Cloudflare CAPTCHA Pages to Deliver MalwareA sophisticated spearphishing campaign has targeted humanitarian organizations working on Ukrainian war relief efforts, employing weaponized PDFs and fake Cloudflare captcha pages to deploy a custom remote access trojan. The PhantomCaptcha campaign, launched on October 8th, 2025,…GBHACKERS.COM
23 OctSideWinder Leverages ClickOnce Installer to Deliver StealerBot MalwareThe notorious SideWinder advanced persistent threat (APT) group has evolved its cyber espionage tactics with a sophisticated new attack method, combining PDF lures with ClickOnce technology to deploy StealerBot malware against diplomatic targets across South Asia. SideWinder orch…GBHACKERS.COM
23 OctMobile Security: Verizon Says Attacks Soar, AI-Powered Threats Raise AlarmVerizon’s 2025 Mobile Security Index shows that 85% of organizations believe mobile device attacks are on the rise. The post Mobile Security: Verizon Says Attacks Soar, AI-Powered Threats Raise Alarm appeared first on SecurityWeek .SECURITYWEEK.COM
23 OctVibe Coding’s Real Problem Isn’t Bugs—It’s JudgmentAs AI coding tools flood enterprises with functional but flawed software, researchers urge embedding security checks directly into the AI workflow. The post Vibe Coding’s Real Problem Isn’t Bugs—It’s Judgment appeared first on SecurityWeek .SECURITYWEEK.COM
23 OctTransparentTribe Targets Linux Systems in Indian Military to Deploy DeskRATIn July 2025, cybersecurity firm CYFIRMA uncovered an active phishing campaign targeting Linux-based operating systems used by Indian government and military organisations. This operation, attributed to TransparentTribe (also known as APT36 or Operation C-Major), is the latest in…GBHACKERS.COM
23 OctStealthy Malware Leveraging Variable Functions and Cookies for EvasionCybersecurity researchers at Wordfence Threat Intelligence and their Care and Response teams have observed a persistent trend in new malware that leverages heavy obfuscation techniques to evade detection. While some malware attempts to blend in as legitimate files, the more commo…GBHACKERS.COM
23 OctOver 180 million stolen credentials added to Have I Been Pwned | SC Mediasubmitted by kid to cybersecurity 1 points | 0 comments https://www.scworld.com/news/over-180-million-stolen-credentials-added-to-have-i-been-pwnedSH.ITJUST.WORKS
23 OctIranian hackers targeted over 100 govt orgs with Phoenix backdoorsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/iranian-hackers-targeted-over-100-govt-orgs-with-phoenix-backdoor/SH.ITJUST.WORKS
23 OctAI Sidebar Spoofing Puts ChatGPT Atlas, Perplexity Comet and Other Browsers at RiskSquareX has shown how malicious browser extensions can impersonate AI sidebar interfaces. The post AI Sidebar Spoofing Puts ChatGPT Atlas, Perplexity Comet and Other Browsers at Risk appeared first on SecurityWeek .SECURITYWEEK.COM
23 OctGlobal SMS Phishing Campaign Traced to China Targets Users WorldwideA sophisticated and widespread smishing campaign originating from China has emerged as a significant threat to users worldwide. Researchers have attributed the ongoing attack to a group known as the Smishing Triad, which has demonstrated unprecedented scale and complexity through…GBHACKERS.COM
23 OctCaminho Malware Loader Conceals .NET Payloads inside Images via LSB SteganographyCybersecurity researchers at Arctic Wolf Labs have uncovered a cunning new threat dubbed Caminho, a Brazilian Loader-as-a-Service (LaaS) that’s turning everyday images into Trojan horses for malware. Active since March 2025 and evolved rapidly by June, this operation hides …GBHACKERS.COM
23 OctRussian Government Now Actively Managing Cybercrime Groups: Security FirmThe relationship between the Russian government and cybercriminal groups has evolved from passive tolerance. The post Russian Government Now Actively Managing Cybercrime Groups: Security Firm appeared first on SecurityWeek .SECURITYWEEK.COM
23 OctNorth Korean Hackers Lure Defense Engineers With Fake Jobs to Steal Drone SecretsThreat actors with ties to North Korea have been attributed to a new wave of attacks targeting European companies active in the defense industry as part of a long-running campaign known as Operation Dream Job. "Some of these [companies' are heavily involved in the unmanned aerial…THEHACKERNEWS.COM
23 OctHarden your identity defense with improved protection, deeper correlation, and richer contextExpanded ITDR features—including the new Microsoft Defender for Identity sensor, now generally available—bring improved protection, correlation, and context to help customers modernize their identity defense. The post Harden your identity defense with improved protection, deeper …MICROSOFT.COM
23 OctGotta fly: Lazarus targets the UAV sectorESET research analyzes a recent instance of the Operation DreamJob cyberespionage campaign conducted by Lazarus, a North Korea-aligned APT groupWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
23 OctInfostealer Targeting Android Devices, (Thu, Oct 23rd)Infostealers landscape exploded in 2024 and they remain a top threat today. If Windows remains a nice target (read: Attackers&#;x26;#;39; favorite), I spotted an Infostealer targeting Android devices. This sounds logical that attackers pay attention to…ISC.SANS.EDU
📡 INFOSEC NEWS 9[−]
23 OctWhy Organizations Are Abandoning Static Secrets for Managed IdentitiesAs machine identities explode across cloud environments, enterprises report dramatic productivity gains from eliminating static credentials. And only legacy systems remain the weak link. For decades, organizations have relied on static secrets, such as API keys, passwords, and to…THEHACKERNEWS.COM
23 OctSecure AI at Scale and Speed — Learn the Framework in this Free WebinarAI is everywhere—and your company wants in. Faster products, smarter systems, fewer bottlenecks. But if you're in security, that excitement often comes with a sinking feeling. Because while everyone else is racing ahead, you're left trying to manage a growing web of AI agents you…THEHACKERNEWS.COM
23 OctSeries of joint guidance on modern defensible architectureMDA is ASD’s ACSC initiative to ensure that organizations consider and actively apply secure design and architecture in their cyber security strategy, resilience planning and implementations. This series of guidance includes 3 publications.CYBER.GC.CA
23 OctSpoofed AI sidebars can trick Atlas, Comet users into dangerous actionsOpenAI's Atlas and Perplexity's Comet browsers are vulnerable to AI sidebar spoofing attacks that mislead users into following fake AI-generated instructions. [...]BLEEPINGCOMPUTER.COM
23 OctZero Trust Has a Blind Spot—Your AI AgentsAI agents now act, decide, and access systems on their own — creating new blind spots Zero Trust can't see. Token Security helps organizations govern AI identities so every agent's access, intent, and action are verified and accountable. [...]BLEEPINGCOMPUTER.COM
23 OctMicrosoft disables File Explorer preview for downloads to block attacksMicrosoft says that the File Explorer (formerly Windows Explorer) now automatically blocks previews for files downloaded from the Internet to block credential theft attacks via malicious documents. [...]BLEEPINGCOMPUTER.COM
23 OctU.S. government accuses former L3Harris cyber boss of stealing trade secretsThe U.S. Department of Justice accused Peter Williams, former general manager of L3Harris’ hacking division Trenchant, of stealing trade secrets and selling them to a buyer in Russia.TECHCRUNCH.COM
23 OctMeet the new Clippy: Microsoft unveils Copilot's "Mico" avatarToday, Microsoft introduced Mico, a new and more personal avatar for the AI-powered Copilot digital assistant, which the company describes as human-centered. [...]BLEEPINGCOMPUTER.COM
23 OctResearchers find a way to use a computer mouse for eavesdroppingMic-E-Mouse: a theoretical attack that could allow eavesdropping on conversations in a room through a computer mouse's optical sensor.KASPERSKY.COM