MATLOCK.CA
90Articles
8Categories
2025-10-30Date
🚨
CISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-24893 XWiki Platform Eval Injection Vulnerability CVE-2025-41244 Broadcom VMware Aria Operations and VMware Tools Privilege Defined wit…
KEVCISA.GOV — Thu, 30 Oct 25 1
🐛
WordPress Plugin Vulnerability Lets Attackers Read Any Server File
GBHACKERS.COM — 30 Oct 2025
🐛
Privilege Escalation Exploit Targets Windows Cloud Files Minifilter
GBHACKERS.COM — 30 Oct 2025
🐛
New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges
GBHACKERS.COM — 30 Oct 2025
🐛
Critical RediShell RCE Vulnerability Threatens 8,500+ Redis Deployments Worldwide
GBHACKERS.COM — 30 Oct 2025
🐛
BRONZE BUTLER exploits Japanese asset management software vulnerability
SOPHOS.COM — 30 Oct 2025
⚠️
Smashing Security podcast #441: Inside the mob’s million-dollar poker hack, and a Formula 1 fumble
GRAHAMCLULEY.COM — 30 Oct 2025
⚠️
Old threats, new consequences: 90% of cyber claims stem from email and remote access
CSOONLINE.COM — 30 Oct 2025
⚠️
PolarEdge Botnet Hits 25K IoT Devices in Major Cyber Campaign
GBHACKERS.COM — 30 Oct 2025
⚠️
CISA Alerts on Active Exploitation of WSUS Vulnerability
GBHACKERS.COM — 30 Oct 2025
⚠️
Report: Profits from ransomware attacks declining
CSOONLINE.COM — 30 Oct 2025
⚠️
Tips for CISOs switching between industries
CSOONLINE.COM — 30 Oct 2025
⚠️
12 Malicious Extensions in VSCode Marketplace Steal Source Code and Exfiltrate Login Credentials
GBHACKERS.COM — 30 Oct 2025
⚠️
Making A Virtual Machine Look Like Real Hardware To Malware | Hackaday
INFOSEC.PUB — 30 Oct 2025
⚠️
New Malware Infects WooCommerce Sites Through Fake Plugins to Steal Credit Card Data
GBHACKERS.COM — 30 Oct 2025
⚠️
Former US Defense Contractor Executive Admits to Selling Exploits to Russia
SECURITYWEEK.COM — 30 Oct 2025
⚠️
The AI-Designed Bioweapon Arms Race
SCHNEIER.COM — 2025-10-30
⚠️
Typo hackers sneak cross-platform credential stealer into 10 npm packages
CSOONLINE.COM — 30 Oct 2025
⚠️
The Death of the Security Checkbox: BAS Is the Power Behind Real Defense
THEHACKERNEWS.COM — 30 Oct 2025
⚠️
Chromium flaw crashes Chrome, Edge, Atlas: Researcher publishes exploit after Google’s silence
CSOONLINE.COM — 30 Oct 2025
⚠️
Aembit Introduces Identity and Access Management for Agentic AI
GBHACKERS.COM — 30 Oct 2025
⚠️
Jenkins Flaws Expose SAML Authentication Bypass and MCP Server Plugin Weaknesses
GBHACKERS.COM — 30 Oct 2025
⚠️
Atlas-Browser-Exploit ermöglicht Angriff auf ChatGPT-Speicher
CSOONLINE.COM — 30 Oct 2025
⚠️
Critical Blink Vulnerability Lets Attackers Crash Chromium Browsers in Seconds
GBHACKERS.COM — 30 Oct 2025
⚠️
Threat Actors Abuse AzureHound Tool to Enumerate Azure and Entra ID Environments
GBHACKERS.COM — 30 Oct 2025
⚠️
New Guidance Released on Microsoft Exchange Server Security Best Practices
CISA.GOV — Thu, 30 Oct 25 1
⚠️
New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL
THEHACKERNEWS.COM — 30 Oct 2025
⚠️
CISA Releases Two Industrial Control Systems Advisories
CISA.GOV — Thu, 30 Oct 25 1
⚠️
Ex-L3Harris exec guilty of selling cyber exploits to Russian broker
BLEEPINGCOMPUTER.COM — 30 Oct 2025
⚠️
Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks
THEHACKERNEWS.COM — 30 Oct 2025
⚠️
Strengthening security with a converged security and networking platform
CSOONLINE.COM — 30 Oct 2025
⚠️
XWiki Vulnerability Exploited in Cryptocurrency Mining Operation - SecurityWeek
SH.ITJUST.WORKS — 30 Oct 2025
⚠️
News alert: Aembit extends Workload IAM to close the access-control gap in enterprise AI deployments
LASTWATCHDOG.COM — 30 Oct 2025
⚠️
Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data – Sophos News
SH.ITJUST.WORKS — 30 Oct 2025
⚠️
CISA orders feds to patch VMware Tools flaw exploited by Chinese hackers
BLEEPINGCOMPUTER.COM — 30 Oct 2025
⚠️
Cybersecurity Is Dead - PSW #898
YOUTUBE.COM — 2025-10-30
📢
Grüne fordern schnellstmögliche Sicherheitsoffensive
CSOONLINE.COM — 30 Oct 2025
📢
Cybersecurity management for boards: Metrics that matter
CSOONLINE.COM — 30 Oct 2025
📢
Drupal security advisory (AV25-709)
CYBER.GC.CA — 2025-10-30
📢
Splunk security advisory (AV25-710)
CYBER.GC.CA — 2025-10-30
📢
CISA, NSA and Global Partners Unveil Security Blueprint for Hardening Microsoft Exchange Servers
CISA.GOV — Thu, 30 Oct 25 1
📢
CISA and NSA share tips on securing Microsoft Exchange servers
BLEEPINGCOMPUTER.COM — 30 Oct 2025
📢
Joint guidance on Microsoft Exchange Server security best practices
CYBER.GC.CA — 2025-10-30
🔥
NFC Relay Attack: 700+ Android Apps Harvest Banking Login Details
GBHACKERS.COM — 30 Oct 2025
🔥
Major US Telecom Backbone Firm Hacked by Nation-State Actors
SECURITYWEEK.COM — 30 Oct 2025
🔥
Airstalk Malware: Multi-Threaded C2 Steals Windows Logins
GBHACKERS.COM — 30 Oct 2025
🔥
Millions Impacted by Conduent Data Breach
SECURITYWEEK.COM — 30 Oct 2025
🔥
More than 10 million impacted by breach of government contractor Conduent | The Record from Recorded Future News
SH.ITJUST.WORKS — 30 Oct 2025
🔥
BPO giant Conduent confirms data breach impacts 10.5 million people
BLEEPINGCOMPUTER.COM — 30 Oct 2025
🔥
Canada says hacktivists breached water and energy facilities
SH.ITJUST.WORKS — 30 Oct 2025
🔥
reuters.com
SH.ITJUST.WORKS — 30 Oct 2025
🔥
Major telecom services provider Ribbon breached by state hackers
BLEEPINGCOMPUTER.COM — 30 Oct 2025
🕵️
ISC Stormcast For Thursday, October 30th, 2025 https://isc.sans.edu/podcastdetail/9678, (Thu, Oct 30th)
ISC.SANS.EDU — 30 Oct 2025
🕵️
PhantomRaven Attack Discovered in 126 Malicious npm Packages, Exceeding 86,000 Downloads
GBHACKERS.COM — 30 Oct 2025
🕵️
Chrome 142 Update Patches 20 Security Flaws Enabling Code Execution
GBHACKERS.COM — 30 Oct 2025
🕵️
136 NPM Packages Delivering Infostealers Downloaded 100,000 Times
SECURITYWEEK.COM — 30 Oct 2025
🕵️
Canada Says Hackers Tampered With ICS at Water Facility, Oil and Gas Firm
SECURITYWEEK.COM — 30 Oct 2025
🕵️
When a “Contact Us” Form Becomes “Contact a Cybercriminal”
KNOWBE4.COM — 30 Oct 2025
🕵️
You are invited to our hackerspace on SimpleX
SH.ITJUST.WORKS — 30 Oct 2025
🕵️
Reflectiz Raises $22 Million for Website Security Solution
SECURITYWEEK.COM — 30 Oct 2025
🕵️
Lampion Stealer Resurfaces with ClickFix Attack to Steal User Credentials Stealthily
GBHACKERS.COM — 30 Oct 2025
🕵️
Spektrum Labs Emerges From Stealth to Help Companies Prove Resilience
SECURITYWEEK.COM — 30 Oct 2025
🕵️
EY Data Leak - Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure
SH.ITJUST.WORKS — 30 Oct 2025
🕵️
10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux
SH.ITJUST.WORKS — 30 Oct 2025
🕵️
Npm Malware Uses Invisible Dependencies to Infect Dozens of Packages - Infosecurity Magazine
SH.ITJUST.WORKS — 30 Oct 2025
🕵️
The 5 generative AI security threats you need to know about detailed in new e-book
MICROSOFT.COM — 30 Oct 2025
🕵️
PHP Servers and IoT Devices Face Growing Cyber-Attack Risks - Infosecurity Magazine
SH.ITJUST.WORKS — 30 Oct 2025
🕵️
VintageStory's wiki emails you a temporary password when requesting a password reset, is this insecure?
SH.ITJUST.WORKS — 30 Oct 2025
🕵️
How Android provides the most effective protection to keep you safe from mobile scams
SECURITY.GOOGLEBLOG.COM — 2025-10-30
🕵️
Data Leak Outs Students of Iran's MOIS Training Academy
SH.ITJUST.WORKS — 30 Oct 2025
🕵️
Someone Snuck Into a Cellebrite Microsoft Teams Call and Leaked Phone Unlocking Details
INFOSEC.PUB — 30 Oct 2025
🌐
ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising
THEHACKERNEWS.COM — 30 Oct 2025
🌐
PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs
THEHACKERNEWS.COM — 30 Oct 2025
🌐
Massive surge of NFC relay malware steals Europeans’ credit cards
BLEEPINGCOMPUTER.COM — 30 Oct 2025
📡
LinkedIn gives you until Monday to stop AI from training on your profile
BITDEFENDER.COM — 30 Oct 2025
📡
Microsoft promises more Copilot features in Microsoft 365 companion apps
BLEEPINGCOMPUTER.COM — 30 Oct 2025
📡
MXDR solution for SMBs | Kaspersky official blog
KASPERSKY.COM — 30 Oct 2025
📡
X-Request-Purpose: Identifying "research" and bug bounty related scans?, (Thu, Oct 30th)
ISC.SANS.EDU — 30 Oct 2025
📡
Build a prevention-first defense: The Sophos Cybersecurity Toolkit
SOPHOS.COM — 30 Oct 2025
📡
Defending against adversary-in-the-middle threats with phishing-resistant multi-factor authentication (ITSM.30.031)
CYBER.GC.CA — 2025-10-30
📡
Rethinking identity security in the age of autonomous AI agents
BLEEPINGCOMPUTER.COM — 30 Oct 2025
📡
LinkedIn phishing targets finance execs with fake board invites
BLEEPINGCOMPUTER.COM — 30 Oct 2025
📡
The human cost of the UK Government’s Afghan data leak
GRAHAMCLULEY.COM — 30 Oct 2025
📡
Spam text scammer fined £200,000 for targeting people in debt, after sending nearly one million messages
BITDEFENDER.COM — 30 Oct 2025
📡
Google's Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month
THEHACKERNEWS.COM — 30 Oct 2025
📡
WhatsApp adds passkey protection to end-to-end encrypted backups
TECHCRUNCH.COM — 30 Oct 2025
📡
WhatsApp adds passwordless chat backups on iOS and Android
BLEEPINGCOMPUTER.COM — 30 Oct 2025
📡
Leaker reveals which Pixels are vulnerable to Cellebrite phone hacking
ARSTECHNICA.COM — 30 Oct 2025
📡
OpenAI confirms GPT-5 is now better at handling mental and emotional distress
BLEEPINGCOMPUTER.COM — 30 Oct 2025
📡
Fraud prevention: How to help older family members avoid scams
WELIVESECURITY.COM — 30 Oct 2025