MATLOCK.CA
107Articles
8Categories
2025-10-31Date
🚨
CISA Adds Exploited XWiki, VMware Flaws to KEV CatalogBroadcom has updated its advisory on CVE-2025-41244 to mention the vulnerability’s in-the-wild exploitation. The post CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog appeared first on SecurityWeek .
KEVSECURITYWEEK.COM — 31 Oct 2025
🚨
CISA Issues Advisory on XWiki Flaw Allowing Remote Code ExecutionThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting XWiki Platform to its Known Exploited Vulnerabilities catalog, highlighting the urgent security threat posed by an eval injection flaw. This vulnerability could allow any gues…
KEVGBHACKERS.COM — 31 Oct 2025
πŸ›
CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks
KEVTHEHACKERNEWS.COM — 31 Oct 2025
πŸ›
AI-powered bug hunting shakes up bounty industry β€” for better or worse
CSOONLINE.COM — 31 Oct 2025
πŸ›
CISA Alerts on Active Exploitation of VMware Tools and Aria Operations 0-Day
GBHACKERS.COM — 31 Oct 2025
πŸ›
Progress Releases Patch for MOVEit Transfer Resource Consumption Flaw
GBHACKERS.COM — 31 Oct 2025
πŸ›
OpenAI launches Aardvark to detect and patch hidden bugs in code
CSOONLINE.COM — 31 Oct 2025
πŸ›
Attackers Exploit Windows Server Update Services Flaw to Steal Sensitive Organizational Data
GBHACKERS.COM — 31 Oct 2025
πŸ›
China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems
THEHACKERNEWS.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12444 Incorrect security UI in Fullscreen UI
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12447 Incorrect security UI in Omnibox
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12446 Incorrect security UI in SplitView
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12445 Policy bypass in Extensions
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12433 Inappropriate implementation in V8
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12441 Out of bounds read in V8
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12440 Inappropriate implementation in Autofill
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12439 Inappropriate implementation in App-Bound Encryption
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12434 Race in Storage
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12435 Incorrect security UI in Omnibox
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12436 Policy bypass in Extensions
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12437 Use after free in PageInfo
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12438 Use after free in Ozone
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12433 Inappropriate implementation in V8
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12431 Inappropriate implementation in Extensions
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12430 Object lifecycle issue in Media
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12432 Race in V8
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12429 Inappropriate implementation in V8
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12428 Type Confusion in V8
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chromium: CVE-2025-12036 Inappropriate implementation in V8
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
CVE-2025-60711 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 31 Oct 2025
πŸ›
Chinese hackers target Western diplomats using hard-to-patch Windows shortcut flaw
CSOONLINE.COM — 31 Oct 2025
πŸ›
Cyber agencies produce β€˜long overdue’ best practices for securing Microsoft Exchange Server
CSOONLINE.COM — 31 Oct 2025
⚠️
Malicious packages in npm evade dependency detection through invisible URL links: Report
CSOONLINE.COM — 31 Oct 2025
⚠️
Massive Data Exposures, Insider Threats, and State-Sponsored Cyber Attacks
CYBERSECURITYTODAY.LIBSYN.COM — 31 Oct 2025
⚠️
New Agent-Aware Cloaking Technique Uses ChatGPT Atlas Browser to Feed Fake Content
GBHACKERS.COM — 31 Oct 2025
⚠️
Aembit Introduces Identity and Access Management for Agentic AI
KEVCSOONLINE.COM — 31 Oct 2025
⚠️
Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution
GBHACKERS.COM — 31 Oct 2025
⚠️
Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery
THEHACKERNEWS.COM — 31 Oct 2025
⚠️
CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers
THEHACKERNEWS.COM — 31 Oct 2025
⚠️
Threat Actors Exploiting Open-Source C2 Frameworks to Deploy Malicious Payloads
GBHACKERS.COM — 31 Oct 2025
⚠️
Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks
SECURITYWEEK.COM — 31 Oct 2025
⚠️
The unified linkage model: A new lens for understanding cyber risk
CSOONLINE.COM — 31 Oct 2025
⚠️
Threat Actors Exploit LANSCOPE Endpoint Manager Zero-Day Vulnerability to Steal Confidential Data
GBHACKERS.COM — 31 Oct 2025
⚠️
Will AI Strengthen or Undermine Democracy?
SCHNEIER.COM — 2025-10-31
⚠️
Windows zero-day actively exploited to spy on European diplomats
KEVBLEEPINGCOMPUTER.COM — 31 Oct 2025
⚠️
Bug-Bounty-Programm trifft KI – ein zweischneidiges Schwert
CSOONLINE.COM — 31 Oct 2025
⚠️
Beware of Fake ChatGPT Apps That Spy on Users and Steal Sensitive Data
GBHACKERS.COM — 31 Oct 2025
⚠️
Claude AI vulnerability exposes enterprise data through code interpreter exploit
CSOONLINE.COM — 31 Oct 2025
⚠️
CISA: High-severity Linux flaw now exploited by ransomware gangs
BLEEPINGCOMPUTER.COM — 31 Oct 2025
⚠️
New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL
SH.ITJUST.WORKS — 31 Oct 2025
⚠️
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats
THEHACKERNEWS.COM — 31 Oct 2025
⚠️
CISA: High-severity Linux flaw now exploited by ransomware gangs
SH.ITJUST.WORKS — 31 Oct 2025
⚠️
Multiple Jenkins Vulnerability SAML Authentication Bypass And MCP Server Plugin Permissions
SH.ITJUST.WORKS — 31 Oct 2025
⚠️
Australia warns of BadCandy infections on unpatched Cisco devices
BLEEPINGCOMPUTER.COM — 31 Oct 2025
⚠️
UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities - Arctic Wolf
SH.ITJUST.WORKS — 31 Oct 2025
⚠️
Australia warns of BadCandy infections on unpatched Cisco devices
SH.ITJUST.WORKS — 31 Oct 2025
⚠️
AI Cheating?, O, Canada, npms, passkeys, Exchange, Solaris, the amazing Rob Allen - SWN #525
YOUTUBE.COM — 2025-10-31
πŸ“’
CISA Publishes New Guidance to Strengthen Microsoft Exchange Server Security
GBHACKERS.COM — 31 Oct 2025
πŸ“’
The MSP Cybersecurity Readiness Guide: Turning Security into Growth
THEHACKERNEWS.COM — 31 Oct 2025
πŸ“’
CISA and NSA share tips on securing Microsoft Exchange servers
SH.ITJUST.WORKS — 31 Oct 2025
πŸ“’
SonicWall security advisory (AV25-711)
CYBER.GC.CA — 2025-10-31
πŸ“’
Progress security advisory (AV25-712)
CYBER.GC.CA — 2025-10-31
πŸ“’
HPE security advisory (AV25-713)
CYBER.GC.CA — 2025-10-31
πŸ”₯
Massive Great Firewall Leak Exposes 500GB of Censorship Data
GBHACKERS.COM — 31 Oct 2025
πŸ”₯
Kimsuky and Lazarus Hackers Deploy New Backdoor Tools for Remote Access Attacks
GBHACKERS.COM — 31 Oct 2025
πŸ”₯
Ukrainian extradited from Ireland on Conti ransomware charges
BLEEPINGCOMPUTER.COM — 31 Oct 2025
πŸ”₯
Data breach at Reputation.com: brands at risk as 120M records leak
SH.ITJUST.WORKS — 31 Oct 2025
πŸ”₯
BPO giant Conduent confirms data breach impacts 10.5 million people
SH.ITJUST.WORKS — 31 Oct 2025
πŸ”₯
Major telecom services provider Ribbon breached by state hackers
SH.ITJUST.WORKS — 31 Oct 2025
πŸ”₯
Stolen Credentials Drive the Rise of Financially Motivated Cyberattacks
GBHACKERS.COM — 31 Oct 2025
πŸ”₯
Ukrainian Man Extradited From Ireland to US Over Conti Ransomware Charges
SECURITYWEEK.COM — 31 Oct 2025
πŸ”₯
Poland mayors hit by phishing scam​ | Cybernews
SH.ITJUST.WORKS — 31 Oct 2025
πŸ”₯
Government hackers breached telecom giant Ribbon for months before getting caught
TECHCRUNCH.COM — 31 Oct 2025
πŸ”₯
Hackers threaten to leak data after breaching University of Pennsylvania to send mass emails
TECHCRUNCH.COM — 31 Oct 2025
πŸ”₯
β€˜We got hacked’ emails threaten to leak University of Pennsylvania data
BLEEPINGCOMPUTER.COM — 31 Oct 2025
πŸ•΅οΈ
ISC Stormcast For Friday, October 31st, 2025 https://isc.sans.edu/podcastdetail/9680, (Fri, Oct 31st)
ISC.SANS.EDU — 31 Oct 2025
πŸ•΅οΈ
Malicious Multilingual ZIP Files Strike Banks and Government Offices
GBHACKERS.COM — 31 Oct 2025
πŸ•΅οΈ
Japan Issues OT Security Guidance for Semiconductor Factories
SECURITYWEEK.COM — 31 Oct 2025
πŸ•΅οΈ
Researchers Develop Linux Rootkit That Evades Elastic EDR Protections
GBHACKERS.COM — 31 Oct 2025
πŸ•΅οΈ
WhatsApp Implements Passkey System to Boost Backup Privacy
GBHACKERS.COM — 31 Oct 2025
πŸ•΅οΈ
Agentic AI: What now, what next?
US.RESOURCES.CSOONLINE.COM — 31 Oct 2025
πŸ•΅οΈ
Jamf to Go Private Following $2.2 Billion Acquisition by Francisco Partners
SECURITYWEEK.COM — 31 Oct 2025
πŸ•΅οΈ
LotL Attack Hides Malware in Windows Native AI Stack
SH.ITJUST.WORKS — 31 Oct 2025
πŸ•΅οΈ
Open VSX Downplays Impact From GlassWorm Campaign
SECURITYWEEK.COM — 31 Oct 2025
πŸ•΅οΈ
Massive surge of NFC relay malware steals Europeans’ credit cards
SH.ITJUST.WORKS — 31 Oct 2025
πŸ•΅οΈ
Google Launches New AI Security Features on Android to Block Mobile Scams
GBHACKERS.COM — 31 Oct 2025
πŸ•΅οΈ
Critical Flaws Found in Elementor King Addons Affect 10,000 Sites - Infosecurity Magazine
SH.ITJUST.WORKS — 31 Oct 2025
πŸ•΅οΈ
Why password controls still matter in cybersecurity
BLEEPINGCOMPUTER.COM — 31 Oct 2025
πŸ•΅οΈ
NPM flooded with malicious packages downloaded more than 86,000 times
INFOSEC.PUB — 31 Oct 2025
πŸ•΅οΈ
Kimsuky and Lazarus Hacker Groups Unveil New Tools That Enable Backdoor and Remote Access
SH.ITJUST.WORKS — 31 Oct 2025
πŸ•΅οΈ
In Other News: WhatsApp Passkey-Encrypted Backups, Russia Targets Meduza Malware, New Mastercard Solution
SECURITYWEEK.COM — 31 Oct 2025
πŸ•΅οΈ
Aisuru Botnet Shifts from DDoS to Residential Proxies – Krebs on Security
SH.ITJUST.WORKS — 31 Oct 2025
πŸ•΅οΈ
Australian Police Use 'Crypto Safe Cracker' to Access $6M Stash - Decrypt
SH.ITJUST.WORKS — 31 Oct 2025
πŸ•΅οΈ
Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack
THEHACKERNEWS.COM — 31 Oct 2025
πŸ•΅οΈ
Russia finally bites the cybercrooks it raised, arresting suspected Meduza infostealer devs
INFOSEC.PUB — 31 Oct 2025
πŸ•΅οΈ
UN Convention Against Cybercrime Is a Huge Win!
KNOWBE4.COM — 31 Oct 2025
πŸ•΅οΈ
Friday Squid Blogging: Giant Squid at the Smithsonian
SCHNEIER.COM — 2025-10-31
πŸ•΅οΈ
MY TAKE: Microsoft pitches an AI β€˜protopian’ future β€” while civic groups pedal to stay upright
LASTWATCHDOG.COM — 31 Oct 2025
🌐
Alleged Meduza Stealer malware admins arrested after hacking Russian org
BLEEPINGCOMPUTER.COM — 31 Oct 2025
πŸ“‘
A New Security Layer for macOS Takes Aim at Admin Errors Before Hackers Do
THEHACKERNEWS.COM — 31 Oct 2025
πŸ“‘
Phake phishing: Phundamental or pholly?
SOPHOS.COM — 31 Oct 2025
πŸ“‘
Google says Search AI Mode will know everything about you
BLEEPINGCOMPUTER.COM — 31 Oct 2025
πŸ“‘
Microsoft Edge gets scareware sensor for faster scam detection
BLEEPINGCOMPUTER.COM — 31 Oct 2025
πŸ“‘
OpenAI Unveils Aardvark: GPT-5 Agent That Finds and Fixes Code Flaws Automatically
THEHACKERNEWS.COM — 31 Oct 2025
πŸ“‘
Windows 11 tests shared Bluetooth audio support, but only for AI PCs
BLEEPINGCOMPUTER.COM — 31 Oct 2025
πŸ“‘
This month in security with Tony Anscombe – October 2025 edition
WELIVESECURITY.COM — 31 Oct 2025
πŸ“‘
How are you managing cloud risk?
TRENDMICRO.COM — 31 Oct 2025