💣 Europol just dismantled a SIM farm-for-hire platform that powered 49 million fake accounts used for global fraud.

It let anyone rent verified phone numbers from 80+ countries — to scam, extort, or launder money.

Details → https://thehackernews.com/2025/10/europol-dismantles-sim-farm-network.html

🕵️ China says the NSA hacked its national time servers — the system that keeps everything in sync.

If that clock went down, it could’ve hit banks, power grids, even space launches.

The attack used foreign SMS exploits, forged certs, and 42 stealth tools.

Read → https://thehackernews.com/2025/10/mss-claims-nsa-used-42-cyber-tools-in.html

🚨 131 Chrome extensions were caught turning WhatsApp Web into spam bots.

They look like “CRM tools,” but secretly send bulk messages.

Over 20,000 users already installed them.

Full details ↓ https://thehackernews.com/2025/10/131-chrome-extensions-caught-hijacking.html

🔴 Silent breaches, blockchain malware, and new Android exploits — this week’s threat roundup proves attackers are getting bolder and smarter.

Catch the highlights:

⚡ F5 breach
⚡ EtherHiding malware
⚡ Cisco rootkits
⚡ Pixnapping 2FA theft

Read WEEKLY RECAP → https://thehackernews.com/2025/10/weekly-recap-f5-breached-linux-rootkits.html

🚨 A fake CAPTCHA just breached hospitals, universities, and city networks.

The scary part? Victims copied the attack code themselves — straight from their browser.

It’s called ClickFix, and it hijacks users through “fix this page” pop-ups — no downloads, no phishing email needed.

See how it slips past every control ↓ https://thehackernews.com/2025/10/analysing-clickfix-3-reasons-why.html

A Chinese-linked hacking group breached Europe’s telecom defenses — weaponizing antivirus software.

They planted a backdoor in legitimate Norton and Bkav installs.

Payload: SnappyBee, a new ShadowPad variant delivered via DLL side-loading.

Learn more ↓ https://thehackernews.com/2025/10/hackers-used-snappybee-malware-and.html

Russia’s COLDRIVER hackers rebuilt their malware tools in just 5 days.

Meet NOROBOT, YESROBOT, and MAYBEROBOT — hidden behind fake CAPTCHA checks and PowerShell tricks.

Google just exposed how they did it ↓ https://thehackernews.com/2025/10/google-identifies-three-new-russian.html

⚠️ Your AppSec blind spots are costing you.

The gap between code and cloud runtime drives 90% of delayed fixes—and missed accountability.

Map vulnerabilities, misconfigs, and secrets across your pipeline to regain control.

Cut the noise. Reduce risk. Start now ↓ https://thehacker.news/code-to-cloud-appsec

🔥 Your Cisco, ASUS, QNAP, or Synology router might secretly be part of a botnet.

A new threat called PolarEdge is hiding inside routers, turning them into undetectable spies using a secret TLS server and a hidden config file.

Exploit chain, IOCs & decryption trick ↓ https://thehackernews.com/2025/10/polaredge-targets-cisco-asus-qnap.html

Meta just rolled out new anti-scam tools for WhatsApp & Messenger.

⚠️ Screen-share warnings
🤖 AI scam detection
🚨 Instant alerts

... but one setting quietly breaks 🔐 encryption.

Learn more ↓ https://thehackernews.com/2025/10/meta-rolls-out-new-tools-to-protect.html

Every new AI tool in your SOC adds another way in for attackers.

The defender might now be the weak spot.

AI agents are making decisions on their own — and trust just became an identity problem.

Learn how to secure them before someone else does → https://thehackernews.com/2025/10/securing-ai-to-benefit-from-ai.html

🚨 TP-Link’s Omada gateways just got hit with four major security flaws — two can let hackers run commands without logging in.

A remote attacker could take full control — no password needed.

Patch now. Details ↓ https://thehackernews.com/2025/10/tp-link-patches-four-omada-gateway.html

A tiny Rust bug just broke thousands of builds.

It’s called TARmageddon (CVE-2025-62518) — a flaw in the async-tar library that lets attackers slip hidden files inside nested TAR archives.

Unpatched since 2023, developers are now racing to fix it ↓ https://thehackernews.com/2025/10/tarmageddon-flaw-in-async-tar-rust.html

🚨 PassiveNeuron is still active.

Hackers are breaking in through Microsoft SQL servers, planting custom malware (Neursite & NeuralExecutor), and even using GitHub to hide their command servers — a rare move in state-level spying.

Full story → https://thehackernews.com/2025/10/researchers-identify-passiveneuron-apt.html

🤖 Nearly 40% of alerts still go unseen.

AI-SOCs now handle triage, cut false positives, and alert teams with full context. But as Shahar Ben-Hador explains — outsource or not, you still own the breach.

$30K vs $100K+… here’s who should switch ↓ https://thehackernews.com/expert-insights/2025/10/what-happens-to-mssps-and-mdrs-in-age.html

🔒 8-character passwords are dead.
💀 Hackers crack “P@ssw0rd!” in months.
🔡 The fix isn’t symbols — it’s length.

16 simple letters beat any complex mix.
Use words, not symbols.

Why your policy still fails ↓ https://thehackernews.com/2025/10/why-you-should-swap-passwords-for.html

Hackers linked to China exploited a “patched” Microsoft SharePoint flaw to break into networks across four continents.

It wasn’t just spying — they found a way to bypass the patch that fixed a previous bypass.

Symantec warns the campaign is still spreading.

Read → https://thehackernews.com/2025/10/chinese-threat-actors-exploit-toolshell.html