π¨ Threat Alert: A new group, TA585, is running end-to-end phishing campaigns delivering MonsterV2 malware.
No middlemen. Just pure, in-house cybercrime ops.
Phishing β fake CAPTCHAs β PowerShell payloads β MonsterV2.
Learn how their stack works β https://thehackernews.com/2025/10/researchers-expose-ta585s-monsterv2.html
No middlemen. Just pure, in-house cybercrime ops.
Phishing β fake CAPTCHAs β PowerShell payloads β MonsterV2.
Learn how their stack works β https://thehackernews.com/2025/10/researchers-expose-ta585s-monsterv2.html
π15π₯1π±1
π¨ Attackers are turning Discord into a command center β using webhooks to steal API keys and config files right from npm, PyPI, and Ruby installs.
βοΈ North Korean actors even pushed 300+ fake packages with 50K+ downloads.
Details here β https://thehackernews.com/2025/10/npm-pypi-and-rubygems-packages-found.html
βοΈ North Korean actors even pushed 300+ fake packages with 50K+ downloads.
Details here β https://thehackernews.com/2025/10/npm-pypi-and-rubygems-packages-found.html
π15π2
β‘ New Android exploit βPixnappingβ steals 2FA codes via GPU side-channels.
β No special permissions
β Works across apps (Maps, Authenticator, etc.)
β Full 2FA capture in ~30s
Read the full story β https://thehackernews.com/2025/10/new-pixnapping-android-flaw-lets-rogue.html
β No special permissions
β Works across apps (Maps, Authenticator, etc.)
β Full 2FA capture in ~30s
Read the full story β https://thehackernews.com/2025/10/new-pixnapping-android-flaw-lets-rogue.html
π±21π5π3π€2β‘1
𧩠AMDβs βsecureβ virtualization can be broken with a single memory write.
A new flaw, RMPocalypse (CVE-2025-0033), lets attackers corrupt the Reverse Map Table and steal data from virtual machines β all through one 8-byte overwrite.
Read the details β https://thehackernews.com/2025/10/rmpocalypse-single-8-byte-write.html
A new flaw, RMPocalypse (CVE-2025-0033), lets attackers corrupt the Reverse Map Table and steal data from virtual machines β all through one 8-byte overwrite.
Read the details β https://thehackernews.com/2025/10/rmpocalypse-single-8-byte-write.html
π11π€7β‘1
π€ AI lets attackers map your environment before sending a payload.
No exploits needed β your JS, APIs, and error logs are enough. Harmless data is now reconnaissance fuel.
See how it changes defense strategy β https://thehackernews.com/2025/10/what-ai-reveals-about-web-applications.html
No exploits needed β your JS, APIs, and error logs are enough. Harmless data is now reconnaissance fuel.
See how it changes defense strategy β https://thehackernews.com/2025/10/what-ai-reveals-about-web-applications.html
π7π±5
π¨Billions lost. Operations frozen. Ransomware in 2025 is faster, smarter, and nearly unstoppable.
LockBit, Lazarus, and FunkLocker are already inside corporate networks worldwide.
Help your SOC detect threats early and respond with confidence β¬οΈ https://thn.news/enterprise-defense
LockBit, Lazarus, and FunkLocker are already inside corporate networks worldwide.
Help your SOC detect threats early and respond with confidence β¬οΈ https://thn.news/enterprise-defense
π9π₯7π2
β οΈ Security training β security.
Training teaches people to see risk β threat hunting proves whether it still exists. Real security starts before the first alert.
π Donβt just educate. Learn how to validate β https://thehackernews.com/2025/10/moving-beyond-awareness-how-threat.html
Training teaches people to see risk β threat hunting proves whether it still exists. Real security starts before the first alert.
π Donβt just educate. Learn how to validate β https://thehackernews.com/2025/10/moving-beyond-awareness-how-threat.html
π9π₯2
π¨ A Chinese APT hid inside ArcGIS for over a year.
They turned a legit Java extension into a web shell.
π Added a hardcoded key β exclusive access
πΎ Hid it in backups β survived restores
Thatβs what βliving off the landβ really means β https://thehackernews.com/2025/10/chinese-hackers-exploit-arcgis-server.html
They turned a legit Java extension into a web shell.
π Added a hardcoded key β exclusive access
πΎ Hid it in backups β survived restores
Thatβs what βliving off the landβ really means β https://thehackernews.com/2025/10/chinese-hackers-exploit-arcgis-server.html
π₯22π€―8π1
β οΈ Heads-up! SAP just re-patched a critical CVSS 10.0 flaw (CVE-2025-42944) in NetWeaver AS Java β a deserialization bug that lets attackers execute commands without authentication.
Apply. The. Fix. β https://thehackernews.com/2025/10/new-sap-netweaver-bug-lets-attackers.html
Apply. The. Fix. β https://thehackernews.com/2025/10/new-sap-netweaver-bug-lets-attackers.html
π₯13π€―2
πͺ A cookie that spawns a shell π
A critical flaw (CVE-2025-2611, CVSS 9.3) in ICTBroadcast autodialer software is under active exploitation.
Attackers inject commands via the BROADCAST session cookie for unauthenticated remote code execution.
No patch yet β check your stack β https://thehackernews.com/2025/10/hackers-target-ictbroadcast-servers-via.html
~200 servers are exposed.
A critical flaw (CVE-2025-2611, CVSS 9.3) in ICTBroadcast autodialer software is under active exploitation.
Attackers inject commands via the BROADCAST session cookie for unauthenticated remote code execution.
No patch yet β check your stack β https://thehackernews.com/2025/10/hackers-target-ictbroadcast-servers-via.html
~200 servers are exposed.
π15π₯8π1
π₯ Agentic AI isnβt just automatingβitβs thinking and acting.
Zscalerβs CEO says itβs a bigger shift than cloud or IoT.
The upside? Faster support and instant threat response.
The risk? Rogue AIs scanning your network right now.
Learn why Zero Trust isnβt optional anymore β https://thehackernews.com/videos/2025/10/exploring-agentic-ai-innovation-meets.html
Zscalerβs CEO says itβs a bigger shift than cloud or IoT.
The upside? Faster support and instant threat response.
The risk? Rogue AIs scanning your network right now.
Learn why Zero Trust isnβt optional anymore β https://thehackernews.com/videos/2025/10/exploring-agentic-ai-innovation-meets.html
π11π€2
βοΈ If you run industrial gear β check your Red Lion RTUs.
Two CVEs (both 10/10) let anyone pop root via one open port. Water, energy, transport β all at risk.
Patch ASAP. Details here β https://thehackernews.com/2025/10/two-cvss-100-bugs-in-red-lion-rtus.html
Two CVEs (both 10/10) let anyone pop root via one open port. Water, energy, transport β all at risk.
Patch ASAP. Details here β https://thehackernews.com/2025/10/two-cvss-100-bugs-in-red-lion-rtus.html
π11π2
π΄ Microsoft just dropped fixes for 183 security flaws.
3 are already being exploited β including one buried in every Windows PC since XP.
...and at the same time, it is ending Windows 10 support (unless you pay).
Details + patch info β https://thehackernews.com/2025/10/two-new-windows-zero-days-exploited-in.html
3 are already being exploited β including one buried in every Windows PC since XP.
...and at the same time, it is ending Windows 10 support (unless you pay).
Details + patch info β https://thehackernews.com/2025/10/two-new-windows-zero-days-exploited-in.html
π19π₯8π±6π2
π₯ New free playbook from Pillar Security : a hands-on framework for red-teaming agentic AI systems.
Covers the AI Kill Chain, context engineering, and the CFS model for crafting and testing realistic attack simulations.
π No sign-up required: https://thn.news/agentic-defend
Covers the AI Kill Chain, context engineering, and the CFS model for crafting and testing realistic attack simulations.
π No sign-up required: https://thn.news/agentic-defend
π₯16π6
π¨ Over 100 VS Code extensions leaked access tokens β letting attackers push malicious updates to 150,000+ installs.
A single exposed key couldβve weaponized the software supply chain.
Full story β https://thehackernews.com/2025/10/over-100-vs-code-extensions-exposed.html
A single exposed key couldβve weaponized the software supply chain.
Full story β https://thehackernews.com/2025/10/over-100-vs-code-extensions-exposed.html
π13π±7π₯3
π F5 just confirmed a nation-state breach that went undetected for months.
Hackers stole BIG-IP source code and data on undisclosed vulnerabilities.
Full story β https://thehackernews.com/2025/10/f5-breach-exposes-big-ip-source-code.html
Hackers stole BIG-IP source code and data on undisclosed vulnerabilities.
Full story β https://thehackernews.com/2025/10/f5-breach-exposes-big-ip-source-code.html
π±19π10π₯3π€3π2π1