Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases

Russian cybercrime group Lynx breached Dodd Group, a contractor for the UK Ministry of Defence, stealing and leaking hundreds of sensitive files on eight RAF and Royal Navy bases. The incident occu...

Oct 20, 2025 SECURITY

PoC Exploit Released for Windows Server Update Services Remote Code Execution Vulnerability

A proof-of-concept (PoC) exploit has been released for a critical vulnerability in Microsoft’s Windows Server Update Services (WSUS), enabling unauthenticated attackers to execute remote code with ...

Oct 20, 2025 SECURITY

Cyber defenders sound the alarm as F5 hack exposes broad risks

A more than year-long digital intrusion into cybersecurity company F5 (FFIV.O), publicized last week and blamed on Chinese spies, has defenders across the industry hunting for signs of compromise a...

Oct 20, 2025 CYBERSECURITY

AI-Driven Social Engineering Top Cyber Threat for 2026, ISACA Survey Reveals

AI-driven social engineering is set to be one of the most significant cyber threats in 2026, a new ISACA report revealed. The 2026 ISACA Tech Trends and Priorities report found that this type of AI...

Oct 20, 2025 RESEARCH

WatchGuard VPN Vulnerability Let Remote Attacker Execute Arbitrary Code

WatchGuard has disclosed a critical out-of-bounds write vulnerability in its Fireware OS, enabling remote unauthenticated attackers to execute arbitrary code via IKEv2 VPN connections. An attacker...

Oct 19, 2025 CYBER SECURITY NEWS

PoC Exploit Released for Linux-PAM Vulnerability Allowing Root Privilege Escalation

A high-severity vulnerability in the Pluggable Authentication Modules (PAM) framework was assigned the identifier CVE-2025-8941. This vulnerability stems from the heart of Linux operating systems, ...

Oct 19, 2025 CYBER SECURITY

Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide

Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes rang...

Oct 19, 2025 ARREST

Data brokers are constantly doxing us, and we can’t do anything about it

The main purpose of a data broker is to make money, as they sell all kinds of data to various individuals and organizations worldwide. This includes selling to political organizations to target vot...

Oct 19, 2025 PRIVACY

China Accuses US of Cyberattack on National Time Center

China on Sunday accused the U.S. National Security Agency of carrying out cyberattacks on its national time center following an investigation, saying any damage to related facilities could have dis...

Oct 19, 2025 CYBERSECURITY

New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs

Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. ...

Oct 18, 2025 MALWARE

Collins Aerospace attack claimed by Everest, linking ransomware group to last month's European airport chaos

The Everest ransomware group is claiming responsibility for the September breach of Collins Aerospace and its MUSE check-in software – in an attack that impacted multiple major airports across Euro...

Oct 18, 2025 CYBERSECURITY

2025-10-17 Daily Vulns

NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-10699 Lenovo - LeCloud Clien...

Oct 17, 2025 VULNERABILITIES

US Charges Cambodian Executive in Massive Crypto Scam and Seizes More Than 4 Billion in Bitcoin

The U.S. government has seized more than 4 billion in bitcoin and charged the founder of a Cambodian conglomerate in a massive cryptocurrency scam, accusing him and unnamed co-conspirators of explo...

Oct 16, 2025 CRYPTO NEWS

Senate Investigates Cisco Over Zero-Day Firewall Vulnerabilities

The vulnerabilities, identified as CVE-2025-20333 and CVE-2025-20362, affect Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) devices, enabling unauthenticated remote co...

Oct 16, 2025 CYBER SECURITY NEWS

North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts

A threat actor with ties to North Korea has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hackin...

Oct 16, 2025 APT

Misconfigured NetcoreCloud Server Exposed 40B Records in 13.4TB of Data

A major data exposure linked to NetcoreCloud, an India-based global email marketing and automation company, has drawn attention after cybersecurity researcher Jeremiah Fowler found a publicly acces...

Oct 16, 2025 DATA BREACH

2025-10-16 Daily Vulns

NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2017-20204 DBL Technology (DBLTek...

Oct 16, 2025 VULNERABILITIES

Whisper 2FA Behind One Million Phishing Attempts Since July

What makes Whisper 2FA stand out is its use of AJAX, a web technology that allows real-time communication between browser and server without page reloads. This enables the phishing kit to repeatedl...

Oct 15, 2025 SECURITY

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

The two Windows zero-days that have come under active exploitation are as follows: CVE-2025-24990 (CVSS score: 7.8) - Windows Agere Modem Driver (“ltmdm64.sys”) Elevation of Privilege Vulnerabi...

Oct 15, 2025 VULNS

F5 releases BIG-IP patches for stolen security vulnerabilities

Cybersecurity company F5 has released security updates to address BIG-IP vulnerabilities stolen in a breach detected on August 9, 2025. The company disclosed today that state hackers breached its s...