TikTok Videos Weaponized to Deliver Self-Compiling PowerShell Malware
Attackers are exploiting TikTok’s massive reach to trick users into executing malware through seemingly innocuous videos. In one popular TikTok video (liked over 500 times),…
Month: October 2025
Cybercrime Magazine Expands Its Headquarters
Cybersecurity Ventures is headquartered in Northport, a historic seaside village on the north shore of Long Island in Suffolk County, N.Y., which has been the…
Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation targeted victims running…
AEM Forms RCE Flaw Exploited In The Wild
A new vulnerability in Adobe Experience Manager (AEM) Forms has been confirmed as actively exploited in the wild, prompting the U.S. Cybersecurity and Infrastructure Security…
Over 266,000 F5 BIG-IP instances exposed to remote attacks
Internet security nonprofit Shadowserver Foundation has found more than 266,000 F5 BIG-IP instances exposed online after the security breach disclosed by cybersecurity company F5 this…
Windows Rust-based Kernel GDI Vulnerability Leads to Crash and Blue Screen of Death Error
A vulnerability in Microsoft’s newly implemented Rust-based kernel component for the Graphics Device Interface (GDI) in Windows. This flaw, which could trigger a system-wide crash…
APT28 Deploys BeardShell and Covenant Modules via Weaponized Office Documents
Security researchers at Sekoia.io have uncovered a sophisticated cyberattack campaign orchestrated by APT28, the notorious Russian state-sponsored threat actor, targeting Ukrainian military personnel with weaponized…
Your First and Last Line of Defense
Oct 17, 2025The Hacker NewsArtificial Intelligence / Identity Security The danger isn’t that AI agents have bad days — it’s that they never do. They…
European Authorities Shutter Cybercrime Service Fueling Online Scam
Seven suspects are now in custody after a cross-border crackdown dismantled a cybercrime service that powered more than 3,000 online scams across Europe, authorities said.…
Prosper disclosed a data breach impacting 17.6 million accounts
Prosper disclosed a data breach impacting 17.6 million accounts Pierluigi Paganini October 17, 2025 Threat actors stole personal data, including names, IDs, and financial details…
APT28 With Weaponized Office Documents Delivers BeardShell and Covenant Modules
Russia’s APT28 has resurfaced in mid-2025 with a sophisticated spear-phishing campaign that weaponizes Office documents to deploy two novel payloads: BeardShell, a C-based backdoor leveraging…
Email Bombs Exploit Lax Authentication in Zendesk – Krebs on Security
Cybercriminals are abusing a widespread lack of authentication in the customer service platform Zendesk to flood targeted email inboxes with menacing messages that come from…