A list of topics we covered in the week of October 6 to October 12 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (October 6 – October 12)
Category: EN
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns
Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth banking trojan that employs GitHub as a backbone for its operations to stay resilient in the face of infrastructure takedowns. “Instead of relying solely on traditional command-and-control…
China Rare Earth Restrictions Target Advanced Chips
New export controls specifically target manufacture of advanced semiconductors and memory chips, as trade war heats up This article has been indexed from Silicon UK Read the original article: China Rare Earth Restrictions Target Advanced Chips
WhatsApp Worm Targets Users with Banking Malware, Steals Login Information
Cybersecurity researchers have uncovered a sophisticated new campaign targeting WhatsApp users in Brazil with self-propagating malware designed to steal banking credentials and cryptocurrency exchange login information. The attack, first detected on September 29, 2025, represents a dangerous evolution in social…
Velociraptor pushes LockBit, Spain dismantles crime group, SonicWall SSL VPN breach
Huge thanks to our sponsor, Vanta What’s your 2 AM security worry? Is it “Do I have the right controls in place?” Or “Are my vendors secure?” ….or the really scary one: “how do I get…
Google May Be Forced To Make Search Changes In UK
UK competition regulator officially designates Google Search as having ‘strategic market status’ in move that could bring changes This article has been indexed from Silicon UK Read the original article: Google May Be Forced To Make Search Changes In UK
Hackers Claim Massive Salesforce Breach: 1 Billion Records Stolen
A new cybercriminal conglomerate known as Scattered Lapsus$ Hunters has emerged as a significant threat to global organizations, claiming responsibility for massive data breaches targeting Salesforce customer tenants. The group, also referred to as SP1D3R HUNTERS or SLSH, has reportedly…
Spanish Authorities Dismantle Advanced AI Phishing Operation GoogleXcoder
Spanish law enforcement recently dismantled an advanced AI-driven phishing network and arrested the mastermind developer known as “GoogleXcoder.” This operation marks a significant victory in the fight against banking credential theft in Spain. Cybercriminals Target Banks and Government Agencies Since…
Building a healthcare cybersecurity strategy that works
In this Help Net Security interview, Wayman Cummings, CISO at Ochsner Health, talks about building a healthcare cybersecurity strategy, even when resources are tight. He explains how focusing on areas like vulnerability management and network segmentation can make the biggest…
Astaroth Banking Malware Exploits GitHub for Hosting Configuration Files
McAfee’s Threat Research team recently uncovered a sophisticated new Astaroth campaign that represents a significant evolution in malware infrastructure tactics. This latest variant has abandoned traditional command-and-control (C2) server dependencies in favor of leveraging GitHub repositories to host critical malware…
Oracle E-Business Suite Flaw Enables Remote Code Execution and Data Theft
Oracle has issued a critical security alert for a severe vulnerability in its E-Business Suite platform that could allow attackers to execute remote code and steal sensitive data without requiring authentication. The flaw, identified as CVE-2025-61884, affects multiple versions of the…
SonicWall SSLVPN Targeted After Hackers Breach All Customer Firewall Backups
Cybersecurity researchers at Huntress have detected a widespread attack campaign targeting SonicWall SSL VPN devices across multiple customer environments, with over 100 accounts compromised since early October. The attacks appear coordinated and sophisticated, with threat actors rapidly authenticating into multiple…
AI-generated images have a problem of credibility, not creativity
GenAI simplifies image creation, yet it creates hard problems around intellectual property, authenticity, and accountability. Researchers at Queen’s University in Canada examined watermarking as a way to tag AI images so origin and integrity can be checked. Watermarking scenario overview…
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts. “Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileged…
The five-minute guide to OT cyber resilience
In this Help Net Security video, Rob Demain, CEO of e2e-assure, explains the essentials of OT cybersecurity resilience. He discusses the importance of understanding remote access points, supply chain connections, and the need for specialized sensors to monitor OT networks…
Attackers Exploit Defender for Endpoint Cloud API to Bypass Authentication and Disrupt Incident Response
Microsoft Defender for Endpoint’s cloud communication can be abused to bypass authentication, intercept commands, and spoof results, allowing attackers to derail incident response and mislead analysts. Recent research shows that multiple backend endpoints accept requests without effectively validating tokens, enabling…
SonicWall SSLVPN Under Attack Following the Breach of All Customers’ Firewall Backups
A surge in attacks targeting SonicWall SSLVPN devices, affecting numerous customer networks, just weeks after a major breach exposed sensitive firewall data. Starting October 4, 2025, threat actors have rapidly authenticated into over 100 accounts across 16 environments, using what…
RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks
An open-source tool called RealBlindingEDR enables attackers to blind, permanently disable, or terminate antivirus (AV) and endpoint detection and response (EDR) software by clearing critical kernel callbacks on Windows systems. Released on GitHub in late 2023, the utility leverages signed…
Discord confirms third-party support breach; some users’ ID photos, support messages and limited payment details were accessed
Discord, the popular communication platform used by millions worldwide, has confirmed a data breach that compromised the systems of one of its third-party customer support providers. The incident, which occurred on September 20, 2025, allowed an unauthorized individual to…
When hackers hit, patient safety takes the fall
93% of U.S. healthcare organizations experienced at least one cyberattack in the past year, with an average of 43 incidents per organization, according to Proofpoint. The study found that most of these attacks involved cloud account compromises, ransomware, supply chain…