Cybersecurity researchers at Kaspersky have uncovered a sophisticated supply chain attack targeting the npm ecosystem, where threat actors distributed the AdaptixC2 post-exploitation framework through a malicious package disguised as a legitimate proxy utility. The discovery highlights the growing risk of…
AWS Declares Major Outage Resolved After Nearly 24 Hours of Disruption
Amazon Web Services (AWS), the world’s largest cloud computing provider, has officially marked a widespread outage in its US-EAST-1 region as resolved, following nearly a full day of cascading failures that disrupted services for millions worldwide. The incident, which began…
CISA Warns of Oracle E-Business Suite SSRF Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle E-Business Suite vulnerability to its Known Exploited Vulnerabilities catalog after detecting active exploitation in the wild. The security flaw, tracked as CVE-2025-61884, poses significant risks to organizations running…
When the Backbone Breaks: Why the F5 Breach is a Five-Alarm Fire
Alan warns that the F5 breach — involving stolen source code, unpatched vulnerabilities, and customer configurations — is a five-alarm crisis for digital infrastructure. The attack exposes national security risks, vendor concentration dangers, and the fragility of our IT foundations.…
When everything’s connected, everything’s at risk
In this Help Net Security interview, Ken Deitz, CISO at Brown & Brown, discusses how the definition of cyber risk has expanded beyond IT to include IoT, OT, and broader supply chain ecosystems. As organizations connect these assets through cloud…
AWS Crash Causes Outages Across Internet
Amazon Web Services outage on US east coast creates ripple effect, disrupting internet services for millions This article has been indexed from Silicon UK Read the original article: AWS Crash Causes Outages Across Internet
Pakistani Cyber Actors Impersonating ‘NIC eEmail Services’ to Target Indian Government
Pakistan-based advanced persistent threat group APT36, also known as TransparentTribe, is actively targeting Indian government entities with a sophisticated spear-phishing campaign using email lures themed as “NIC eEmail Services.” This campaign leverages lookalike domains and weaponized infrastructure to steal credentials…
Your smart building isn’t so smart without security
The lights switch on as you walk in. The air adjusts to your presence. Somewhere in the background, a server notes your arrival. It’s the comfort of a smart building, but that comfort might come with a cost. Smart buildings…
Over 71,000 WatchGuard Devices Exposed to Remote Code Execution Attacks
The cybersecurity community has raised a serious alarm following the recent daily reporting of vulnerable WatchGuard devices impacted by a major security flaw. According to new data published on October 18, 2025, security researchers at Shadowserver observed over 71,000 WatchGuard…
New LOSTKEYS Malware Tied to Russian State-Sponsored Hacker Group COLDRIVER
Russian state-sponsored threat actor COLDRIVER, long known for targeting high-profile NGOs, policy advisors, and dissidents, has been linked to a rapidly evolving malware campaign following the public disclosure of its LOSTKEYS malware in May 2025. After details of LOSTKEYS surfaced,…
CISA Warns of Actively Exploited Windows SMB Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting the security flaw in the wild. The vulnerability, tracked…
Hackers Attacking Remote Desktop Protocol Services With 30,000+ New IP Addresses Daily
A persistent campaign targeting Microsoft Remote Desktop Protocol (RDP) services, with attackers deploying over 30,000 new IP addresses daily to exploit timing-based vulnerabilities. This coordinated effort, linked to a global botnet, has seen unique IPs surge past 500,000 since September…
AI’s split personality: Solving crimes while helping conceal them
What happens when investigators and cybercriminals start using the same technology? AI is now doing both, helping law enforcement trace attacks while also being tested for its ability to conceal them. A new study from the University of Cagliari digs…
Microsoft Windows Cloud Minifilter Flaw Enables Privilege Escalation
A critical security vulnerability in Microsoft Windows Cloud Minifilter has been patched, addressing a race condition that allowed attackers to escalate privileges and create files anywhere on the system. The vulnerability, tracked as CVE-2025-55680, was discovered by security researchers at…
10 data security companies to watch in 2026
At Help Net Security, we’ve been tracking the cybersecurity world for nearly three decades. Through our Industry News section, we’ve watched countless companies rise, and push the limits of what’s possible in data protection. Some vendors consistently stand out, not…
Cybersecurity jobs available right now: October 21, 2025
CISO Open-Xchange | Germany | Remote – View job details As a CISO, you will lead the development and implementation of security strategies and requirements across the OX Group. You will advise management on information security matters, provide transparent reporting,…
IT Security News Hourly Summary 2025-10-21 06h : 4 posts
4 posts were published in the last hour 4:4 : Grand Canyon: Rim-to-Rim 1 of n 3:34 : 71,000+ WatchGuard Devices Vulnerable to Remote Code Execution Attacks 3:34 : CISA Warns of Windows SMB Vulnerability Actively Exploited in Attacks 3:34…
Grand Canyon: Rim-to-Rim 1 of n
I hadn’t intended to drive for 16 hours. It’s around midnight and my friend and I are about two hours away from Bright Angel Lodge at the South Rim of the Grand Canyon. I pull over for gas, to stretch…
71,000+ WatchGuard Devices Vulnerable to Remote Code Execution Attacks
The Shadowserver Foundation has uncovered more than 71,000 internet-exposed WatchGuard devices running vulnerable versions of Fireware OS. The flaw, tracked as CVE-2025-9242, stems from an out-of-bounds write vulnerability in the IKEv2 implementation, potentially allowing remote attackers to execute arbitrary code…
CISA Warns of Windows SMB Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert on October 20, 2025, highlighting a severe vulnerability CVE-2025-33073 in Microsoft’s Windows SMB Client. Dubbed an improper access control flaw, this vulnerability tracked under CVE details yet to be…
Automatic BitLocker Encryption May Silently Lock Away Your Data
A Reddit poster detailed how reinstalling Windows 11 unexpectedly encrypted two of their backup drives with BitLocker, locking away 3TB of irreplaceable data without any prior setup. The incident, shared onReddit, highlights the risks of Microsoft’s automatic encryption feature in…
Cybersecurity Awareness Month – Two Email Scams Every Student and Parent Should Know About
October is Cybersecurity Awareness Month, and for campus IT teams, that means more than patching servers and updating firewalls. It means protecting students who’ve never encountered sophisticated phishing attacks, international students unfamiliar with US financial aid processes, and families trying…
ISC Stormcast For Tuesday, October 21st, 2025 https://isc.sans.edu/podcastdetail/9664, (Mon, Oct 20th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, October 21st, 2025…
The Golden Scale: Notable Threat Updates and Looking Ahead
Unit 42 shares notable developments of cybercrime group Scattered LAPSUS$ Hunters. Learn how this group may operate in the future. The post The Golden Scale: Notable Threat Updates and Looking Ahead appeared first on Unit 42. This article has been…