October’s Microsoft Patch Tuesday fixes 170+ flaws, including 3 actively exploited zero-days and critical WSUS RCE (CVSS 9.8). Immediate patching is mandatory. Final free updates for Windows 10. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News,…
Tag: EN
Wake-Up Call for Cybersecurity: Lessons from M&S, Co-op & Harrods Attacks
The recent cyberattacks on M&S, Co-op, and Harrods were more than just security breaches — they served as urgent warnings for every IT leader charged with protecting digital systems. These weren’t random hacks; they were carefully orchestrated, multi-step campaigns that…
The importance of hardening customer support tools against cyberattacks
As customer support tools become more connected and data-rich, they’re increasingly targeted by cyberattacks. Hardening these systems is no longer optional—it’s essential to protect customer trust, sensitive data, and business continuity. The post The importance of hardening customer support tools…
BreachLock Named Representative Provider for Penetration Testing as a Service (PTaaS) in New Gartner® Report
New York, United States, 15th October 2025, CyberNewsWire This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: BreachLock Named Representative Provider for Penetration Testing as a Service (PTaaS) in…
TikTok scam sells you access to your own fake money
We dive into the “last goodbye” messages sent via TikTok that lead victims to a crypto paywall scam. This article has been indexed from Malwarebytes Read the original article: TikTok scam sells you access to your own fake money
SecurityWeek to Host 2025 ICS Cybersecurity Conference October 27-30 in Atlanta
Premier industrial cybersecurity conference Offers 70+ sessions, five training courses, and and ICS Village CTF competition. The post SecurityWeek to Host 2025 ICS Cybersecurity Conference October 27-30 in Atlanta appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion
U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP’s source code and information related to undisclosed vulnerabilities in the product. It attributed the activity to a “highly…
CISA Issues Emergency Directive to Address Critical Vulnerabilities in F5 Devices
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from CISA News Read the original article: CISA Issues Emergency Directive to Address Critical Vulnerabilities in F5 Devices
Intel To Sample ‘Crescent Island’ AI Accelerator Next Year
Intel set to send next-generation Crescent Island data centre GPU in second half of 2026 as it seeks foothold in growing AI market This article has been indexed from Silicon UK Read the original article: Intel To Sample ‘Crescent Island’…
CISA Directs Federal Agencies to Mitigate Vulnerabilities in F5 Devices
Today, CISA issued Emergency Directive ED 26-01: Mitigate Vulnerabilities in F5 Devices to direct Federal Civilian Executive Branch agencies to inventory F5 BIG-IP products, evaluate if the networked management interfaces are accessible from the public internet, and apply newly released…
Cisco SNMP 0-Day Vulnerability Actively Exploited To Deploy Linux Rootkits
A sophisticated attack campaign dubbed “Operation Zero Disco,” where threat actors are actively exploiting a critical Cisco Simple Network Management Protocol (SNMP) vulnerability to install Linux rootkits on vulnerable network devices. Trend Micro observed an operation exploiting CVE-2025-20352, which allows…
GhostBat RAT Android Malware With Fake RTO Apps Steals Targeting Indian Users to Steal Banking Data
The GhostBat RAT campaign has emerged as a sophisticated threat targeting Indian Android users through counterfeit Regional Transport Office (RTO) applications. First observed in mid-2025, these malicious APKs masquerade as the official “mParivahan” app, exploiting user trust in government services.…
F5 Breached – Hackers Stole BIG-IP Source Code and Undisclosed Vulnerabilities Data
F5, a leading provider of application security and delivery solutions, disclosed a major security incident. The company revealed that a sophisticated nation-state threat actor had gained long-term access to internal systems, exfiltrating sensitive files including BIG-IP source code and details…
Hackers Registered 13,000+ Unique Domains and Leverages Cloudflare to Launch Clickfix Attacks
In mid-2025, Lab539 researchers observed an unexpected surge in a novel browser-based malware campaign dubbed “ClickFix.” Emerging quietly in July, the threat quickly expanded its reach by registering over 13,000 unique domains designed to lure users into executing malicious commands…
F5 Says Nation-State Hackers Stole Source Code and Vulnerability Data
F5 shared few details on the threat actor, but the attack profile seems to point to China. The post F5 Says Nation-State Hackers Stole Source Code and Vulnerability Data appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Patch Tuesday Update – October 2025
In total, including third-party CVEs, in this Patch Tuesday edition, Microsoft published 196 CVEs, including 21 republished CVEs. Overall, Microsoft announced 3 Zero-Day, 17 Critical, and 164 Important vulnerabilities. From an Impact perspective, Escalation of Privilege vulnerabilities accounted for 46%,…
Hackers Breach F5 and Stole BIG-IP Source Code and Undisclosed Vulnerability Data
F5 Networks confirmed that a sophisticated nation-state threat actor infiltrated its systems, exfiltrating proprietary BIG-IP source code and confidential vulnerability information. The incident, which began in August 2025, targeted F5’s product development and engineering knowledge platforms, prompting an immediate response…
Cyber giant F5 Networks says government hackers had ‘long-term’ access to its systems, stole code and customer data
The company, which provides cybersecurity defenses to most of the Fortune 500, said the DOJ allowed it to delay notifying the public on national security grounds. This article has been indexed from Security News | TechCrunch Read the original article:…
Scammers are still sending us their fake Robinhood security alerts
Fake alerts claim your Robinhood account is at risk. The link leads to a convincing copy of the site—but it’s built to steal your login. This article has been indexed from Malwarebytes Read the original article: Scammers are still sending…
Devs are writing VS Code extensions that blab secrets by the bucketload
Vibe coding may have played a role in what took researchers months to fix Developers of VS Code extensions are leaking sensitive secrets left, right and center, according to researchers who worked with Microsoft to combat an issue that could…