IT Security Weekend Catch Up – October 10, 2025

Comments
close searching

10.10.2025 | 21:54

IT Security Weekend Catch Up – October 10, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – October 10, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. World's deadliest computer virus: WannaCry
  2. North Korea's crypto hackers have stolen over $2 billion in 2025
  3. Discord says 70,000 users may have had their government IDs leaked in breach
  4. Hackers claim Discord breach exposed data of 5.5 million users
  5. Salesforce refuses to pay ransom over widespread data theft attacks
  6. Italian businessman’s phone reportedly targeted with Paragon spyware
  7. noyb win: Microsoft 365 Education may not track school children

For the more technical

  1. CrowdStrike identifies campaign targeting Oracle E-Business Suite via zero-day vulnerability (now tracked as CVE-2025-61882)
  2. CVE-2025-61882 mass exploitation — Oracle E-Business Suite (EBS) under attack by Cl0p ransomware
  3. Another critical RCE discovered in a popular MCP server
  4. Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability
  5. RediShell: Critical remote code execution vulnerability (CVE-2025-49844) in Redis, 10 CVSS score
  6. A major evolution of Apple Security Bounty, with the industry's top awards for the most advanced research
  7. CVE-2025-59489: Arbitrary code execution in Unity Runtime
  8. WireTap: Breaking server SGX via DRAM bus interposition
  9. Your gaming mouse could eavesdrop on you, study reveals surprising vulnerability
  10. RondoDox: From targeting Pwn2Own vulnerabilities to shotgunning exploits
  11. CometJacking: How one click can turn Perplexity’s Comet AI browser against you
  12. Ghosts in the machine: ASCII smuggling across various LLMs
  13. I tested the world's first "AI ransomware"... and it was a disaster
  14. The evolution of Chaos ransomware: Faster, smarter, and more dangerous
  15. Velociraptor leveraged in ransomware attacks
  16. TamperedChef: Malvertising to credential theft
  17. Shuyal Stealer: Advanced infostealer targeting 19 browsers
  18. New Rust malware "ChaosBot" uses Discord for command and control
  19. Confucius espionage: From stealer to backdoor
  20. Crimson Collective: A new threat group observed operating in the cloud
  21. ClayRat: A new Android spyware targeting Russia
  22. Investigating targeted “payroll pirate” attacks affecting US universities
  23. Cache smuggling: When a picture isn’t a thousand words
  24. The ClickFix factory: First exposure of IUAM ClickFix Generator
  25. The crown prince, Nezha: A new tool favored by China-nexus threat actors
  26. An insider look at the IRGC-linked APT35 operations: Ep1 & Ep2
  27. Mustang Panda employ Publoader through ClaimLoader: Yes.. another DLL side-loading technique delivery via phishing
  28. Analyzing NotDoor: Inside APT28’s expanding arsenal
  29. Operation SouthNet: SideWinder expands phishing and malware operations in South Asia

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical World’s deadliest computer virus: WannaCry North Korea’s crypto hackers have stolen over $2 billi 2025-10-10T21:54:44+02:00

Comments