Latest Cybersecurity News and Articles
23 October 2025
Criminals don’t need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse trusted systems like OAuth and package registries. If your stack or habits make any of those easy, you’re already a target.
This week’s ThreatsDay highlights show exactly how those weak points are being exploited — from overlooked
23 October 2025
As AI coding tools flood enterprises with functional but flawed software, researchers urge embedding security checks directly into the AI workflow.
The post Vibe Coding’s Real Problem Isn’t Bugs—It’s Judgment appeared first on SecurityWeek.
23 October 2025
Patched in September, the SessionReaper bug could be exploited without authentication to bypass a security feature.
The post Exploitation of Critical Adobe Commerce Flaw Puts Many eCommerce Sites at Risk appeared first on SecurityWeek.
23 October 2025
As machine identities explode across cloud environments, enterprises report dramatic productivity gains from eliminating static credentials. And only legacy systems remain the weak link.
For decades, organizations have relied on static secrets, such as API keys, passwords, and tokens, as unique identifiers for workloads. While this approach provides clear traceability, it creates what security
23 October 2025
The vulnerabilities allow attackers to predict source ports and query IDs BIND will use, and to inject forged records into the cache.
The post BIND Updates Address High-Severity Cache Poisoning Flaws appeared first on SecurityWeek.
23 October 2025
The bug has been exploited in the wild as a zero-day and the US cybersecurity agency CISA has added it to its KEV catalog.
The post Lanscope Endpoint Manager Zero-Day Exploited in the Wild appeared first on SecurityWeek.
23 October 2025
Verizon’s 2025 Mobile Security Index shows that 85% of organizations believe mobile device attacks are on the rise.
The post Mobile Security: Verizon Says Attacks Soar, AI-Powered Threats Raise Alarm appeared first on SecurityWeek.
23 October 2025
Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud.
"Jingle Thief attackers use phishing and smishing to steal credentials, to compromise organizations that issue gift cards," Palo Alto Networks Unit 42 researchers
23 October 2025
E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce and Magento Open Source platforms, with more than 250 attack attempts recorded against multiple stores over the past 24 hours.
The vulnerability in question is CVE-2025-54236 (CVSS score: 9.1), a critical improper input validation flaw that could be
23 October 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild.
The vulnerability, CVE-2025-61932 (CVSS v4 score: 9.3), impacts on-premises versions of Lanscope Endpoint Manager, specifically Client
22 October 2025
Financial regulators in Canada this week levied $176 million in fines against Cryptomus, a digital payments platform that supports dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services. The penalties for violating Canada's anti money-laundering laws come ten months after KrebsOnSecurity noted that Cryptomus's Vancouver street address was home to dozens of foreign currency dealers, money transfer businesses, and cryptocurrency exchanges — none of which were physically located there.
22 October 2025
The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa (MENA) region, including over 100 government entities.
The end goal of the campaign is to infiltrate high-value targets and facilitate intelligence gathering
22 October 2025
Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine's war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control (C2).
The activity, which took place on October 8, 2025, targeted individual members of the International Red Cross, Norwegian Refugee
22 October 2025
The vulnerability impacts multiple Rust tar parsers, allowing attackers to smuggle additional archive entries.
The post TARmageddon Flaw in Popular Rust Library Leads to RCE appeared first on SecurityWeek.
22 October 2025
One of the flaws can be exploited by remote unauthenticated attackers for arbitrary command execution.
The post Critical Vulnerabilities Patched in TP-Link’s Omada Gateways appeared first on SecurityWeek.
22 October 2025
Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle East after it was publicly disclosed and patched in July 2025.
Also targeted were government departments in an African country, as well as government agencies in South America, a university in the U.S., as well as likely a state technology
22 October 2025
The company’s IAM platform identifies AI agents, supports assigning permission to them, and tracks all activity.
The post Keycard Emerges From Stealth Mode With $38 Million in Funding appeared first on SecurityWeek.
22 October 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Oct. 22, 2025 – Read the full story from Evolution Equity Partners The top 50 cybersecurity companies of 2025 are recognized by Evolution Equity Partners for their monumental undertaking to shape the future of
The post Top 50 Cybersecurity Companies To Watch In 2025 appeared first on Cybercrime Magazine.
22 October 2025
Star Blizzard started using the NoRobot (BaitSwitch) and MaybeRobot (SimpleFix) malware after public reporting on the LostKeys malware.
The post Russian APT Switches to New Backdoor After Malware Exposed by Researchers appeared first on SecurityWeek.
22 October 2025
From Detection to Resolution: Why the Gap Persists
A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanner, XDR, CSPM, SIEM, and CMDB each surface the issue in their own way, with different severity levels, metadata, and context.
What’s missing is a system of action. How do you transition from the