ICYMI: 2025-10-28
Latest Headlines
New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves
New Android Trojan ‘Herodotus’ Outsmarts Anti-Fraud Systems by Typing Like a Human
Researchers Expose GhostCall and GhostHire: BlueNoroff’s New Malware Chains
Why Early Threat Detection Is a Must for Long-Term Business Growth
Chrome Zero-Day Exploited to Deliver Italian Memento Labs’ LeetAgent Spyware
SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats
CBP Searched a Record Number of Phones at the US Border Over the Past Year
This Is the Nuclear-Powered Ship Deployed in Trump’s War on Drug Boats
Stragglers From Myanmar Scam Center Raided by Army Cross Into Thailand as Buildings are Blown Up
QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability
TurboMirai-Class ‘Aisuru’ Botnet Blamed for 20+ Tbps DDoS Attacks
Sublime Security Raises $150 Million for Email Security Platform
Industrial Giants Schneider Electric and Emerson Named as Victims of Oracle Hack
Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark Forums
Threat Actors Advertising Anivia Stealer Malware on Dark Web bypassing UAC Controls
Threat Actors Merging FileFix and Cache Smuggling Attacks to Evade Security Controls
New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs
BlueNoroff Hackers Adopts New Infiltration Strategies To Attack C-Level Executives, and Managers
Mozilla Wants All New Firefox Extensions to Disclose Data Collection Policies
XWiki RCE Vulnerability Actively Exploted In Wild To Deliver Coinminer
How Threat Intelligence Feeds Help Organizations Quickly Mitigate Malware Attacks
Water Saci Hackers Leverage WhatsApp to Deliver Multi-Vector Persistent SORVEPOTEL Malware
Ubuntu’s Kernel Vulnerability Let Attackers Escalate Privileges and Gain Root Access
Open-Source Firewall IPFire 2.29 With New Reporting For Intrusion Prevention System
Windows 11 KB5067036 update rolls out Administrator Protection feature
Python rejects $1.5M grant from U.S. govt. fearing ethical compromise
Advertising giant Dentsu reports data breach at subsidiary Merkle
Qilin ransomware abuses WSL to run Linux encryptors in Windows
CISA warns of two more actively exploited Dassault vulnerabilities
Microsoft: Copilot now lets you build apps, automate workflows
Microsoft sued for allegedly tricking millions into Copilot M365 subscriptions
TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs
Google Chrome to warn users before opening insecure HTTP sites
BiDi Swap: The bidirectional text trick that makes fake URLs look real
New Atroposia malware comes with a local vulnerability scanner
New Herodotus Android malware fakes human typing to avoid detection
– MTZ