From the end of Windows 10 support to scams on TikTok and state-aligned hackers wielding AI, October's headlines offer a glimpse of what's shaping cybersecurity right now
The Russian authorities have arrested three individuals in Moscow who are believed to be the creators and operators of the Meduza Stealer information-stealing malware. [...]
A design firm is editing a new campaign video on a MacBook Pro. The creative director opens a collaboration app that quietly requests microphone and camera permissions. MacOS is supposed to flag...
CISA confirmed on Thursday that a high-severity privilege escalation flaw in the Linux kernel is now being exploited in ransomware attacks. [...]
This week on Uncanny Valley, we break down how one of the most common card shufflers could be altered to cheat, and why that matters—even for those who don’t frequent the poker table.
Many organizations are playing catch-up in key AI security policy areas, such as usage governance, risk oversight, data protection, and staff training. In this Cybersecurity Snapshot special...
Progress Software has released security patches to address a high-severity vulnerability in its MOVEit Transfer platform discovered on October 29, 2025. The flaw, tracked as CVE-2025-10932,...
A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384. Central to this...
Google wants 'AI mode' on Search to be as personal as possible, and it'll soon tap into services like Gmail or Drive to know more about you. [...]
The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarm over active exploitation of a critical privilege escalation vulnerability affecting Broadcom’s VMware Tools and VMware...
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. [...]
Hospitals told to upgrade, but some medical device makers haven't prescribed compatibility yet NHS hospitals are being blocked from fully upgrading to Windows 11 by a small number of suppliers...
A Ukrainian national believed to be a member of the Conti ransomware operation has been extradited to the United States and faces charges that could get him 25 years in prison. [...]
Because fewer people like banknotes, and payment sovereignty is a problem The Governing Council of the European Central Bank (ECB) has decided the bloc needs a digital version of the Euro, and...
Researchers uncovered a coordinated campaign leveraging stolen AWS credentials to automate reconnaissance and abuse Amazon Simple Email Service (SES) for Business Email Compromise (BEC)...
Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected malicious calls and messages every month. The tech giant...
The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing number of threat actors, some of whom are related to Russian ransomware gangs. AdaptixC2 is an...
The guide includes security advice previously shared by Microsoft, yet authorities felt it prudent to outline best practices for the critical and widely used technology. The post CISA, NSA offer...
A severe vulnerability disclosed in Chromium's Blink rendering engine can be exploited to crash many Chromium-based browsers within a few seconds. Security researcher Jose Pino, who disclosed...
Expired security cert, real Brussels agenda, plus PlugX malware finish the job Cyber spies linked to the Chinese government exploited a Windows shortcut vulnerability disclosed in March – but that...
Service will tell on compromised organizations, even if they didn't plan on doing so themselves Some orgs would rather you not know when they've suffered a cyberattack, but a new platform from...
Earlier in its European Council presidency, Denmark had brought back a draft law which would have required scanning of electronic messages, sparking an intense backlash.
OpenAI confirmed that it shipped an update on October 5, which allows GPT-5 to better handle sensitive conversations, especially when a user is experiencing emotional or mental distress. [...]
Thor gets into the Halloween spirit, sharing new CVE trends, a “treat” for European Windows 10 users, and a reminder that patching is your best defense against zombie vulnerabilities.
The threat group targeted a LANSCOPE zero-day vulnerability (CVE-2025-61932)
Security doesn’t fail at the point of breach. It fails at the point of impact. That line set the tone for this year’s Picus Breach and Simulation (BAS) Summit, where researchers, practitioners,...
In many countries, laws against cybercrime are being weaponized to repress journalism. Speaking to the Columbia Journalism Review, Citizen Lab doctoral fellow Gabrielle Lim warns that democratic...
A new ICE proposal outlines a 24/7 transport operation run by armed contractors—turning Texas into the logistical backbone of an industrialized deportation machine.
Windows Desktop installer also fixed after DLL hijack flaw rated 8.8 severity Docker Compose users are being strongly urged to upgrade their versions of the orchestration tool after a researcher...
The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind...