Microsoft’s October Windows 11 updates have broken the “localhost” functionality, making applications that connect back to 127.0.0.1 over HTTP/2 no longer function properly. […]
Auction giant Sotheby’s says data breach exposed customer information
Major international auction house Sotheby’s is notifying customers of a data breach incident on its systems where threat actors stole sensitive information, including financial details. […]
Have I Been Pwned: Prosper data breach impacts 17.6 million accounts
Hackers stole the personal information of over 17.6 million people after breaching the systems of financial services company Prosper. […]
Hackers exploit Cisco SNMP flaw to deploy rootkit on switches
Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access. […]
Microsoft disrupts ransomware attacks targeting Teams users
Microsoft has disrupted a wave of Rhysida ransomware attacks in early October by revoking over 200 certificates used to sign malicious Teams installers. […]
Microsoft: Office 2016 and Office 2019 have reach end of support
Microsoft reminded customers this week that Office 2016 and Office 2019 have reached the end of extended support on October 14, 2025. […]
Gladinet fixes actively exploited zero-day in file-sharing software
Gladinet has released security updates for its CentreStack business solution to address a local file inclusion vulnerability (CVE-2025-11371) that threat actors have leveraged as a zero-day since late September. […]
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
A threat actor with ties to the Democratic People’s Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method.
The activity has been attributed by Google Threat Intelligence Group (GTIG) to a threat cluster it tracks as UNC5342,
The activity has been attributed by Google Threat Intelligence Group (GTIG) to a threat cluster it tracks as UNC5342,
Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems.
“UNC5142 is characterized by its use of compromised WordPress websites and ‘EtherHiding,’ a technique used
“UNC5142 is characterized by its use of compromised WordPress websites and ‘EtherHiding,’ a technique used
Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign
The tech giant attributed the attacks to Vanilla Tempest, also known as Vice Spider and Vice Society.
The post Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign appeared first on SecurityWeek.