Cyber Security Week in Review: October 31, 2025
In brief: Microsoft patches a WSUS flaw, a major US telecom supplier compromised by nation-state hackers, and more.
Cybersecurity News - Page 32
Former defense contractor executive pleads guilty to selling 0Days to Russian broker
Peter Williams used his high-level access to the company’s secure network to download and transfer the classified components.
Nation-state hackers breach major US telecom supplier
The attackers remained undetected for nearly nine months.
MITRE releases ATT&CK V18 with major updates across enterprise, mobile, and ICS domains
The October 2025 update delivers improvements across multiple sections, including techniques, groups, campaigns, and software.
New Aisuru IoT botnet behind record-breaking DDoS attacks
Aisuru is related to “TurboMirai” malware, general class of Mirai-variant DDoS botnets capable of generating multi-tb/sec and -gpps direct-path DDoS attacks.
TEE.Fail attack exposes secrets in Intel and AMD secure enclaves
TEE.Fail leverages a memory-bus interposition attack on DDR5-based systems, exploiting design weaknesses in newer confidential computing architectures.
Russian hackers still heavily rely on living-off-the-land tactics in attacks against Ukraine
The approach involves hackers abusing software already installed on victims’ systems to carry out malicious actions.
Sweden’s power grid operator Svenska kraftnät confirms data breach
The incident was discovered on Saturday and involved an isolated external file transfer system.
China-aligned APT groups join forces in Premier Pass-as-a-Service cyber campaigns
In the “Premier Pass-as-a-Service” trend multiple APT groups share information and resources, making it harder to attribute the attack.
ChatGPT Atlas browser exposes users to code injection attacks
The flaw exploits a cross-site request forgery issue that allows hackers to modify ChatGPT’s memory without user consent.
Showing elements 311 - 320