Breaking News – Cyber Threats (last 6h)
Generated: 2025-10-22 13:00 PDT
- Infocon: green
SANS ISC Diary (full) • 2025-10-22 12:55 • isc.sans.edu
webctrl.cgi/Blue Angel Software Suite Exploit Attempts. Maybe CVE-2025-34033 Variant?
https://isc.sans.edu/diary.html?rss - Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000
BleepingComputer • 2025-10-22 11:52 • www.bleepingcomputer.com
Security researchers collected $792,750 in cash after exploiting 56 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. […]
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/ - Hackers exploiting critical "SessionReaper" flaw in Adobe Magento
BleepingComputer • 2025-10-22 11:41 • www.bleepingcomputer.com
Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundreds of attempts recorded. […]
https://www.bleepingcomputer.com/news/security/hackers-exploiting-critical-sessionreaper-flaw-in-adobe-magento/ - Canada Fines Cybercrime Friendly Cryptomus $176M
KrebsOnSecurity • 2025-10-22 10:21 • krebsonsecurity.com
Financial regulators in Canada this week levied $176 million in fines against Cryptomus, a digital payments platform that supports dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services. The penalties for violating Canada’s anti money-laundering laws come ten months after KrebsOnSecurity noted that Cryptomus’s Vancouver street address was home to dozens of foreign currency dealers, money transfer businesses, and cryptocurrency exchanges — none of which were physically located there.
https://krebsonsecurity.com/2025/10/canada-fines-cybercrime-friendly-cryptomus-176m/ - TARmageddon flaw in abandoned Rust library enables RCE attacks
BleepingComputer • 2025-10-22 10:21 • www.bleepingcomputer.com
A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code execution on systems running unpatched software. […]
https://www.bleepingcomputer.com/news/security/tarmageddon-flaw-in-abandoned-rust-library-enables-rce-attacks/ - Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign
The Hacker News • 2025-10-22 10:21 • thehackernews.com
The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa (MENA) region, including over 100 government entities.
The end goal of the campaign is to infiltrate high-value targets and facilitate intelligence gathering
https://thehackernews.com/2025/10/iran-linked-muddywater-targets-100.html - Cybercriminals turn on each other: the story of Lumma Stealer’s collapse
Graham Cluley • 2025-10-22 10:10 • www.fortra.com
Normally when we write about a malware operation being disrupted, it’s because it has been shut down by law enforcement. But in the case of Lumma Stealer, a notorious malware-as-a-service (MaaS) operation used to steal passwords and sensitive data, it appears to have been sabotaged by other cybercriminals.Read more in my article on the Fortra blog.
https://www.fortra.com/blog/cybercriminals-turn-each-other-story-lumma-stealers-collapse - Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files
The Hacker News • 2025-10-22 09:55 • thehackernews.com
Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine’s war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control (C2).
The activity, which took place on October 8, 2025, targeted individual members of the International Red Cross, Norwegian Refugee
https://thehackernews.com/2025/10/ukraine-aid-groups-targeted-through.html - Meta launches new anti-scam tools for WhatsApp and Messenger
BleepingComputer • 2025-10-22 08:11 • www.bleepingcomputer.com
Meta has announced new tools to help WhatsApp and Messenger users protect themselves from potential scams and secure their accounts. […]
https://www.bleepingcomputer.com/news/security/meta-launches-new-anti-scam-tools-for-whatsapp-and-messenger/ - FinWise data breach shows why encryption is your last defense
BleepingComputer • 2025-10-22 08:11 • www.bleepingcomputer.com
The FinWise breach shows that when insider threats strike, encryption is the last line of defense. Penta Security’s D.AMO platform unites encryption, key management, and access control to keep sensitive data secure. […]
https://www.bleepingcomputer.com/news/security/finwise-data-breach-shows-why-encryption-is-your-last-defense/ - webctrl.cgi/Blue Angel Software Suite Exploit Attempts. Maybe CVE-2025-34033 Variant?, (Wed, Oct 22nd)
SANS ISC Diary (full) • 2025-10-22 07:21 • isc.sans.eduStarting yesterday, some of our honeypots received POST requests to “/cgi-bin/webctrl.cgi”, attempting to exploit an OS command injection vulnerability:
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
