Breaking News – Cyber Threats (last 6h)
Generated: 2025-10-22 17:00 PDT
- Infocon: green
SANS ISC Diary (full) • 2025-10-22 16:55 • isc.sans.edu
webctrl.cgi/Blue Angel Software Suite Exploit Attempts. Maybe CVE-2025-34033 Variant?
https://isc.sans.edu/diary.html?rss - Smashing Security podcast #440: How to hack a prison, and the hidden threat of online checkouts
Graham Cluley • 2025-10-22 16:30 • grahamcluley.com
A literal insider threat: we head to a Romanian prison where “self-service” web kiosks allowed inmates to run wild. Then we head to the checkout aisle to ask why JavaScript on payment pages went feral, and how new PCI DSS rules are finally muzzling Magecart-style skimmers.Plus: Graham reveals his new-found superpower with Keyboard Maestro, and Scott describes a slick new way to whip up beautiful how-to videos with Screen Studio.
All this and more is discussed in episode 440 of “Smashing Security” podcast with cybersecurity veteran Graham Cluley, and special guest Scott Helme.
https://grahamcluley.com/smashing-security-podcast-440/ - Iranian hackers targeted over 100 govt orgs with Phoenix backdoor
BleepingComputer • 2025-10-22 14:19 • www.bleepingcomputer.com
State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backdoor. […]
https://www.bleepingcomputer.com/news/security/iranian-hackers-targeted-over-100-govt-orgs-with-phoenix-backdoor/ - Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000
BleepingComputer • 2025-10-22 11:52 • www.bleepingcomputer.com
Security researchers collected $792,750 in cash after exploiting 56 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition. […]
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/ - Hackers exploiting critical "SessionReaper" flaw in Adobe Magento
BleepingComputer • 2025-10-22 11:41 • www.bleepingcomputer.com
Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundreds of attempts recorded. […]
https://www.bleepingcomputer.com/news/security/hackers-exploiting-critical-sessionreaper-flaw-in-adobe-magento/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
