Breaking News – Cyber Threats (last 6h)
Generated: 2025-10-24 17:00 PDT
- Infocon: green
SANS ISC Diary (full) • 2025-10-24 16:55 • isc.sans.edu
ISC Stormcast For Friday, October 24th, 2025 https://isc.sans.edu/podcastdetail/9670
https://isc.sans.edu/diary.html?rss - Friday Squid Blogging: “El Pulpo The Squid”
Schneier on Security • 2025-10-24 14:07 • www.schneier.comThere is a new cigar named “El Pulpo The Squid.” Yes, that means “The Octopus The Squid.”
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
https://www.schneier.com/blog/archives/2025/10/friday-squid-blogging-el-pulpo-the-squid.html
- Hackers launch mass attacks exploiting outdated WordPress plugins
BleepingComputer • 2025-10-24 12:28 • www.bleepingcomputer.com
A widespread exploitation campaign is targeting WordPress websites with GutenKit and Hunk Companion plugins vulnerable to critical-severity, old security issues that can be used to achieve remote code execution (RCE). […]
https://www.bleepingcomputer.com/news/security/hackers-launch-mass-attacks-exploiting-outdated-wordpress-plugins/ - Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation
The Hacker News • 2025-10-24 11:35 • thehackernews.com
The threat actors behind a large-scale, ongoing smishing campaign have been attributed to more than 194,000 malicious domains since January 1, 2024, targeting a broad range of services across the world, according to new findings from Palo Alto Networks Unit 42.
“Although these domains are registered through a Hong Kong-based registrar and use Chinese nameservers, the attack infrastructure is
https://thehackernews.com/2025/10/smishing-triad-linked-to-194000.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
