Breaking News – Cyber Threats (last 6h)
Generated: 2025-10-28 03:00 PDT
- Infocon: green
SANS ISC Diary (full) • 2025-10-28 02:55 • isc.sans.edu
A phishing with invisible characters in the subject line
https://isc.sans.edu/diary.html?rss - A phishing with invisible characters in the subject line, (Tue, Oct 28th)
SANS ISC Diary (full) • 2025-10-28 02:38 • isc.sans.eduWhile reviewing malicious messages that were delivered to our handler inbox over the past few days, I noticed that the “subject†of one phishing e-mail looked quite strange when displayed in the Outlook message list…
- Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware
The Hacker News • 2025-10-28 01:22 • thehackernews.com
The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from Italian information technology and services provider Memento Labs, according to new findings from Kaspersky.
The vulnerability in question is CVE-2025-2783 (CVSS score: 8.3), a case of sandbox escape which the company disclosed in March 2025 as having come under
https://thehackernews.com/2025/10/chrome-zero-day-exploited-to-deliver.html - SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats
The Hacker News • 2025-10-27 21:01 • thehackernews.com
A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025.
The activity “reveals a notable evolution in SideWinder’s TTPs, particularly the adoption of a novel PDF and ClickOnce-based infection chain, in
https://thehackernews.com/2025/10/sidewinder-adopts-new-clickonce-based.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
