Breaking News – Cyber Threats (last 6h)
Generated: 2025-10-28 13:00 PDT
- Infocon: green
SANS ISC Diary (full) • 2025-10-28 12:55 • isc.sans.edu
A phishing with invisible characters in the subject line
https://isc.sans.edu/diary.html?rss - New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves
The Hacker News • 2025-10-28 12:16 • thehackernews.com
A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the trusted execution environment (TEE) in a computer’s main processor, including Intel’s Software Guard eXtensions (SGX) and Trust Domain Extensions (TDX) and AMD’s Secure Encrypted Virtualization with Secure
https://thehackernews.com/2025/10/new-teefail-side-channel-attack.html - Qilin ransomware abuses WSL to run Linux encryptors in Windows
BleepingComputer • 2025-10-28 12:11 • www.bleepingcomputer.com
The Qilin ransomware operation was spotted executing Linux encryptors in Windows using Windows Subsystem for Linux (WSL) to evade detection by traditional security tools. […]
https://www.bleepingcomputer.com/news/security/qilin-ransomware-abuses-wsl-to-run-linux-encryptors-in-windows/ - CISA warns of two more actively exploited Dassault vulnerabilities
BleepingComputer • 2025-10-28 11:59 • www.bleepingcomputer.com
The Cybersecurity & Infrastructure Security Agency (CISA) warned today that attackers are actively exploiting two vulnerabilities in Dassault Systèmes’ DELMIA Apriso, a manufacturing operations management (MOM) and execution (MES) solution. […]
https://www.bleepingcomputer.com/news/security/cisa-warns-of-two-more-actively-exploited-dassault-vulnerabilities/ - Microsoft: Copilot now lets you build apps, automate workflows
BleepingComputer • 2025-10-28 10:59 • www.bleepingcomputer.com
Microsoft announced today a new Microsoft 365 Copilot agent called App Builder that can help users create and deploy apps “in minutes.” […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-copilot-now-lets-you-build-apps-automate-workflows/ - Microsoft sued for allegedly tricking millions into Copilot M365 subscriptions
BleepingComputer • 2025-10-28 10:59 • www.bleepingcomputer.com
The Australian Competition and Consumer Commission (ACCC) is suing Microsoft for allegedly misleading 2.7 million Australians into paying for the Copilot AI assistant in the Microsoft 365 service. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-sued-for-allegedly-tricking-millions-into-copilot-m365-subscriptions/ - TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs
BleepingComputer • 2025-10-28 10:00 • www.bleepingcomputer.com
Academic researchers developed a side-channel attack called TEE.Fail, which allows extracting secrets from the trusted execution environment in the CPU, the highly secure area of a system, such as Intel’s SGX and TDX, and AMD’s SEV-SNP. […]
https://www.bleepingcomputer.com/news/security/teefail-attack-breaks-confidential-computing-on-intel-amd-nvidia-cpus/ - Google Chrome to warn users before opening insecure HTTP sites
BleepingComputer • 2025-10-28 10:00 • www.bleepingcomputer.com
Google announced today that the Chrome web browser will ask for permission by default before connecting to public, insecure HTTP websites, beginning with Chrome 154 in October 2026. […]
https://www.bleepingcomputer.com/news/google/google-chrome-to-warn-users-before-opening-insecure-http-sites/ - New Android Trojan 'Herodotus' Outsmarts Anti-Fraud Systems by Typing Like a Human
The Hacker News • 2025-10-28 09:33 • thehackernews.com
Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns targeting Italy and Brazil to conduct device takeover (DTO) attacks.
“Herodotus is designed to perform device takeover while making first attempts to mimic human behaviour and bypass behaviour biometrics detection,” ThreatFabric said in a report shared with
https://thehackernews.com/2025/10/new-android-trojan-herodotus-outsmarts.html - Researchers Expose GhostCall and GhostHire: BlueNoroff's New Malware Chains
The Hacker News • 2025-10-28 09:12 • thehackernews.com
Threat actors tied to North Korea have been observed targeting the Web3 and blockchain sectors as part of twin campaigns tracked as GhostCall and GhostHire.
According to Kaspersky, the campaigns are part of a broader operation called SnatchCrypto that has been underway since at least 2017. The activity is attributed to a Lazarus Group sub-cluster called BlueNoroff, which is also known as APT38,
https://thehackernews.com/2025/10/researchers-expose-ghostcall-and.html - The AI Fix #74: AGI, LLM brain rot, and how to scam an AI browser
Graham Cluley • 2025-10-28 08:34 • grahamcluley.com
In episode 74 of The AI Fix, we meet Amazon’s AI-powered delivery glasses, an AI TV presenter who doesn’t exist, and an Ohio lawmaker who wants to stop people from marrying their chatbot.Also, we learn how Geoffrey Hinton and Steve Wozniak have teamed up with the unlikely coupling of will.i.am and Steve Bannon to pull the brakes on “super-intelligence.”
Meanwhile, Graham wonders if you should really trust an AI browser with your passwords, or your credit card, or, frankly, anything at all, and Mark reveals what AGI really means – and how close we are to reaching it.
It’s an episode packe…
https://grahamcluley.com/the-ai-fix-74/ - BiDi Swap: The bidirectional text trick that makes fake URLs look real
BleepingComputer • 2025-10-28 07:05 • www.bleepingcomputer.com
Attackers are abusing bidirectional text to make fake URLs look real, reviving a decade-old browser flaw now fueling new phishing tricks. Varonis reveals how the “BiDi Swap” technique works and what organizations need to watch out for. […]
https://www.bleepingcomputer.com/news/security/bidi-swap-the-bidirectional-text-trick-that-makes-fake-urls-look-real/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
