Breaking News – Cyber Threats (last 6h)
Generated: 2025-10-29 13:00 PDT
- Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data
Sophos Threat Research • 2025-10-29 12:46 • news.sophos.com
Exploitation of CVE-2025-59287 began after public disclosure and the release of proof-of-concept code
https://news.sophos.com/en-us/2025/10/29/windows-server-update-services-wsus-vulnerability-abused-to-harvest-sensitive-data/ - Canada says hacktivists breached water and energy facilities
BleepingComputer • 2025-10-29 12:03 • www.bleepingcomputer.com
The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial controls that could have led to dangerous conditions. […]
https://www.bleepingcomputer.com/news/security/canada-says-hacktivists-breached-water-and-energy-facilities/ - Microsoft fixes Media Creation Tool broken on some Windows PCs
BleepingComputer • 2025-10-29 10:41 • www.bleepingcomputer.com
Microsoft has confirmed that the Windows 11 Media Creation Tool (MCT) is working again on Windows 10 22H2 and Windows 11 25H2 systems. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-media-creation-tool-broken-on-some-windows-pcs/ - Microsoft: DNS outage impacts Azure and Microsoft 365 services
BleepingComputer • 2025-10-29 09:49 • www.bleepingcomputer.com
Microsoft is suffering an ongoing DNS outage affecting customers worldwide, preventing them from logging into company networks and accessing Microsoft Azure and Microsoft 365 services. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-dns-outage-impacts-azure-and-microsoft-365-services/ - PhantomRaven attack floods npm with credential-stealing packages
BleepingComputer • 2025-10-29 09:26 • www.bleepingcomputer.com
An active campaign named ‘PhantomRaven’ is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials. […]
https://www.bleepingcomputer.com/news/security/phantomraven-attack-floods-npm-with-credential-stealing-packages/ - Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices
The Hacker News • 2025-10-29 08:38 • thehackernews.com
Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi.
“These automated campaigns exploit known CVE vulnerabilities and cloud misconfigurations to gain control over exposed systems and expand botnet networks,” the Qualys Threat Research Unit (TRU) said in a report
https://thehackernews.com/2025/10/experts-reports-sharp-increase-in.html - New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts
The Hacker News • 2025-10-29 07:57 • thehackernews.com
Cybersecurity researchers have flagged a new security issue in agentic web browsers like OpenAI ChatGPT Atlas that exposes underlying artificial intelligence (AI) models to context poisoning attacks.
In the attack devised by AI security company SPLX, a bad actor can set up websites that serve different content to browsers and AI crawlers run by ChatGPT and Perplexity. The technique has been
https://thehackernews.com/2025/10/new-ai-targeted-cloaking-attack-tricks.html - Microsoft fixes 0x800F081F errors causing Windows update failures
BleepingComputer • 2025-10-29 07:32 • www.bleepingcomputer.com
Microsoft has resolved a known issue that caused Windows updates to fail, leading to 0x800F081F errors on Windows 11 24H2 systems. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-0x800f081f-errors-causing-windows-update-failures/ - Visibility Gaps: Streamlining Patching and Vulnerability Remediation
BleepingComputer • 2025-10-29 07:02 • www.bleepingcomputer.com
Hidden visibility gaps can turn unpatched systems into open doors. Action1 gives IT teams unified visibility and automated control to detect, prioritize, and remediate vulnerabilities before attackers exploit them. […]
https://www.bleepingcomputer.com/news/security/visibility-gaps-streamlining-patching-and-vulnerability-remediation/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
