Breaking News – Cyber Threats (last 6h)
Generated: 2025-10-30 08:00 PDT
- X-Request-Purpose: Identifying "research" and bug bounty related scans?, (Thu, Oct 30th)
SANS ISC Diary (full) • 2025-10-30 06:22 • isc.sans.eduThis week, I noticed some new HTTP request headers that I had not seen before:
- The Death of the Security Checkbox: BAS Is the Power Behind Real Defense
The Hacker News • 2025-10-30 04:55 • thehackernews.com
Security doesn’t fail at the point of breach. It fails at the point of impact.
That line set the tone for this year’s Picus Breach and Simulation (BAS) Summit, where researchers, practitioners, and CISOs all echoed the same theme: cyber defense is no longer about prediction. It’s about proof.
When a new exploit drops, scanners scour the internet in minutes. Once attackers gain a foothold,
https://thehackernews.com/2025/10/the-death-of-security-checkbox-bas-is.html - Microsoft promises more Copilot features in Microsoft 365 companion apps
BleepingComputer • 2025-10-30 04:42 • www.bleepingcomputer.com
Microsoft 365 companion apps will be getting more Copilot features in the coming weeks. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-promises-more-copilot-features-in-microsoft-365-companion-apps/ - The AI-Designed Bioweapon Arms Race
Schneier on Security • 2025-10-30 04:05 • www.schneier.comInteresting article about the arms race between AI systems that invent/design new biological pathogens, and AI systems that detect them before they’re created:
The team started with a basic test: use AI tools to design variants of the toxin ricin, then test them against the software that is used to screen DNA orders. The results of the test suggested there was a risk of dangerous protein variants slipping past existing screening software, so the situa…
https://www.schneier.com/blog/archives/2025/10/the-ai-designed-bioweapon-arms-race.html - ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising
The Hacker News • 2025-10-30 03:54 • thehackernews.com
The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering.
This week’s findings show how that shrinking margin of safety is redrawing the threat landscape. Here’s what’s
https://thehackernews.com/2025/10/threatsday-bulletin-dns-poisoning-flaw.html - PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs
The Hacker News • 2025-10-30 03:16 • thehackernews.com
Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100 malicious packages that can steal authentication tokens, CI/CD secrets, and GitHub credentials from developers’ machines.
The campaign has been codenamed PhantomRaven by Koi Security. The activity is assessed to have begun in August 2025, when the first
https://thehackernews.com/2025/10/phantomraven-malware-found-in-126-npm.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
