Breaking News – Cyber Threats (last 6h)
Generated: 2025-10-31 03:00 PDT
- Ukrainian extradited from Ireland on Conti ransomware charges
BleepingComputer • 2025-10-31 02:40 • www.bleepingcomputer.com
A Ukrainian national believed to be a member of the Conti ransomware operation has been extradited to the United States and faces charges that could get him 25 years in prison. […]
https://www.bleepingcomputer.com/news/security/ukrainian-extradited-from-ireland-on-conti-ransomware-charges/ - CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers
The Hacker News • 2025-10-31 01:46 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation.
“By restricting administrative access, implementing multi-factor authentication, enforcing strict transport security
https://thehackernews.com/2025/10/cisa-and-nsa-issue-urgent-guidance-to.html - Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery
The Hacker News • 2025-10-31 01:02 • thehackernews.com
Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to revoke a small number of tokens that were leaked within Visual Studio Code (VS Code) extensions published in the marketplace.
The action comes following a report from cloud security company Wiz earlier this month, which found several extensions from both Microsoft’s VS Code Marketplace and Open VSX
https://thehackernews.com/2025/10/eclipse-foundation-revokes-leaked-open.html - CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks
The Hacker News • 2025-10-31 00:09 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Broadcom VMware Tools and VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild.
The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), which could be exploited by an attacker to attain
https://thehackernews.com/2025/10/cisa-flags-vmware-zero-day-exploited-by.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
