Breaking News – Cyber Threats (last 6h)
Generated: 2025-10-23 03:00 PDT
- Infocon: green
SANS ISC Diary (full) • 2025-10-23 02:55 • isc.sans.edu
ISC Stormcast For Thursday, October 23rd, 2025 https://isc.sans.edu/podcastdetail/9668
https://isc.sans.edu/diary.html?rss - “Jingle Thief” Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards
The Hacker News • 2025-10-23 00:52 • thehackernews.com
Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud.
“Jingle Thief attackers use phishing and smishing to steal credentials, to compromise organizations that issue gift cards,” Palo Alto Networks Unit 42 researchers
https://thehackernews.com/2025/10/jingle-thief-hackers-exploit-cloud.html - Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw
The Hacker News • 2025-10-22 22:47 • thehackernews.com
E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce and Magento Open Source platforms, with more than 250 attack attempts recorded against multiple stores over the past 24 hours.
The vulnerability in question is CVE-2025-54236 (CVSS score: 9.1), a critical improper input validation flaw that could be
https://thehackernews.com/2025/10/over-250-magento-stores-hit-overnight.html - Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms
The Hacker News • 2025-10-22 22:37 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild.
The vulnerability, CVE-2025-61932 (CVSS v4 score: 9.3), impacts on-premises versions of Lanscope Endpoint Manager, specifically Client
https://thehackernews.com/2025/10/critical-lanscope-endpoint-manager-bug.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
