Risk
-
Former L3Harris cyber executive charged with selling trade secrets to Russia
Federal prosecutors say Peter Williams, a former Trenchant general manager, misappropriated eight trade secrets and sold them to an undisclosed buyer in Russia, allegedly earning about $1.3 million; prosecutors seek forfeiture of multiple assets and an arraignment is set for Oct. 29.
-
Researchers warn spoofed AI sidebars can trick Atlas and Comet users into dangerous actions
Security researchers at SquareX say they can use a malicious browser extension to overlay a fake AI sidebar in Atlas and Comet, tricking users into phishing pages, OAuth theft of Gmail/Drive access, or running commands that install a reverse shell.
-
CISA Adds Critical Lanscope Endpoint Manager Flaw to KEV Catalog
CISA added CVE-2025-61932, a critical arbitrary-code vulnerability in Motex Lanscope Endpoint Manager, to its Known Exploited Vulnerabilities catalog and said it is being actively exploited; Motex has released patched versions and agencies are advised to remediate by Nov. 12, 2025.
-
BIND flaws could enable DNS cache poisoning; patches issued
BIND developers warned of two vulnerabilities, CVE-2025-40778 and CVE-2025-40780, that can enable DNS cache poisoning by allowing forged responses to be accepted; patches were released and operators are urged to apply them.
-
Hackers exploit critical SessionReaper flaw in Adobe Commerce, Sansec says
E-commerce security firm Sansec reported active exploitation of the critical SessionReaper flaw (CVE-2025-54236) in Adobe Commerce, blocking over 250 attempts and warning that a majority of stores remain unpatched.
-
Meta launches new anti-scam tools for WhatsApp and Messenger
Meta introduced new scam-detection features for Messenger and warnings for WhatsApp to help users spot and avoid scams, said the company, and reported disabling nearly 8 million accounts linked to scam centers while removing more than 21,000 impersonating Pages and accounts.
-
One-day ‘PhantomCaptcha’ spearphishing campaign delivered WebSocket RAT to Ukraine relief organizations
A one-day PhantomCaptcha spearphishing campaign on Oct. 8 used fake CAPTCHA prompts and ClickFix-style commands to install a WebSocket RAT, targeting Ukrainian regional officials and organisations involved in war relief, researchers said.
-
UK regulator declines formal probe into MoD Afghan data leak, commissioner tells MPs
The UK Information Commissioner told MPs his office decided not to open a formal investigation into a Ministry of Defence data breach that exposed details of Afghan resettlement applicants, citing concerns an inquiry might hinder the MoD’s response and noting resource limits for handling classified material.
-
Kaspersky outlines ‘PassiveNeuron’ campaign using bespoke implants and Cobalt Strike
Kaspersky has reported a sustained espionage campaign named PassiveNeuron that has targeted government, financial and industrial servers across Asia, Africa and Latin America since mid-2024, using bespoke implants Neursite and NeuralExecutor alongside Cobalt Strike; the activity remains unattributed.
-
High-severity parsing flaw in async-tar and forks could enable file overwrite and RCE
A boundary parsing flaw in async-tar and forks including tokio-tar, tracked as CVE-2025-62518 and dubbed TARmageddon, can allow nested TARs to be treated as outer entries and be used to overwrite files and enable remote code execution; users are advised to migrate to astral-tokio-tar v0.5.6.
