– layout: default title: Welcome nav_order: 1 description: “Just the Docs is a responsive Jekyll theme with built-in search that is easily customizable and hosted on GitHub Pages.” permalink: / —
Welcome to BSafes Library
BSafes library includes mobile-friendly cybersecurity publications.
News
November 3, 2025 – Breach
Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data Full Text
Abstract
The notorious Akira ransomware gang announced on October 29, 2025, that it successfully penetrated the systems of Apache OpenOffice, claiming to have exfiltrated a staggering 23 gigabytes of sensitive corporate data.GBHackers
November 3, 2025 – Breach
Proton Warns of 300 Million Stolen Login Details Circulating on Dark Web Full Text
Abstract
Privacy-focused technology company Proton has issued a warning about the escalating data breach crisis, revealing that hundreds of millions of stolen login credentials are actively circulating on the dark web.GBHackers
November 3, 2025 – General
Leak Site Ransomware Victims Spike 13% in a Year Full Text
Abstract
A review of data leak sites over the period September 2024-August 2025 revealed a double-digit annual increase in European victims, to 1380. After the UK, Germany, Italy, France and Spain were the most targeted nations.Infosecurity Magazine
November 3, 2025 – Vulnerabilities
New BOF Tool Bypasses Microsoft Teams Cookie Encryption to Steal User Chats Full Text
Abstract
Cybersecurity researchers have released a specialised Beacon Object File (BOF) tool that exploits a critical weakness in Microsoft Teams cookie encryption, enabling attackers to steal user chat messages and other sensitive communications.GBHackers
November 3, 2025 – Attack
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats Full Text
Abstract
A China-affiliated threat actor known as UNC6384 has been linked to a fresh set of attacks exploiting an unpatched Windows shortcut vulnerability to target European diplomatic and government entities between September and October 2025.The Hacker News
November 3, 2025 – Attack
ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability Full Text
Abstract
The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known as BADCANDY.The Hacker News
November 3, 2025 – Attack
Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack Full Text
Abstract
A suspected nation-state threat actor has been linked to the distribution of a new malware called Airstalk as part of a likely supply chain attack. Airstalk misuses the AirWatch API for Workspace ONE Unified Endpoint Management.The Hacker News
November 3, 2025 – Breach
Conduent January 2025 breach impacts 10M+ people Full Text
Abstract
A major data breach at Conduent has compromised the personal information of approximately 10,515,849 individuals. The breach, discovered exposed sensitive data including names, addresses, dates of birth, SSNs, and health and insurance information.Security Affairs
November 1, 2025 – General
One In Four Employees Use Unapproved AI Tools, Research Finds Full Text
Abstract
Overall, workers are broadly encouraged by their company to use AI as part of their workloads and the 1Password report found that of 5000 workers surveyed 73% said their company is in favor of such experimentation.Infosecurity Magazine
November 1, 2025 – Vulnerabilities
Critical Flaws Found in Elementor King Addons Affect 10,000 Sites Full Text
Abstract
The King Addons for Elementor plugin, used on over 10,000 sites, contains two unauthenticated critical issues that can lead to full site takeover. New research from Patchstack shows two easily exploitable flaws.Infosecurity Magazine
November 1, 2025 – Breach
Major telecom services provider Ribbon breached by state hackers Full Text
Abstract
Ribbon Communications, a provider of telecommunications services to the U.S. government and telecom companies worldwide, revealed that nation-state hackers breached its IT network as early as December 2024.Bleeping Computer
November 1, 2025 – Malware
Massive surge of NFC relay malware steals Europeans’ credit cards Full Text
Abstract
NFC relay malware has become increasingly prevalent in Eastern Europe, targeting Android users' payment card data. The malware exploits Android's HCE to manipulate contactless payment data.Bleeping Computer
November 1, 2025 – Privacy
Windows zero-day actively exploited to spy on European diplomats Full Text
Abstract
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. The attack chain begins with spearphishing emails that lead to the delivery of malicious LNK files.Bleeping Computer
October 31, 2025 – Vulnerabilities
Case of ActiveMQ Vulnerability Exploitation to Install Sharpire (Kinsing) Full Text
Abstract
A critical remote code execution vulnerability in Apache ActiveMQ is being actively exploited by the Kinsing (H2Miner) threat actor to deploy multiple malware strains, including the Sharpire backdoor, XMRig miner, and post-exploitation tools.Ahn Lab
October 31, 2025 – Attack
Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) Full Text
Abstract
A critical remote code execution vulnerability in Windows Server Update Services (WSUS), tracked as CVE-2025-59287, is being actively exploited in the wild. Attackers are leveraging this flaw to deploy the Skuld infostealer.Help Net Security
October 31, 2025 – Vulnerabilities
Splunk security advisory (AV25-710) Full Text
Abstract
Multiple vulnerabilities have been identified in various Splunk AppDynamics agents and the Splunk Operator for Kubernetes Add-on. These vulnerabilities stem from outdated third-party packages.Government of Canada
October 31, 2025 – Vulnerabilities
Drupal security advisory (AV25-709) Full Text
Abstract
A critical access bypass vulnerability has been identified in the Drupal module Simple OAuth (OAuth2) & OpenID Connect, affecting versions 6.0.0 through versions prior to 6.0.7.Government of Canada
October 31, 2025 – Phishing
Fake PayPal invoice from Geek Squad is a tech support scam Full Text
Abstract
A phishing campaign is impersonating PayPal and Geek Squad to execute a tech support scam. Victims receive fake invoices via email, prompting them to call a fraudulent support number, leading to potential financial loss and system compromise.Malware Bytes
October 31, 2025 – Breach
Ransomware gang claims Conduent breach: what you should watch for next Full Text
Abstract
SafePay ransomware claimed responsibility for a significant data breach at Conduent. The breach has exposed sensitive personal data of over half a million individuals across multiple states.Malware Bytes
October 30, 2025 – General
Your photo could be all AI needs to clone your voice Full Text
Abstract
A new AI-driven attack method, FOICE (Face-to-Voice), enables the generation of synthetic speech from facial images, posing a significant threat to voice authentication systems. This technique bypasses traditional deepfake detectors.Help Net Security
October 30, 2025 – Vulnerabilities
Jenkins security advisory (AV25-707) Full Text
Abstract
A recent security advisory has disclosed vulnerabilities in multiple Jenkins plugins. Users and administrators are urged to update the affected plugins to their latest versions to maintain the security and stability of their Jenkins environments.Government of Canada
October 30, 2025 – Vulnerabilities
Docker security advisory (AV25–708) Full Text
Abstract
A path traversal bug was identified in Docker Compose, affecting versions prior to v2.40.2. This issue arises from improper handling of OCI artifact layer annotations, which could potentially allow unauthorized file access.Government of Canada
October 30, 2025 – Vulnerabilities
Full Disclosure: Re: [FD] : “Glass Cage” – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885) Full Text
Abstract
A critical zero-click iMessage exploit chain, dubbed "Glass Cage", has been identified targeting iOS 18 devices. This attack leverages multiple vulnerabilities, CVE-2025-24085, CVE-2025-24201, and CNVD-2025-07885.SecLists
October 30, 2025 – Attack
AL25-016 Internet-accessible industrial control systems (ICS) abused by hacktivists Full Text
Abstract
Hacktivists are increasingly targeting internet-accessible Industrial Control Systems (ICS) across Canada, exploiting exposed components to disrupt operations, generate media attention, and undermine public trust.Government of Canada
October 30, 2025 – Education
Bolstering Cybersecurity Resilience in the Public Sector Full Text
Abstract
The public sector faces a surge in sophisticated cyber threats, including ransomware, phishing, and exploitation of 0-day vulnerabilities. They target sensitive data, disrupt essential services, and exploit trust in government institutions.Trust Wave
October 30, 2025 – Breach
‘Living off the land’ allowed Russia-linked group to breach Ukrainian entities this summer Full Text
Abstract
A Russia-linked threat actor breached Ukrainian entities in mid-2025 using stealthy LotL techniques. The attackers leveraged legitimate administrative tools and minimal custom malware to evade detection while stealing sensitive data.The Record
October 30, 2025 – Attack
PHP Servers and IoT Devices Face Growing Cyber-Attack Risks Full Text
Abstract
A surge in cyber-attacks is targeting PHP servers, IoT devices, and cloud gateways. These attacks are primarily driven by botnets such as Mirai, Gafgyt, and Mozi, which exploit known vulnerabilities and misconfigurations to expand their reach.Infosecurity Magazine
October 30, 2025 – Attack
BlueNoroff Expands Cyberattacks with AI-Driven Campaigns Targeting Executives Full Text
Abstract
BlueNoroff has launched AI-driven cyberattacks under the GhostCall and GhostHire campaigns. These operations are part of the broader SnatchCrypto campaign targeting blockchain, digital finance, and emerging crypto technologies.ESecurity Planet
October 29, 2025 – Ransomware
Ransomware Spotlight: DragonForce Full Text
Abstract
DragonForce is a rapidly evolving Ransomware-as-a-Service (RaaS) group, first observed in 2023 and gaining notoriety in 2025. Operating under the alias Water Tambanakua, the group has adopted a cartel model.Trend Micro
October 29, 2025 – Policy and Law
ICO fines sole trader for allegedly sending 1M spam texts Full Text
Abstract
A UK-based sole trader has been fined £200,000 for orchestrating a large-scale SMS spam campaign that targeted financially vulnerable individuals. The ICO found that nearly one million unsolicited messages were sent without valid consent.The Register
October 29, 2025 – General
Nation-State Cyber Ecosystems Weakened by Sanctions, Report Reveals Full Text
Abstract
A recent report based on the inaugural meeting of the Cyber Sanctions Taskforce—comprising officials from the UK, US, and EU—highlights the evolving role of sanctions in cyber deterrence strategies.Infosecurity Magazine
October 29, 2025 – Malware
Herodotus Android malware mimics human typing to evade detection Full Text
Abstract
Herodotus is a sophisticated Android device-takeover banking Trojan. It is engineered to evade behavioral biometrics and anti-fraud systems by mimicking human typing behavior through randomized delays.Security Affairs
October 29, 2025 – General
Bots, Bread and the Battle for the Web Full Text
Abstract
AI-powered malicious SEO is rapidly transforming the digital threat landscape, enabling threat actors to manipulate search engine algorithms at scale. This undermines the visibility of legitimate content, erodes trust in online information.Palo Alto Networks
October 29, 2025 – Vulnerabilities
PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778) Full Text
Abstract
A high-severity vulnerability, CVE-2025-40778, has been identified in BIND 9, the only actively maintained version of the Berkeley Internet Name Domain (BIND) software suite developed by the Internet Systems Consortium (ISC).Help Net Security
October 29, 2025 – Vulnerabilities
Full Disclosure: Stored Cross-Site Scripting (XSS) Full Text
Abstract
A stored Cross-Site Scripting (XSS) vulnerability has been identified in the layout functionality of Total.js version 5013. This flaw allows attackers to inject malicious JavaScript payloads into layout templates.SecLists
October 29, 2025 – Vulnerabilities
Full Disclosure: Struts2 and Related Framework Array Full Text
Abstract
A longstanding DoS vulnerability exists in Apache Struts2 and related frameworks due to unsafe deserialization of arrays and collections. This flaw allows attackers to craft minimal requests that result in the creation of massive data structures.SecLists
October 29, 2025 – Phishing
Scammers target international students by threatening their visa status Full Text
Abstract
A surge in social engineering scams is targeting international students in the US. These scams impersonate government officials, police, or university staff to coerce victims into disclosing sensitive information or making payments.Help Net Security
October 29, 2025 – Vulnerabilities
Full Disclosure: Current Password not Required When Changing Password Full Text
Abstract
A critical vulnerability has been identified in Total.js version 5013 that allows users to change their account password without providing the current password. This flaw can lead to unauthorized account access and potential privilege escalation.SecLists
October 27, 2025 – Malware
Baohuo Android Malware Hijacks Telegram Accounts via Fake Telegram X Full Text
Abstract
A new Android malware, Android.Backdoor.Baohuo.1.origin, is spreading via fake Telegram X apps, granting attackers full control over victims' Telegram accounts. Baohuo uses the Xposed framework to alter app behavior at runtime.Hack Read
October 27, 2025 – Malware
New CoPhish attack steals OAuth tokens via Copilot Studio agents Full Text
Abstract
CoPhish abuses the flexibility of Microsoft Copilot Studio, which allows users to create and share chatbot agents hosted on copilotstudio.microsoft.com. These agents can be customized using "topics"—automated workflows that include login prompts.Bleeping Computer
October 27, 2025 – Outage
Russian Rosselkhoznadzor hit by DDoS attack, food shipments across Russia delayed Full Text
Abstract
A large-scale Distributed Denial-of-Service (DDoS) attack has targeted Russia’s Federal Service for Veterinary and Phytosanitary Surveillance (Rosselkhoznadzor), severely disrupting food logistics across the country.Security Affairs
October 27, 2025 – Vulnerabilities
Full Disclosure: [REVIVE-SA-2025-002] Revive Adserver Vulnerability Full Text
Abstract
A high-severity SQL injection vulnerability (CVE-2025-52664) has been identified in Revive Adserver version 6.0.0. The flaw resides in the admin-search.php script and is exploitable via the keyword parameter using either GET or POST methods.SecLists
October 27, 2025 – Vulnerabilities
Full Disclosure: [REVIVE-SA-2025-001] Revive Adserver Vulnerability Full Text
Abstract
Successful exploitation allows execution of malicious scripts in the administrator’s browser context. However, the session cookie cannot be accessed or stolen via JavaScript.SecLists
October 27, 2025 – Breach
Safepay ransomware group claims the hack of professional video surveillance provider Xortec Full Text
Abstract
A ransomware attack by the Safepay group has compromised Xortec GmbH, a German provider of professional video surveillance and security solutions. The group has listed Xortec on its data leak site.Security Affairs
October 27, 2025 – Breach
Everest Ransomware Says It Stole 1.5M Dublin Airport Passenger Records Full Text
Abstract
The Everest ransomware group claimed responsibility for breaching Dublin Airport and Air Arabia. The group alleges the theft of approximately 1.5 million passenger records from Dublin Airport and personal data of over 18,000 Air Arabia employees.Hack Read
October 27, 2025 – Breach
Have I Been Pwned: MyVidster (2025) Data Breach Full Text
Abstract
A significant data breach has impacted MyVidster, compromising the personal information of nearly 3.9 million users. The data was publicly posted on a hacking forum, increasing the risk of phishing and credential-based attacks.Have I Been Pwned
October 27, 2025 – Denial Of Service
DDoS, data theft, and malware are storming the gaming industry Full Text
Abstract
As the global gaming market approaches $188.8 billion in value, attackers are exploiting its vast user base, digital assets, and third-party ecosystems to launch increasingly sophisticated attacks.Help Net Security
October 27, 2025 – APT
Mem3nt0 mori – The Hacking Team is back! Full Text
Abstract
A sophisticated APT campaign, dubbed Operation ForumTroll, has been linked to the use of advanced spyware tools including LeetAgent and Dante, developed by Memento Labs (formerly Hacking Team).Secure List
October 24, 2025 – Ransomware
Qilin ransomware: stats on attacks, ransoms & data breaches Full Text
Abstract
Qilin ransomware emerged as the most active ransomware group in 2025, with 701 claimed attacks and 116 TB of data stolen. Operating under a ransomware-as-a-service (RaaS) model, Qilin has seen a surge in activity following the shutdown of RansomHub.CompariTech
October 24, 2025 – General
Strings in the maze: Finding hidden strengths and gaps in your team Full Text
Abstract
The cybersecurity landscape has seen a significant shift in threat actor behavior, with a marked increase in the exploitation of public-facing applications, evolving ransomware tactics, and targeted cyber-espionage campaigns.Talos Intelligence
October 24, 2025 – Solution
Locking it down: A new technique to prevent LLM jailbreaks Full Text
Abstract
A new technique called LLM salting has been introduced to counteract jailbreak attacks on LLMs such as LLaMA-2-7B and Vicuna-7B. These attacks exploit the reuse of precomputed adversarial prompts across similar model deployments.Sophos
October 24, 2025 – Solution
Microsoft disables File Explorer preview for downloads to block attacks Full Text
Abstract
Microsoft has implemented a security enhancement in File Explorer that disables the preview pane for files downloaded from the internet. This change is designed to prevent credential theft attacks that exploit NTLM hash leakage.Bleeping Computer
October 24, 2025 – Vulnerabilities
Spoofed AI sidebars can trick Atlas, Comet users into dangerous actions Full Text
Abstract
Security researchers have uncovered a critical vulnerability in OpenAI's Atlas and Perplexity's Comet browsers that allows attackers to spoof the built-in AI sidebar. This spoofing attack can deceive users into executing malicious actions.Bleeping Computer
October 24, 2025 – Vulnerabilities
Atlassian security advisory (AV25-695) Full Text
Abstract
These vulnerabilities may expose organizations to potential security risks, including unauthorized access, data leakage, or service disruption, depending on the nature of the flaws in the affected products.Government of Canada
October 24, 2025 – Criminals
Google and Check Point nuke massive YouTube malware network Full Text
Abstract
A sophisticated malware campaign known as the "YouTube Ghost Network" has been dismantled by Google and Check Point after distributing over 3,000 malicious videos on YouTube.The Register
October 24, 2025 – Attack
Shadow Escape 0-Click Attack in AI Assistants Puts Trillions of Records at Risk Full Text
Abstract
A newly discovered zero-click attack, dubbed Shadow Escape, exploits MCP used by AI assistants. This attack enables the silent exfiltration of sensitive data—including SSNs, financial records, and medical identifiers—without any user interaction.Hack Read
October 24, 2025 – Breach
Medusa Ransomware Leaks 834 GB of Comcast Data After $1.2M Demand Full Text
Abstract
The Medusa ransomware group has leaked a 186.36 GB compressed archive of data allegedly stolen from Comcast Corporation. The data was released after Comcast reportedly failed to meet a $1.2 million ransom demand.Hack Read
October 24, 2025 – Breach
Toys R Us Canada customer data swiped, dumped online Full Text
Abstract
Toys R Us Canada disclosed that attackers accessed a customer database and exfiltrated personal information including names, addresses, phone numbers, and email addresses. However, the exact number of affected individuals remains undisclosed.The Register
October 20, 2025 – Vulnerabilities
A critical WatchGuard Fireware flaw could allow unauthenticated code execution Full Text
Abstract
An unauthenticated attacker can exploit the flaw to execute arbitrary code. The vulnerability is an out-of-bounds write issue that affects Fireware OS versions 11.10.2–11.12.4_Update1, 12.0–12.11.3, and 2025.1.Security Affairs
October 20, 2025 – Malware
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware Full Text
Abstract
The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs, indicating that the hacking group is actively refining its toolset.The Hacker News
October 20, 2025 – Breach
American Airlines subsidiary Envoy confirms Oracle data theft attack Full Text
Abstract
Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion gang listed American Airlines on its data leak site.Bleeping Computer
October 20, 2025 – Vulnerabilities
ConnectWise fixes Automate bug allowing AiTM update attacks Full Text
Abstract
ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate product that could expose sensitive communications to interception and modification.Bleeping Computer
October 20, 2025 – Malware
Malicious Perplexity Comet Browser Download Ads Push Malware Via Google Full Text
Abstract
A new malvertising campaign is taking advantage of the popularity of Perplexity’s recently released Comet browser, tricking users into downloading a malicious installer instead of the legitimate product.Hack Read
October 20, 2025 – Phishing
Google ads for fake Homebrew, LogMeIn sites push infostealers Full Text
Abstract
A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey.Bleeping Computer
October 20, 2025 – Phishing
TikTok videos continue to push infostealers in ClickFix attacks Full Text
Abstract
Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, and Netflix to spread information-stealing malware.Bleeping Computer
October 20, 2025 – APT
FortiGuard Tracks HoldingHands Malware Shift: Cross-Regional APT Uses Task Scheduler Hijack to Evade Detection Full Text
Abstract
FortiGuard Labs has uncovered a sophisticated cross-regional campaign that has gradually expanded from China to Taiwan, Japan, and most recently Malaysia, revealing a methodical evolution in both targeting and technical capability.Security Online
October 18, 2025 – Policy and Law
PowerSchool hacker got four years in prison Full Text
Abstract
A Massachusetts student has been sentenced to four years in prison for hacking and extorting approximately $3 million from two companies. The cyberattack led to the exposure of sensitive data belonging to nearly 70 million individualsSecurity Affairs
October 18, 2025 – General
Auto sector faces historic cyber threats to business continuity Full Text
Abstract
The automotive sector is facing an unprecedented wave of cyberattacks that threaten business continuity, disrupt global supply chains, and expose critical vulnerabilities in connected vehicle systems.Cybersecurity Dive
October 17, 2025 – Vulnerabilities
WatchGuard security advisory (AV25-677) Full Text
Abstract
WatchGuard has issued a security advisory (AV25-677) addressing a critical vulnerability in Fireware OS. The vulnerability, identified as an Out of Bounds Write in the iked component, affects multiple versions of the operating system.Govenment of Canada
October 16, 2025 – Phishing
Whisper 2FA Behind One Million Phishing Attempts Since July Full Text
Abstract
Whisper 2FA is a sophisticated phishing-as-a-service (PhaaS) platform responsible for nearly one million phishing attacks since July 2025. It ranks as the third most active phishing kit globally, following Tycoon and EvilProxy.Infosecurity Magazine
October 16, 2025 – Malware
GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware Full Text
Abstract
A new Android malware campaign, GhostBat RAT, is actively targeting Indian users by impersonating the legitimate mParivahan app. This malware is designed to steal financial data, mine cryptocurrency, and exfiltrate SMS messages.The Cyber Express
October 16, 2025 – Breach
Ransomware gang says it hacked Kearney Public Schools, but district says it didn’t get ransom demand Full Text
Abstract
Kearney Public Schools in Nebraska experienced a ransomware attack attributed to the Interlock gang, which claims to have stolen 354 GB of sensitive data, including personal, financial, and third-party information.CompariTech
October 16, 2025 – Government
Known Exploited Vulnerabilities Catalog Full Text
Abstract
A critical vulnerability affects Adobe Experience Manager Forms JEE. This flaw allows attackers to execute arbitrary code on affected systems. The vulnerability has been added to CISA’s KEV catalog, indicating confirmed exploitation in the wild.CISA
October 16, 2025 – Ransomware
Qilin Ransomware and the Ghost Bulletproof Hosting Conglomerate Full Text
Abstract
Qilin is a sophisticated Ransomware-as-a-Service (RaaS) group that emerged in 2022 and has since targeted high-value organizations globally. The group leverages bulletproof hosting (BPH) infrastructure to evade law enforcement and sustain operations.ReSecurity
October 16, 2025 – Breach
Fake LastPass, Bitwarden breach alerts lead to PC hijacks Full Text
Abstract
The campaign was strategically launched over the Columbus Day holiday weekend to exploit reduced staffing and delay detection. The phishing emails impersonate official communications from LastPass and Bitwarden.Bleeping Computer
October 16, 2025 – Vulnerabilities
Cisco security advisory (AV25-672) Full Text
Abstract
Cisco has released a security advisory, addressing multiple vulnerabilities across a range of its products. These vulnerabilities affect various Cisco collaboration and communication platforms.Government of Canada
October 16, 2025 – Vulnerabilities
Cisco must share more information about effects of severe bugs on businesses, senator says Full Text
Abstract
Two critical vulnerabilities—CVE-2025-30333 and CVE-2025-20362—affecting Cisco Adaptive Security Appliances (ASA) have triggered an emergency directive from CISA, requiring immediate patching by federal agencies.The Record
October 16, 2025 – Attack
Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits Full Text
Abstract
A new attack campaign, dubbed Operation Zero Disco, exploits the Cisco SNMP vulnerability CVE-2025-20352 to deploy Linux rootkits on unprotected Cisco devices. The campaign targets Cisco 9400, 9300, and legacy 3750G series switches.Trend Micro