Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Microsoft Services Experience Global Outage Due to Faulty Cloud Configuration
Microsoft experienced a widespread global infrastructure disruption on October 29, 2025, impacting Azure, Microsoft 365, Xbox, and Minecraft due to a faulty cloud network configuration.
-
NFC Relay Malware Exploits Android Tap-to-Pay for Fraudulent Transactions
Zimperium zLabs has discovered hundreds of malicious Android apps using NFC relay and Host Card Emulation to steal payment data from tap-to-pay transactions, turning infected phones into tools for payment fraud.
-
AI-Targeted Cloaking Attacks Emerge, Threatening Information Integrity
Researchers have identified a novel ‘AI-targeted cloaking attack’ that manipulates AI crawlers into citing fabricated information as legitimate facts, impacting search results and potentially spreading misinformation.
-
Nation-State Actor Breaches US Telecom Provider Ribbon Communications
A sophisticated nation-state actor has compromised the systems of Ribbon Communications, a critical US telecommunications infrastructure provider, raising concerns about potential impacts on major telecom firms. The breach, disclosed in late October 2025, involved unauthorized access to certain IT systems.
-
TEE.fail: Researchers Break Intel and AMD TEEs via DDR5 Memory Bus Interception
Researchers from Georgia Tech and Purdue have revealed TEE.fail — an attack that breaks Intel and AMD Trusted Execution Environments by physically interposing on DDR5 memory buses, extracting attestation keys and undermining confidential computing protections.
-
Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack
Cisco Talos and Trend Micro researchers have observed the Qilin ransomware group deploying a Linux payload on Windows systems using a BYOVD technique, marking a hybrid attack blending cross-platform execution with legitimate IT tools.
-
CVE-2025-59287: Actively Exploited WSUS Remote Code Execution Vulnerability Triggers Emergency Patching
CISA and security researchers warn of active exploitation of CVE-2025-59287, a critical WSUS RCE vulnerability prompting emergency patching across enterprise systems.
-
FIA Driver Portal Flaw Granted Admin Access, Exposed F1 Driver Data Including Max Verstappen’s PII
Security researchers identified a mass assignment flaw in the FIA Driver Categorisation portal that exposed personal data of Formula 1 drivers, including Max Verstappen, before being patched.
-
Aerospace and Defence Industry 2025: Digitalisation, Autonomy and Supply Chain Strain Define a Shifting Sector
A neutral analysis of how the global aerospace and defence sector in 2025 is defined by digitalisation, autonomous systems, and strained supply chains.
-
Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files
Phishing actors exploited fake Zoom invites and weaponized PDFs to target aid groups operating in Ukraine, blending social engineering with malicious document delivery.