Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Ribbon Communications Discloses Year-Long Nation-State Infiltration
American telecommunications firm Ribbon Communications has disclosed a year-long infiltration by nation-state hackers, highlighting persistent threats to critical infrastructure providers.
-
Nation-State Actor Implicated in Year-Long Ribbon Communications Breach
An American telecommunications company, Ribbon Communications, experienced a year-long security breach attributed to a nation-state actor, highlighting significant supply chain risks within the telecom sector.
-
Microsoft Services Experience Global Outage Due to Faulty Cloud Configuration
Microsoft experienced a widespread global infrastructure disruption on October 29, 2025, impacting Azure, Microsoft 365, Xbox, and Minecraft due to a faulty cloud network configuration.
-
NFC Relay Malware Exploits Android Tap-to-Pay for Fraudulent Transactions
Zimperium zLabs has discovered hundreds of malicious Android apps using NFC relay and Host Card Emulation to steal payment data from tap-to-pay transactions, turning infected phones into tools for payment fraud.
-
AI-Targeted Cloaking Attacks Emerge, Threatening Information Integrity
Researchers have identified a novel ‘AI-targeted cloaking attack’ that manipulates AI crawlers into citing fabricated information as legitimate facts, impacting search results and potentially spreading misinformation.
-
Nation-State Actor Breaches US Telecom Provider Ribbon Communications
A sophisticated nation-state actor has compromised the systems of Ribbon Communications, a critical US telecommunications infrastructure provider, raising concerns about potential impacts on major telecom firms. The breach, disclosed in late October 2025, involved unauthorized access to certain IT systems.
-
TEE.fail: Researchers Break Intel and AMD TEEs via DDR5 Memory Bus Interception
Researchers from Georgia Tech and Purdue have revealed TEE.fail — an attack that breaks Intel and AMD Trusted Execution Environments by physically interposing on DDR5 memory buses, extracting attestation keys and undermining confidential computing protections.
-
Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack
Cisco Talos and Trend Micro researchers have observed the Qilin ransomware group deploying a Linux payload on Windows systems using a BYOVD technique, marking a hybrid attack blending cross-platform execution with legitimate IT tools.
-
CVE-2025-59287: Actively Exploited WSUS Remote Code Execution Vulnerability Triggers Emergency Patching
CISA and security researchers warn of active exploitation of CVE-2025-59287, a critical WSUS RCE vulnerability prompting emergency patching across enterprise systems.
-
FIA Driver Portal Flaw Granted Admin Access, Exposed F1 Driver Data Including Max Verstappen’s PII
Security researchers identified a mass assignment flaw in the FIA Driver Categorisation portal that exposed personal data of Formula 1 drivers, including Max Verstappen, before being patched.