Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Nation-State Actor Breaches US Telecom Provider Ribbon Communications
A sophisticated nation-state actor has compromised the systems of Ribbon Communications, a critical US telecommunications infrastructure provider, raising concerns about potential impacts on major telecom firms. The breach, disclosed in late October 2025, involved unauthorized access to certain IT systems.
-
TEE.fail: Researchers Break Intel and AMD TEEs via DDR5 Memory Bus Interception
Researchers from Georgia Tech and Purdue have revealed TEE.fail — an attack that breaks Intel and AMD Trusted Execution Environments by physically interposing on DDR5 memory buses, extracting attestation keys and undermining confidential computing protections.
-
Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack
Cisco Talos and Trend Micro researchers have observed the Qilin ransomware group deploying a Linux payload on Windows systems using a BYOVD technique, marking a hybrid attack blending cross-platform execution with legitimate IT tools.
-
CVE-2025-59287: Actively Exploited WSUS Remote Code Execution Vulnerability Triggers Emergency Patching
CISA and security researchers warn of active exploitation of CVE-2025-59287, a critical WSUS RCE vulnerability prompting emergency patching across enterprise systems.
-
FIA Driver Portal Flaw Granted Admin Access, Exposed F1 Driver Data Including Max Verstappen’s PII
Security researchers identified a mass assignment flaw in the FIA Driver Categorisation portal that exposed personal data of Formula 1 drivers, including Max Verstappen, before being patched.
-
Aerospace and Defence Industry 2025: Digitalisation, Autonomy and Supply Chain Strain Define a Shifting Sector
A neutral analysis of how the global aerospace and defence sector in 2025 is defined by digitalisation, autonomous systems, and strained supply chains.
-
Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files
Phishing actors exploited fake Zoom invites and weaponized PDFs to target aid groups operating in Ukraine, blending social engineering with malicious document delivery.
-
EU Privacy-Focused DNS0.eu Ends Operations Over Funding Challenges
The EU-backed DNS0.eu resolver has shut down after failing to secure continued funding, highlighting challenges in sustaining privacy-centric internet infrastructure.
-
LockBit 5.0 resurfaces with multi-platform payloads; H-ISAC warns healthcare sector
H‑ISAC and vendor research this October flag LockBit 5.0, which targets Windows, Linux and ESXi; organisations — especially healthcare — are urged to prioritise detection, backups and patching.
-
Poland arrests 55 suspects over Russian-linked espionage operations
Polish authorities report 55 arrests linked to Russian espionage and sabotage, reflecting a broader hybrid threat targeting infrastructure and logistics routes.