Microsoft’s October Patch Tuesday delivers fixes for 173 security vulnerabilities across its ecosystem, including six zero‑day issues. By Microsoft’s definition, zero‑days are flaws that were publicly disclosed before a patch became available or those with confirmed in‑the‑wild exploitation. Several of this month’s bugs fall into the latter category, elevating patch prioritization for enterprise defenders. Actively … Read more

Approximately 200,000 Framework devices running Linux were shipped with legitimately signed UEFI Shell components that include the memory modify (mm) command, according to Eclypsium. In the affected configuration, attackers can abuse mm to bypass Secure Boot and load persistent bootkits. Framework has acknowledged the issue and is rolling out fixes; users are advised to apply … Read more

Discord has disclosed a third‑party support incident that exposed a subset of users’ identity document images and fragments of payment information, reigniting concerns about supply‑chain risk in cybersecurity. While one threat group claims millions of records were compromised, Discord says the exposure is far smaller, and outsourcing partner 5CA states its systems were not the … Read more

Unity Technologies has disclosed a compromise of the SpeedTree storefront in which a malicious JavaScript was injected into the checkout page to silently harvest buyer information. According to a notice filed with the Maine Attorney General, the unauthorized script operated from March 13 to August 26, 2025 and impacted at least 428 customers. Incident summary: … Read more

Google’s Threat Intelligence Group (GTIG) has linked North Korean threat actor UNC5342 to a new wave of attacks that, since February 2025, employ EtherHiding—a technique that stores and serves malicious code from public blockchain smart contracts. The campaign, dubbed Contagious Interview, combines fake developer job tests, multi-chain payload hosting on Ethereum and BNB Smart Chain, … Read more

Windows 11 users report that recent updates—October cumulative KB5066835 and the September preview KB5065789—cause localhost instability by breaking HTTP/2 connections to 127.0.0.1. After installation, browsers and clients frequently fail the handshake with ERR_CONNECTION_RESET or ERR_HTTP2_PROTOCOL_ERROR, disrupting developer workflows and applications that rely on local web services. HTTP/2 to 127.0.0.1 fails with connection resets The failure … Read more

F5 has disclosed a cybersecurity incident attributed to a state‑sponsored threat actor that maintained persistent access to segments of its infrastructure tied to development and release processes for BIG‑IP—the widely deployed application delivery and traffic management platform reportedly used by 48 of the world’s 50 largest enterprises. The intrusion was detected on August 9, 2025; … Read more

Threat researchers at eSentire have identified a new backdoor dubbed ChaosBot, written in Rust and using Discord as command-and-control (C2). First observed in late September 2025 within a financial-sector environment, the malware enables host reconnaissance, arbitrary command execution, and persistence while blending into legitimate network traffic, complicating detection. Initial Access: LNK Phishing and Abused Credentials … Read more

AMD has released patches for “RMPocalypse” (CVE-2025-0033), a vulnerability that can undermine the confidentiality and integrity guarantees of Secure Encrypted Virtualization with Secure Nested Paging (SEV‑SNP). Discovered by ETH Zurich researchers, the flaw exploits a race condition during early platform initialization to allow a targeted single write to the Reverse Map Table (RMP)—the central data … Read more