Daily Briefing for 10.10.25

Attacks, Threats, and Vulnerabilities

Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign (SecurityWeek) GreyNoise has discovered that attacks exploiting Cisco, Fortinet, and Palo Alto Networks vulnerabilities are launched from the same infrastructure.

Trends

In AI We Trust? Increasing AI Adoption in AppSec Despite Limited Oversight (Fastly) AI adoption in AppSec is soaring, yet oversight lags. Explore the paradox of trust vs. risk, false positives, and the future of AI in application security.

Technologies, Techniques, and Standards

Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits (WIRED) With the mercenary spyware industry booming, Apple VP Ivan Krstić tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million.

Google Launches AI Bug Bounty with $30,000 Top Reward (Infosecurity Magazine) Google has introduced a new AI Vulnerability Reward Program offering up to $30,000 for bug discoveries in its AI products

For a complete running list of events, please visit the Event Tracker.

Events

AFRL Space Cyber Summit (Albuquerque, New Mexico, USA, Oct 15 - 16, 2025) The AFRL Space Cyber Summit is an annual event hosted by the Air Force Research Laboratory (AFRL) to bring together experts from government, academia, and industry to advance space cyber expertise and technologies, foster community-wide collaboration, and anticipate future technology growth in a cyber-contested space domain. The summit aims to develop cyber-secure systems for space, protect against evolving threats, and identify opportunities for collaboration and innovation.

ISC2 Security Congress 2025 (Nashville + Virtual, Tennessee, USA, Oct 29 - 31, 2025) Join thousands of cybersecurity experts at ISC2 Security Congress 2025 and help lead the future of our connected world. Gain the insights you need to stay ahead of the evolving digital landscape. From innovative software to new security strategies, ISC2 Security Congress 2025 is designed to ensure you can navigate tomorrow’s threats.

Cyber Innovation Day 2025 | Datatribe (Washington, DC, USA, Nov 4, 2025) If you’re raising a seed or pre-seed round and are building the next category-defining company, we want to hear from you! The DataTribe Challenge is the headline event of the afternoon at Cyber Innovation Day 2025, where five finalists take the stage after weeks of hands-on coaching from seasoned startup operators and investors. These five finalists—along with additional promising startups—will exhibit in the Cyber Innovation Expo Hall, gaining high-impact exposure to top investors, cybersecurity leaders, and strategic partners.

CYBERWARCON (Virtual and Arlington, Virginia, USA, Nov 19, 2025) CYBERWARCON is a one-day conference in Arlington, VA focused on the specter of destruction, disruption, and malicious influence on our society through cyber capabilities. CYBERWARCON is not a hacker conference, or an ICS conference, or an international policy conference. The central purpose of this conference is to identify and explore threats. Participants and attendees come from a spectrum of backgrounds, including the military and government, academia, the media, and the private sector.