ThreatLocker helps organizations reduce risk by allowing trusted applications to run while limiting their access to only the resources they need. It’s a straightforward, default deny approach that gives you more control and visibility—without slowing down operations. Explore how ThreatLocker can help simplify your security strategy.
Join us on Wednesday, November 5 at 1 PM ET for a live discussion on how AI is reshaping Governance, Risk, and Compliance. Experts from Hyperproof and Grant Thornton join Dave Bittner to share firsthand experiences, practical insights, and a forward-looking perspective on how AI is transforming compliance workflows. Register now to attend live or watch on demand.
Peter Williams, a former director at the Trenchant division of American defense contractor L3Harris Technologies, has been charged with stealing and attempting to sell trade secrets to a buyer in Russia, according to the US Justice Department. Prosecutors allege Williams, a 39-year-old Australian, took seven trade secrets from two unidentified companies between April 2022 and August 2025.
The Register reports that Williams has been living lavishly in Washington, DC, and prosecutors are seeking the forfeiture of his house and assets. He resigned from L3Harris in August and is scheduled for arraignment and plea proceedings on October 29th. L3Harris and Trenchant are not accused of wrongdoing.
CompTIA is developing their first-ever certification focused on artificial intelligence in cybersecurity. The SecAI+certification aims to help mid-career cybersecurity professionals demonstrate competencies with AI tools. Learn how N2K can help you get a jumpstart on preparing for this new certification today.
Researchers at Forescout discovered two serious flaws affecting TP-Link Omada and Festa VPN routers that can grant attackers root privileges. CVE-2025-7850 (CVSS score of 9.3) can allow OS command injection via WireGuard VPN settings. In certain deployments, the flaw can be exploited without credentials. CVE-2025-7851 (CVSS score of 8.7) can lead to unauthorized root access through leftover debugging code.
Users are advised to apply vendor firmware updates for their TP-Link routers as soon as possible.
The Record reports that a DDoS attack on Russia’s food safety agency, Rosselkhoznadzor, has disrupted food deliveries across the country. The attack took down the electronic veterinary certification platform Mercury, which is used for food safety under Russian law. Suppliers can’t legally deliver animal products without these electronic certificates.
The Record notes that this is the fourth such attack on Mercury this year.
Today's issue includes events affecting , and Russia the United States.
Hacking Lab Boss Charged with Seeking to Sell Secrets in Russia (Bloomberg.com) A director at a company that sells computer vulnerabilities has been charged with stealing secrets to sell to an unspecified buyer in Russia, according to a court document and people familiar with the matter.
Trick or Treat: Bitdefender Labs Uncovers Halloween Scams Flooding Inboxes and Feeds (Bitdefender) Every October, inboxes and social feeds light up with haunted discounts, candy giveaways, and spooky deals.
Shadow Escape 0-Click Attack in AI Assistants Puts Trillions of Records at Risk (Hackread) Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread
Cyberattack on Russia’s food safety agency reportedly disrupts product shipments (The Record) A veterinary certification platform and systems that track products and chemicals were among the tools disrupted by a DDoS incident, Russia's food safety watchdog said.
CISA Releases Eight Industrial Control Systems Advisories | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA released eight Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
New TP-Link Router Vulnerabilities: A Primer on Rooting Routers (Forescout) At Forescout Research – Vedere Labs, we continuously investigate vulnerabilities across a wide range of connected devices, from solar inverters to programmable logic controllers. Recently, we have focused in particular on network equipment such as routers and VPN concentrators, which have become increasingly attractive targets for threat actors.
Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals (Recorded Future) Explore how Russia’s cybercriminal ecosystem evolved under Operation Endgame—where state control, selective enforcement, and criminal alliances collide.
New TP-Link Router Vulnerabilities: A Primer on Rooting Routers (Forescout) At Forescout Research – Vedere Labs, we continuously investigate vulnerabilities across a wide range of connected devices, from solar inverters to programmable logic controllers. Recently, we have focused in particular on network equipment such as routers and VPN concentrators, which have become increasingly attractive targets for threat actors.
North Korean Lazarus group targets the drone sector in Europe, likely for espionage, ESET Research discovers (ESET) Lazarus targeted several companies active in the defense industry in Central and Southeastern Europe.
Qilin ransomware: stats on attacks, ransoms & data breaches - Comparitech (Comparitech) This week, Qilin claimed responsibility for its 700th ransomware attack of 2025, establishing itself as the most prolific ransomware gang of the last few years.
Vault Viper: DNS, Malware, and iGaming Infrastructure (Infoblox Blog) Vault Viper is a threat actor leveraging DNS infrastructure and a custom browser for illegal gambling, and organized crime across Southeast Asia.
The Cyberthreat Report (October 2025) (Trellix) Authored by the Trellix Advanced Research Center, this report (1) highlights insights, intelligence, and guidance gleaned from multiple sources of critical data on cybersecurity threats and (2) develops expert, rational, and reasonable interpretations of this data to inform and enable best practices in cyber defense. This edition focuses on data and insights captured primarily between April 1, 2025 and September 30, 2025.
Pwn2Own WhatsApp Hacker Says Exploit Privately Disclosed to Meta (SecurityWeek) A total of $1,024,750 has been paid out at the Pwn2Own Ireland 2025 hacking contest organized by Trend Micro’s Zero Day Initiative (ZDI), but the event has been overshadowed by the last-minute withdrawal of a researcher who was scheduled to demonstrate a WhatsApp exploit worth $1 million.
Windows Server emergency patches fix WSUS bug with PoC exploit (BleepingComputer) Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code.
OpenText Cybersecurity 2025 Global Ransomware Survey: Rising Confidence Meets a Growing AI Threat (OpenText) While 95% of organizations are confident in their ransomware recovery, AI-driven attacks and limited data governance are undermining that certainty
Nightwing Monthly Intelligence Snapshot: October 2025 | Nightwing (LinkedIn) Last month’s cyber threat landscape saw a sharp rise in attacker sophistication across the software supply chain, core network infrastructure, and identity security. 🔎⚠️ From the "Shai-Hulud" NPM worm automating credential theft to advanced bootkits exploiting Cisco ASA vulnerabilities and MFA downgrade attacks bypassing phishing-resistant defenses, the innovation in tactics underscores the need for vigilance. Stay ahead of emerging threats and check back every month for a rollup of incidents and trends from the intelligence experts at #TeamNightwing. nightwing.com
Intruder’s 2025 Exposure Management Index: SMBs Face Rising Risk as AI Weaponizes Older CVEs (Business Wire) Intruder, a leader in exposure management, today announced the release of its 2025 Exposure Management Index, tracking the most critical vulnerabilities facing small and midsize businesses (SMBs) and how those organizations’ responses are evolving over time. The Index equips SMBs with security insights that have historically been gated behind massive enterprise budgets and external consultants.
Former L3Harris cyber director charged with selling secrets (The Register) The 0-days have left the building
For a complete running list of events, please visit the Event Tracker.
ISC2 Security Congress 2025 (Nashville + Virtual, Tennessee, USA, Oct 29 - 31, 2025) Join thousands of cybersecurity experts at ISC2 Security Congress 2025 and help lead the future of our connected world. Gain the insights you need to stay ahead of the evolving digital landscape. From innovative software to new security strategies, ISC2 Security Congress 2025 is designed to ensure you can navigate tomorrow’s threats.
Cyber Innovation Day 2025 | Datatribe (Washington, DC, USA, Nov 4, 2025) If you’re raising a seed or pre-seed round and are building the next category-defining company, we want to hear from you! The DataTribe Challenge is the headline event of the afternoon at Cyber Innovation Day 2025, where five finalists take the stage after weeks of hands-on coaching from seasoned startup operators and investors. These five finalists—along with additional promising startups—will exhibit in the Cyber Innovation Expo Hall, gaining high-impact exposure to top investors, cybersecurity leaders, and strategic partners.
CYBERWARCON (Virtual and Arlington, Virginia, USA, Nov 19, 2025) CYBERWARCON is a one-day conference in Arlington, VA focused on the specter of destruction, disruption, and malicious influence on our society through cyber capabilities. CYBERWARCON is not a hacker conference, or an ICS conference, or an international policy conference. The central purpose of this conference is to identify and explore threats. Participants and attendees come from a spectrum of backgrounds, including the military and government, academia, the media, and the private sector.
AWS re:Invent 2025 (Las Vegas, Nevada, USA, Dec 1 - 5, 2025) AWS re:Invent is a learning conference hosted by AWS for the global cloud computing community. The in-person event features keynote announcements, training and certification opportunities, access to more than 2,000 technical sessions, the Expo, after-hours events, and so much more.
TRUSTECH 2025 (Paris, France, Dec 2 - 4, 2025) This international event is the go-to place for all things payments, digital identity, cybersecurity, and fintech. With over 200 exhibitors, 100+ speakers, innovation awards, networking opportunities, and exclusive content, it’s the perfect place to discover what’s next in trusted technologies.
