Daily Briefing for 10.30.25

Attacks, Threats, and Vulnerabilities

Canada says hacktivists breached water and energy facilities (BleepingComputer) The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial controls that could have led to dangerous conditions.

Cloud Atlas hackers target Russian agriculture sector ahead of industry forum (The Record) The attack, which is the second time the group has hit Russia’s agro industrial firms in recent months, coincided with preparations for the Russian agriculture forum scheduled for the end of the month in Moscow.

Malicious NPM packages fetch infostealer for Windows, Linux, macOS (BleepingComputer) Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component that collects sensitive data from Windows, Linux, and macOS systems.

Legislation, Policy, and Regulation

FCC adopts new rule targeting robocalls (The Record) The agency’s decision to approve a proposal released on October 7 means the FCC will broaden the definition of “caller identity information,” implement new requirements for service providers and mandate that providers alert consumers when calls are coming from overseas.

Litigation, Investigation, and Law Enforcement

Revealed: Israel demanded Google and Amazon use secret ‘wink’ to sidestep legal orders (the Guardian) The tech giants agreed to extraordinary terms to clinch a lucrative contract with the Israeli government, documents show

For a complete running list of events, please visit the Event Tracker.

Events

ISC2 Security Congress 2025 (Nashville + Virtual, Tennessee, USA, Oct 29 - 31, 2025) Join thousands of cybersecurity experts at ISC2 Security Congress 2025 and help lead the future of our connected world. Gain the insights you need to stay ahead of the evolving digital landscape. From innovative software to new security strategies, ISC2 Security Congress 2025 is designed to ensure you can navigate tomorrow’s threats.

Cyber Innovation Day 2025 | Datatribe (Washington, DC, USA, Nov 4, 2025) If you’re raising a seed or pre-seed round and are building the next category-defining company, we want to hear from you! The DataTribe Challenge is the headline event of the afternoon at Cyber Innovation Day 2025, where five finalists take the stage after weeks of hands-on coaching from seasoned startup operators and investors. These five finalists—along with additional promising startups—will exhibit in the Cyber Innovation Expo Hall, gaining high-impact exposure to top investors, cybersecurity leaders, and strategic partners.

CYBERWARCON (Virtual and Arlington, Virginia, USA, Nov 19, 2025) CYBERWARCON is a one-day conference in Arlington, VA focused on the specter of destruction, disruption, and malicious influence on our society through cyber capabilities. CYBERWARCON is not a hacker conference, or an ICS conference, or an international policy conference. The central purpose of this conference is to identify and explore threats. Participants and attendees come from a spectrum of backgrounds, including the military and government, academia, the media, and the private sector.

AWS re:Invent 2025 (Las Vegas, Nevada, USA, Dec 1 - 5, 2025) AWS re:Invent is a learning conference hosted by AWS for the global cloud computing community. The in-person event features keynote announcements, training and certification opportunities, access to more than 2,000 technical sessions, the Expo, after-hours events, and so much more.

TRUSTECH 2025 (Paris, France, Dec 2 - 4, 2025) This international event is the go-to place for all things payments, digital identity, cybersecurity, and fintech. With over 200 exhibitors, 100+ speakers, innovation awards, networking opportunities, and exclusive content, it’s the perfect place to discover what’s next in trusted technologies.