In a twist that would make any thriller proud, ToolShell vulnerabilities are exploited faster than you can say “SharePoint server.” The villains? None other than Linen Typhoon and Violet Typhoon, targeting everything from government to academia. It’s a strategic drama unfolding, and network segmentation is the hero we need to stop these attacks.

Prime Minister Keir Starmer relaunched his digital ID scheme, claiming it’s about “cutting the faff” and modernizing Britain. While optional for retirees, it’s mandatory for new job seekers. However, the idea of rummage-free drawers has sparked more skepticism than excitement, with 2.9 million petitions calling for the scheme’s removal.

The YouTube Ghost Network is not your average ghost story. This malicious network, active since 2021, has been haunting YouTube users with malware hidden in videos about pirated software and Roblox cheats. It’s like Casper the Unfriendly Ghost—only instead of charming antics, it delivers malware straight to your device. Boo!

A new Android threat, Android.Backdoor.Baohuo.1.origin, is spreading via fake Telegram X apps, giving attackers full control of users’ accounts. Disguised as a dating-enhanced version, it stealthily connects to remote servers. Victims, beware! This malware is as sneaky as a ninja in a library, but far less educational.

Microsoft disables the preview feature in Windows File Explorer for internet-downloaded files to prevent NTLM hash leaks. This update, part of the October 2025 Patch Tuesday, aims to protect users from attackers attempting to capture sensitive credentials. Because who knew that previewing files could be such a risky business adventure?

China-linked hackers exploited the ToolShell SharePoint flaw CVE-2025-53770 to breach a Middle East telecom just days after a patch was issued. These cyber marauders are like digital ninjas, slipping through defenses with the agility of a caffeinated squirrel, leaving a trail of compromised servers and bewildered IT staff in their wake.

Shield AI claims their new X-BAT drone can take off vertically, eliminating the need for a runway. It’s like a jet-powered ballerina—graceful, yet capable of delivering a tactical pirouette right into enemy territory. With VTOL, range, and multirole capability, X-BAT might just be the Swiss Army knife of the skies.

At Pwn2Own Ireland 2025, the excitement was overshadowed by a researcher pulling a WhatsApp exploit worth $1 million. While hacks on routers, NAS devices, and smart speakers cashed in, the WhatsApp drama left everyone buzzing about what could have been—and what might still be lurking in Eugene’s code.

Microsoft has unveiled OOB security updates for a critical WSUS vulnerability, CVE-2025-59287. This flaw enables remote code execution on Windows servers with WSUS Server Role enabled. With proof-of-concept exploit code lurking online, patching is crucial to prevent potential wormable threats. Admins should update pronto or risk unleashing chaos on their networks.

The GlassWorm worm spreads like a bad rumor through Visual Studio Code extensions, targeting developers and using the Solana blockchain for command-and-control. With invisible Unicode characters and Google Calendar as a backup, this worm turns developer machines into crypto-draining, proxy-serving zombies. It’s the malware equivalent of a really bad house guest.

At Pwn2Own Ireland 2025, hackers snagged $1,024,750 by exploiting 73 zero-day vulnerabilities. From iPhones to smart glasses, nothing was safe from their digital wizardry. Summoning Team took top honors, while Team Z3 skipped a $1 million prize, choosing discretion over dollars. Zero Day Initiative ensures these cyber secrets don’t end up in the wrong hands.

MuddyWater strikes again! Iran’s favorite cyberespionage crew has breached over 100 government entities across the Middle East and North Africa. Using a legitimate mailbox and VPN, they sent phishing emails packed with malware. With these muddy tactics, they’re proving that when it comes to espionage, Iran’s playbook is clear—even if the waters aren’t.

Pwn2Own Ireland 2025 Day 2 ends with hackers earning $792,750 for 56 zero-days, led by The Summoning Team’s Samsung Galaxy exploit. The event targets flagship smartphones, smart home devices and more, with $167,500 already claimed by the leading team. Will hackers leave any device unexploited? Stay tuned for Day 3!

Peter Williams, once the general manager at Trenchant, allegedly traded cyber secrets for $1.3 million to a mysterious Russian buyer. Now, federal prosecutors are seeking to seize his watches, designer gear, and cryptocurrency stash. L3Harris insists it plays nice with cyber powers, working only with those sharing high ethical standards.

The mob allegedly used hacked Deckmate 2 card shufflers to orchestrate a poker scam that even the NBA would call a slam dunk. With a little USB magic, they turned shuffling into a high-stakes heist, raking in millions. Who knew the real jackpot was in the shuffle, not the hand?

Toys “R” Us Canada has sent data breach notices after customer records were leaked online. Fortunately, no passwords or credit card details were exposed. So, while your toy shopping habits may be public, at least your bank account isn’t. Time to keep an eye out for phishing scams—and maybe a new password.

Toys R Us Canada experienced a data breach after attackers accessed their database and posted customer information online. Although names and addresses were stolen, the toy retailer assures no passwords or credit card details were compromised. In a classic plot twist, Toys R Us has yet to offer free identity protection to affected customers.

Lazarus hackers, North Korea’s cyber-spies, are back with Operation DreamJob, targeting European defense firms with fake recruitment lures. Their aim? To pilfer UAV technology secrets and boost North Korea’s drone program. Armed with trojanized PDFs and the ScoringMathTea RAT, they’re proving that even job offers can come with malware.

The Foundation for Defense of Democracies warns that a new UN cybercrime treaty might help authoritarian regimes suppress dissent. Critics argue its vague definitions could make the U.S. and allies complicit in foreign censorship. While the treaty could aid in tackling cyber threats, it risks empowering oppressive governments.

The Medusa ransomware group leaked 186.36 GB of data claimed to be stolen from Comcast. Initially demanding $1.2 million to keep the data under wraps, the group opted for a public release when negotiations with Comcast stalled. Comcast now joins the list of companies targeted by ransomware groups, with data available in 47 split files.