Win10 still clings to over 40% of devices, proving it’s the IT equivalent of that one party guest who just won’t leave. Despite Microsoft’s support withdrawal, Defra’s ambitious IT refresh might be buying obsolescence, as they replace outdated systems with something that’s already out of date.

CISA has added Gladinet CentreStack and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog. These flaws, including a spicy OS command injection vulnerability, could make your IT department’s hair stand on end. Federal agencies have until November 25 to patch these vulnerabilities—or face wrath akin to forgetting your anniversary.

Nine people got an unexpected vacation from their crypto laundering day jobs after a Eurojust-led operation busted their €600M fraud ring. Authorities seized cash, crypto, and the group’s dreams of becoming blockchain billionaires. Remember, folks: crime doesn’t pay, but it sure does complicate your tax returns!

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security vulnerabilities impacting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities catalog. These flaws could lead to unintended disclosure of system files and unauthenticated remote code execution, which is as bad as it sounds. Stay patched, folks.

Kimsuky, a North Korean threat group, has updated its tools to avoid detection, specifically targeting South Korean users with HttpTroy. While HttpTroy boasts improved obfuscation techniques, the group’s penchant for blending in has even reached the hiring processes of major companies. The keyphrase in this excerpt is North Korean threat group.

DHS wants your DNA, your voice, and maybe even your firstborn’s cheek swab. In a move that sounds like a plot twist from a dystopian novel, the agency proposes a massive expansion of biometric data collection. Immigrants and some U.S. citizens might find themselves part of a high-tech family tree.

Curly COMrades, a threat group backing Russia, is using Linux virtual machines to hide their activities from Windows security tools. Their sneaky tactics, like deploying lightweight VMs, make them the James Bond of cyber espionage—minus the martinis but with plenty of computer viruses.

Watch out, WordPress users! The Post SMTP plugin is in hot water with a critical vulnerability, CVE-2025-11833, letting hackers hijack admin accounts. If your site uses this email delivery solution, update to version 3.6.1 pronto or risk joining the 210,000 sites left vulnerable to admin takeover attacks. Stay safe, patch wisely!

As ransomware groups step up their game, European organizations are increasingly in the crosshairs, with nearly 22% of global ransomware victims hailing from the continent. CrowdStrike’s report highlights that fast-moving adversaries like Scattered Spider are now deploying attacks within 24 hours, leaving cybersecurity teams scrambling like a cat on a hot tin roof.

The Apache Software Foundation denies the Akira ransomware gang’s claims of breaching OpenOffice and stealing 23 GB of data. Apparently, the gang is attempting to steal non-existent employee and financial data. It’s hard to steal notes from a meeting when the only meeting that ever happened was in the coffee line.

Zscaler’s report reveals that hundreds of malicious Android apps on Google Play were downloaded over 40 million times. Adware has taken the lead, accounting for 69% of all detections. Meanwhile, Anatsa, a sneaky banking trojan, and Xnotice, a job-seeking RAT, wreak havoc. Watch out for malware masquerading as productivity or job apps.

Google Chrome browser’s new enhanced autofill feature makes filling out forms a breeze by remembering personal data like licenses and vehicle identification numbers. While it’s a godsend for the forgetful, this convenience begs the question: Are we trading speed for security? Remember, even hackers appreciate an easy shortcut now and then!

Microsoft plans to remove Defender Application Guard from Office by December 2027, prompting a collective sigh of relief from office documents everywhere. Instead, files will open in Protected View, keeping security tight and document edits looser than a goose. So, admins, no need for panic—just a tiny adjustment to your security settings.

Scattered LAPSUS$ Hunters are making waves in the cybercrime scene with their extortion-as-a-service model. By creating and re-creating Telegram channels like a digital whack-a-mole, they dodge moderation while taunting law enforcement. With a custom ransomware family hinted at, SLH is the cyber equivalent of a chaotic, yet determined, startup.

Russia’s Curly COMrades is cleverly using Microsoft’s Hyper-V to create a hidden Alpine Linux-based virtual machine on compromised Windows machines. This stealthy setup bypasses endpoint security tools, giving them long-term access for espionage and malware deployment. Who knew virtual machines could have such a curly twist?

SesameOp backdoor cleverly misuses the OpenAI Assistants API to evade detection, swapping shady servers for legitimate cloud services. It’s like using a library’s quiet space to plot a heist—ingenious yet alarming. Microsoft and OpenAI have since disabled the culprit’s account. Stay vigilant, folks; even Sesame Street isn’t safe from cyber shenanigans!

The US Consumer Financial Protection Bureau’s infosec program is reportedly “not effective,” dropping from a “managed” level-4 maturity to a “defined” level-2. The audit blames outdated software and reliance on risk acceptance memorandums, which sounds like using a seatbelt made of spaghetti for cybersecurity risk profiles.

Miljödata, an IT supplier for 80% of Sweden’s municipalities, faced a cyberattack affecting 1.5 million people. The attackers demanded 1.5 Bitcoin, exposing sensitive data on the dark web. The Swedish Authority for Privacy Protection is investigating potential GDPR violations, focusing on Miljödata’s security measures and municipalities’ data handling practices.

JFrog revealed a critical vulnerability in the React Native Community CLI NPM package, CVE-2025-11953, with a CVSS score of 9.8. This flaw lets attackers send POST requests for arbitrary command execution. Developers, update to version 20.0.0 or higher, unless you enjoy living on the edge of cyber-disaster!

Nikkei’s Slack got hacked, exposing personal info of over 17,000 employees and partners. The breach stemmed from malware-infected credentials. Although the info isn’t legally protected, Nikkei reported it voluntarily, emphasizing transparency. No journalistic data was leaked, but it’s a stark reminder that even media giants aren’t immune to cyber shenanigans.