1. Security News – 2025-10-28
Tue Oct 28 2025 00:00:00 GMT+0000 (Coordinated Universal Time)
The Hacker News
Cybersecurity news and insights
SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats - October 28, 2025
A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025. The activity “reveals a notable evolution in SideWinder’s TTPs, particularly the adoption of a novel PDF and ClickOnce-based infection chain, in
SecurityWeek
Latest cybersecurity news
Chainguard Raises $280 Million in Growth Funding - October 27, 2025
Chainguard has raised $636 million in the past six months alone for its software supply chain security solutions.
The post Chainguard Raises $280 Million in Growth Funding appeared first on SecurityWeek.
Schneier on Security
Security news and analysis by Bruce Schneier
Louvre Jewel Heist - October 27, 2025
I assume I don’t have to explain last week’s Louvre jewel heist. I love a good caper, and have (like many others) eagerly followed the details. An electric ladder to a second-floor window, an angle grinder to get into the room and the display cases, security guards there more to protect patrons than valuables—seven minutes, in and out.
There were security lapses:
The Louvre, it turns out—at least certain nooks of the ancient former palace—is something like an anopticon: a place where no one is observed. The world now knows what the four thieves (two burglars and two accomplices) realized as recently as last week: The museum’s Apollo Gallery, which housed the stolen items, was monitored by a single outdoor camera angled away from its only exterior point of entry, a balcony. In other words, a free-roaming Roomba could have provided the world’s most famous museum with more information about the interior of this space. There is no surveillance footage of the break-in...
The Hacker News
Cybersecurity news and insights
New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands - October 27, 2025
Cybersecurity researchers have discovered a new vulnerability in OpenAI’s ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the artificial intelligence (AI)-powered assistant’s memory and run arbitrary code. “This exploit can allow attackers to infect systems with malicious code, grant themselves access privileges, or deploy malware,” LayerX
⚡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens - October 27, 2025
Security, trust, and stability — once the pillars of our digital world — are now the tools attackers turn against us. From stolen accounts to fake job offers, cybercriminals keep finding new ways to exploit both system flaws and human behavior. Each new breach proves a harsh truth: in cybersecurity, feeling safe can be far more dangerous than being alert. Here’s how that false sense of security
SecurityWeek
Latest cybersecurity news
Year-Old WordPress Plugin Flaws Exploited to Hack Websites - October 27, 2025
Roughly 9 million exploit attempts were observed this month as mass exploitation of the critical vulnerabilities recommenced.
The post Year-Old WordPress Plugin Flaws Exploited to Hack Websites appeared first on SecurityWeek.
Ransomware Payments Dropped in Q3 2025: Analysis - October 27, 2025
Coveware has attributed the drop to large enterprises increasingly refusing to pay up and smaller amounts paid by mid-market firms.
The post Ransomware Payments Dropped in Q3 2025: Analysis appeared first on SecurityWeek.
Chrome Zero-Day Exploitation Linked to Hacking Team Spyware - October 27, 2025
The threat actor behind Operation ForumTroll used the same toolset typically employed in Dante spyware attacks.
The post Chrome Zero-Day Exploitation Linked to Hacking Team Spyware appeared first on SecurityWeek.
The Hacker News
Cybersecurity news and insights
Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack - October 27, 2025
The ransomware group known as Qilin (aka Agenda, Gold Feather, and Water Galura) has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June. The development comes as the ransomware-as-a-service (RaaS) operation has emerged as one of the most active ransomware groups, accounting for
ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands - October 27, 2025
The newly released OpenAI ChatGPT Atlas web browser has been found to be susceptible to a prompt injection attack where its omnibox can be jailbroken by disguising a malicious prompt as a seemingly harmless URL to visit. “The omnibox (combined address/search bar) interprets input either as a URL to navigate to, or as a natural-language command to the agent,” NeuralTrust said in a report
SecurityWeek
Latest cybersecurity news
OpenAI Atlas Omnibox Is Vulnerable to Jailbreaks - October 25, 2025
Researchers have discovered that a prompt can be disguised as an url, and accepted by Atlas as an url in the omnibox.
The post OpenAI Atlas Omnibox Is Vulnerable to Jailbreaks appeared first on SecurityWeek.