![Cybersecurity News | Daily Recap [17 Oct 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [17 Oct 2025]")
Daily Recap, Hackers stole sensitive bidding, customer and payment data from Sotheby’s and other major breaches, highlighting continued exposure across auction, marketplace, and education sectors. The report also notes critical vulnerabilities, notable malware/APT activity, and privacy concerns from surveillance partnerships and unencrypted traffic. #SothebysBreached #ProsperBreach #KearneyPublicSchools #WatchGuardVulnerable #LinkProRootkit #ChollimaOtterCookie
Data breaches & leaks
- Hackers stole sensitive bidding, customer and payment data from auction house Sotheby’s, exposing financial and personal information – Sotheby’s Breach, Sotheby’s Financial, Sotheby’s Customers
- Marketplace platform Prosper breach impacts 17.6 million accounts, according to Have I Been Pwned warnings – Prosper Breach, Prosper Impact
- June cyberattack on Dairy Farmers of America confirmed to have leaked personal data from the cooperative – Dairy Farmers Leak
- Ransomware group claims to have hacked Kearney Public Schools, while the district says no ransom demand was received – Kearney Claim
Vulnerabilities & exploits
- Attackers exploited a Cisco SNMP flaw to deploy a rootkit on switches; official advisory and incident details published – Cisco SNMP, Cisco Advisory
- Microsoft assigned a record ‘highest ever’ severity score to an ASP.NET Core vulnerability, urging immediate attention – ASP.NET Severity
- Researchers disclosed a critical WatchGuard VPN bug that could allow attackers to take control of affected devices – WatchGuard Bug
- New LinkPro Linux rootkit leverages eBPF to hide and is activated via magic TCP packets, raising kernel-level stealth concerns – LinkPro Rootkit
Malware & APT activity
- North Korea‘s Chollima APT trojanized a Node.js app to deploy the OtterCookie RAT for cryptocurrency theft campaigns – Chollima OtterCookie
Microsoft & Windows
- Microsoft disrupted ransomware attacks that were targeting Teams users as part of ongoing takedown efforts – Teams Ransomware
- Microsoft warns of a 32% surge in identity hacks, driven mainly by stolen passwords, highlighting rising credential risk – Identity Surge
- Windows 11 updates are breaking localhost (127.0.0.1) HTTP/2 connections for some users and developers – Windows11 HTTP/2
- Office 2016 and Office 2019 have reached end of support, prompting upgrade and security considerations for organizations – Office EoS
Phishing & identity fraud
- Abuse of the ‘Whisper’ 2FA method has been linked to over 1,000,000 phishing attempts since July, showing rising MFA-targeted attacks – Whisper 2FA Abuse
- Authorities in Cambodia will repatriate South Koreans ensnared by scam compounds after diplomatic pressure, highlighting cross-border fraud networks – Cambodia Repatriation
Surveillance & privacy
- Ring plans to partner with Flock, making it easier for law enforcement to access home security camera footage and raising privacy concerns – Ring Flock
- Researchers warn that unencrypted satellite IP traffic is a widespread problem, exposing in-transit data across satellite links – Satellite Traffic
Governance & risk
- TPRM expert Andrew Morton outlines how organizations can transform third-party risk management from spreadsheets into a strategic defensive function – TPRM Transformation