Cyber Security News Daily Recap

Cybersecurity News | Daily Recap [21 Oct 2025]

admin
Cybersecurity News | Daily Recap [21 Oct 2025]

Daily Recap, A critical RCE affects over 75,000 WatchGuard Firebox devices and a Windows SMB vulnerability is being exploited in attacks, with additional bug disclosures and a USB recovery fix. Threat actors and campaigns include Snappybee via Citrix, GlassWorm supply-chain, and COLDRIVER Russian malware families.
#WatchGuard #SMB #Snappybee #GlassWorm #COLDRIVER

Vulnerabilities & Patches

  • A critical RCE affects over 75,000 WatchGuard Firebox devices, exposing appliances to remote compromise – WatchGuard RCE, WatchGuard RCE
  • CISA added high-risk Microsoft, Apple and Oracle flaws to its KEV catalog and reported five newly exploited bugs, including a high-severity Windows SMB flaw now used in attacks – CISA KEV, Exploited Bugs, SMB Exploited
  • Microsoft released emergency KB5070773 to fix a USB input problem that broke Windows Recovery after October updates – Windows Recovery, USB Break

Incidents & Breaches

  • Threat actors used Snappybee malware and a vulnerable Citrix service to breach a European telecom network – Telecom Breach
  • Ransomware disruptions forced Japanese retailer Askul to halt online orders and supplier-focused attacks caused retail giant Muji to suspend online sales – Retail Ransomware, Muji Halt

Malware & Threat Actors

  • A supply-chain campaign delivered GlassWorm malware via malicious VS Code extensions to target developers and environments – GlassWorm
  • Google attributed three new Russian malware families to the COLDRIVER group, expanding their observed toolset and tradecraft – COLDRIVER

Crypto & Infrastructure

  • A flaw in libbitcoin-explorer exposed over 120,000 Bitcoin private keys, putting funds at risk of theft – Bitcoin Keys
  • Private DNS provider DNS0.EU shut down over sustainability issues, disrupting users of the service – DNS Shutdown

Policy, Legal & Law Enforcement

  • China accused the NSA of attempting a cyberattack on its National Time Service Center, a claim reported amid escalating tensions – China Claim, China Report
  • South Korea is seeking to arrest dozens of online scam suspects repatriated from Cambodia as part of a transnational fraud crackdown – Skorea Arrests
  • A judge barred NSO from targeting WhatsApp users with spyware and reduced damages in a landmark decision – NSO Ruling

Industry & Business

  • Dataminr agreed to acquire ThreatConnect for $290 million to bolster its threat intelligence and response offerings – Dataminr Deal

AI Security

  • Experts recommend using AI capabilities to secure AI systems, outlining strategies to automate defenses and reduce risk – AI Security

Cybersecurity News | Daily Recap – hendryadrian.com

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint