Top 20 Cybersecurity International News

1. Experts Report Sharp Increase in Automated Botnet Attacks: PHP servers and IoT devices are being targeted by botnets exploiting known vulnerabilities [Source: https://thehackernews.com/2025/10/experts-reports-sharp-increase-in.html]
2. New AI-Targeted Cloaking Attack: AI crawlers are tricked into citing fake information as verified facts through a technique called "AI-targeted cloaking" [Source: https://thehackernews.com/2025/10/new-ai-targeted-cloaking-attack-tricks.html]
3. Preparing for the Digital Battlefield of 2026: Unmanaged identity debt, privilege sprawl from AI agents, and automated account poisoning are highlighted as critical threats [Source: https://thehackernews.com/2025/10/preparing-for-digital-battlefield-of.html]
4. Russian Hackers Target Ukrainian Organizations: Threat actors of Russian origin are using stealthy "living-off-the-land" tactics to siphon data and maintain access to Ukrainian networks [Source: https://thehackernews.com/2025/10/russian-hackers-target-ukrainian.html]
5. 10 npm Packages Caught Stealing Developer Credentials: Malicious npm packages are designed to deliver an information stealer targeting Windows, Linux, and macOS systems [Source: https://thehackernews.com/2025/10/10-npm-packages-caught-stealing.html]
6. Active Exploits Hit Dassault and XWiki: CISA confirms critical flaws under attack, including code injection and remote code execution vulnerabilities [Source: https://thehackernews.com/2025/10/active-exploits-hit-dassault-and-xwiki.html]
7. New TEE.Fail Side-Channel Attack: Secrets are extracted from Intel and AMD DDR5 secure enclaves using a side-channel attack [Source: https://thehackernews.com/2025/10/new-teefail-side-channel-attack.html]
8. New Android Trojan 'Herodotus' Outsmarts Anti-Fraud Systems: This banking trojan mimics human behavior to bypass detection in Italy and Brazil [Source: https://thehackernews.com/2025/10/new-android-trojan-herodotus-outsmarts.html]
9. Researchers Expose GhostCall and GhostHire: North Korean threat actors target the Web3 and blockchain sectors [Source: https://thehackernews.com/2025/10/researchers-expose-ghostcall-and.html]
10. CISA Warns of Exploited DELMIA Factory Software Vulnerabilities: Two DELMIA Apriso flaws can be chained to gain privileged access and execute code remotely [Source: https://www.securityweek.com/cisa-warns-of-exploited-delmia-factory-software-vulnerabilities/]
11. New Attack Targets DDR5 Memory to Steal Keys from Intel and AMD TEEs: A new TEE.fail attack method has been disclosed [Source: https://www.securityweek.com/new-attack-targets-ddr5-memory-to-steal-keys-from-intel-and-amd-tees/]
12. QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability: A critical flaw allows attackers to smuggle HTTP requests and access sensitive data [Source: https://www.securityweek.com/qnap-netbak-pc-agent-affected-by-recent-asp-net-core-vulnerability/]
13. Russian Hackers Attacking Government Entity: Ukrainian government organizations continue facing cyber threats [Source: https://cybersecuritynews.com/russian-hackers-attacking-government-entity/]
14. Threat Actors Weaponize Judicial Documents: PureHVNC RAT is delivered through weaponized documents [Source: https://cybersecuritynews.com/threat-actors-weaponizes-judicial-documents/]
15. Emerging Cyber Threats Featuring QR Codes ClickFix and LOLBins: SOC defenses are being challenged by these techniques [Source: https://cybersecuritynews.com/emerging-cyber-threats/]
16. WordPress Plugin Vulnerability Exposes 7 Million Sites to XSS Attack: A cross-site scripting (XSS) vulnerability has been discovered [Source: https://cybersecuritynews.com/wordpress-litespeed-cache-plugin-vulnerability/]
17. Hikvision Exploiter – An Automated Exploitation Toolkit Targeting Hikvision IP Cameras: A new open-source tool has emerged [Source: https://cybersecuritynews.com/hikvisionexploiter-exploitation-toolkit/]
18. 10 Malicious npm Packages with Auto-Run Feature: A multi-stage credential harvester is deployed via these packages [Source: https://cybersecuritynews.com/10-malicious-npm-packages-with-auto-run-feature/]
19. Full Disclosure: Dovecot CVE-2025-30189: Auth cache causes access to wrong account: A high-severity vulnerability was identified in the Dovecot IMAP Server versions 2.4.0 and 2.4.1 [Source: https://seclists.org/fulldisclosure/2025/Oct/29?&web_view=true]
20. China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats: A China-affiliated threat actor known as UNC6384 has been linked to a fresh set of attacks exploiting an unpatched Windows shortcut vulnerability to target European diplomatic and government entities between September and October 2025. [Source: https://thehackernews.com/2025/10/china-linked-hackers-exploit-windows.html?&web_view=true]