October 2025

Iran’s MuddyWater wades into 100+ government networks in latest spying spree

Group-IB says Tehran-linked crew used hijacked mailbox and VPN to sling phishing emails across Middle East Iran's favorite muddy-footed cyberespionage crew is at it again, this time breaching more than 100 government entities across the Middle East and North Africa, according to researchers at Group-IB.…

Cyber exec with lavish lifestyle charged with selling secrets to Russia

The 0-days have left the building Federal prosecutors have charged a former general manager of US government defense contractor L3Harris's cyber arm Trenchant with selling secrets to an unidentified Russian buyer for $1.3 million.…

Trump’s workforce cuts blamed as America’s cyber edge dulls

The Cyberspace Solarium Commission says years of progress are being undone amid current administration's cuts America's once-ambitious cyber defences are starting to rust, according to the latest annual report from the US Cyberspace Solarium Commission (CSC), which warns that policy momentum has slowed and even slipped backwards thanks…

Google nukes 3,000 YouTube videos that sowed malware disguised as cracked software

Check Point helps exorcise vast 'Ghost Network' that used fake tutorials to push infostealers Google has taken down thousands of YouTube videos that were quietly spreading password-stealing malware disguised as cracked software and game cheats.…

SpaceX pulls plug on 2,500 Starlink terminals tied to Myanmar fraud farms

Criminal outfits had been using Musk's broadband beacons to run cyber-slavery scams across Southeast Asia SpaceX says it has shut down thousands of Starlink terminals that were powering Myanmar's notorious scam compounds after its satellite network was found to be keeping human trafficking and cyber-fraud operations online in…

This free IGA tool boosts your identity security

Here are five ways tenfold's free IGA solution helps you streamline identity governance and access control. Partner Content  In a world where one wrong click can set off a catastrophic breach, organizations must control what their users have access to if they want to stop mission-critical assets from…

Forking confusing: Vulnerable Rust crate exposes uv Python packager

Forks of forks of forks, but which ones are patched? A vulnerability in the popular Rust crate async-tar has affected the fast uv Python package manager, which uses a forked version that's now patched – but the most widely downloaded version remains unfixed.…

Jaguar Land Rover cyber-meltdown tipped to cost the UK almost £2B

That's a lot of extended warranties The Jaguar Land Rover (JLR) cyberattack could end up being the costliest such incident in UK history, billed at an estimated £1.9 billion and affecting over 5,000 organizations.…

UK data regulator defends decision not to investigate MoD Afghan data breach

ICO says probe unnecessary after reviewing ministry's handling of leak The UK's data protection regulator declined to launch an investigation into a leak at the Ministry of Defence that risked the lives of thousands of Afghans connected with the British Armed Forces.…

Restructuring risk operations: building a business-aligned cyber strategy

Why organizations need a new strategy to break down silos and usher in a new era of risk intelligence Partner Content  As cyber risk continues to escalate, many organizations face a disconnect between cybersecurity investments and actual risk reduction. Despite increased security budgets, formal cyber risk programs, and…

Copyright © 2026 Lugapel