Cyber Security news for Information Security professionals pulled from the likes of; Krebs on Security, The hacker news, Zero day initiative, SANS, Microsoft, AWS and NCSC.

The DFIR Report

• From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion
  September 29, 2025
  Key Takeaways Private Threat Briefs: 20+ private DFIR reports annually.   Contact us today for pricing or a demo!   Table of Contents: Case Summary Analysts […]
• Blurring the Lines: Intrusion Shows Connection With Three Major Ransomware Gangs
  September 8, 2025
  Key Takeaways Private Threat Briefs: 20+ private DFIR reports annually. Contact us today for pricing or a demo! Table of Contents: Case Summary Analysts Initial Access […]
• From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
  August 5, 2025
  Overview Bumblebee malware has been an initial access tool used by threat actors since late 2021. In 2023 the malware was first reported as using […]

Krebs On Security News

• Aisuru Botnet Shifts from DDoS to Residential Proxies
  October 29, 2025
  Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals […]
• Canada Fines Cybercrime Friendly Cryptomus $176M
  October 22, 2025
  Financial regulators in Canada this week levied $176 million in fines against Cryptomus, a digital payments platform that supports dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services. The penalties for violating Canada's anti money-laundering laws come ten months after KrebsOnSecurity noted that […]
• Email Bombs Exploit Lax Authentication in Zendesk
  October 17, 2025
  Cybercriminals are abusing a widespread lack of authentication in the customer service platform Zendesk to flood targeted email inboxes with menacing messages that come from hundreds of Zendesk corporate customers simultaneously.
• Patch Tuesday, October 2025 ‘End of 10’ Edition
  October 14, 2025
  Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least three vulnerabilities that are already being actively exploited. October's Patch Tuesday also marks the final month that Microsoft will ship security updates for Windows […]
• DDoS Botnet Aisuru Blankets US ISPs in Record DDoS
  October 10, 2025
  The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say the heavy concentration of infected devices at U.S. providers […]

The Hacker News

• NASA, DARPA Will Test Nuclear Engine for Future Mars Missions
  October 30, 2025
  Article URL: https://www.nasa.gov/news-release/nasa-darpa-will-test-nuclear-engine-for-future-mars-missions/ Comments URL: https://news.ycombinator.com/item?id=45761056 Points: 1 # Comments: 0
• Tongyi Deep Research – relatively lightweight hi-perf open-source model
  October 30, 2025
  Article URL: https://tongyi-agent.github.io/blog/introducing-tongyi-deep-research/ Comments URL: https://news.ycombinator.com/item?id=45761047 Points: 1 # Comments: 0
• ZOZO's Contact Solver (for physics-based simulations)
  October 30, 2025
  Article URL: https://github.com/st-tech/ppf-contact-solver Comments URL: https://news.ycombinator.com/item?id=45761042 Points: 1 # Comments: 0
• Pomelli: Google's free tool for generating website marketing posters is amazing
  October 30, 2025
  Article URL: https://pomelli.top Comments URL: https://news.ycombinator.com/item?id=45761036 Points: 1 # Comments: 1
• PlanetScale Offering $5 Databases
  October 30, 2025
  Article URL: https://planetscale.com/blog/5-dollar-planetscale Comments URL: https://news.ycombinator.com/item?id=45761027 Points: 3 # Comments: 0

NCSC Weekly Threat Reports

• Active Cyber Defence (ACD) – the fourth year
• Active Cyber Defence (ACD) – The Third Year
• Impact of AI on cyber threat from now to 2027
• Vendor Security Assessment
• Threat report on application stores