News – October 2025

  • Red Hat confirms major data breach after hackers claim mega haul

    October 2, 2025

    Red Hat has confirmed suffering a potentially serious data breach, but the company said it was not able to verify hacker claims of stolen customer secrets. A hacking group called Crimson Collective claims to have accessed Red Hat’s private GitHub repositories, and exfiltrated approximately 570GB of different files from 28,000 internal projects. Among the files were ...

  • US Air Force admits SharePoint privacy issue as reports trickle out of possible breach

    October 1, 2025

    The US Air Force is reportedly investigating a potential data breach caused by a Microsoft SharePoint issue. A report from The Register revealed the Air Force Personnel Center Directorate of Technology and Information issued a data breach notification shared on social media. “This message is to inform you of a critical Personally Identifiable Information (PII) and ...

  • UK government tries again to access encrypted Apple customer data

    October 1, 2025

    The U.K. government is still trying to gain access to encrypted iCloud data, according to the Financial Times, after British officials allegedly filed a new secret order demanding Apple build a backdoor. On Wednesday, the British newspaper reported that the U.K. Home Office sent an order to Apple earlier in September requesting that the tech giant ...

  • Forensic journey: hunting evil within AmCache

    October 1, 2025

    When it comes to digital forensics, AmCache plays a vital role in identifying malicious activities in Windows systems. This artifact allows the identification of the execution of both benign and malicious software on a machine. It is managed by the operating system, and at the time of writing this article, there is no known way to ...

  • This new phishing kit turns PDF files into malware

    October 1, 2025

    A new PDF phishing kit is being sold on the dark web, promising customers advanced features, a simple interface, and competitive pricing, experts have warned. Security researchers from Varonis spotted MatrixPDF, an advanced solution being advertised as a legitimate tool, despite being circulated around the dark web. Its full name is MatrixPDF: Document Builder – Advanced ...

  • Data breach at Canadian airline WestJet affects 1.2M passengers

    October 1, 2025

    Canada’s second largest airline WestJet said the personal information of 1.2 million passengers was stolen in a cyberattack and data breach earlier this year. The airline disclosed the number of affected passengers in a filing with Maine’s attorney general, which confirmed 240 residents in the state were also affected. According to the notice, the stolen data ...

  • UK Government Wants to Keep $7 Billion in Stolen Bitcoin It Has Seized

    October 1, 2025

    The U.K. Government is seeking to keep most of the $7 billion in Bitcoin it seized in connection with a Chinese investment fraud, following the conviction of the fraud’s alleged organizer this week. Zhimin Qian pleaded guilty on counts of possessing and transferring criminal property at Southwark Crown Court on Monday, following last year’s conviction of ...

  • TOTOLINK X6000R: Three New Vulnerabilities Uncovered

    October 1, 2025

    Palo Alto security researchers have uncovered three vulnerabilities in the firmware of the TOTOLINK X6000R router, version V9.4.0cu.1360_B20241207, released on March 28, 2025: TOTOLINK is a manufacturer of networking products, including routers and other Internet of Things (IoT) devices used by consumers worldwide. The widespread adoption of these products makes their security a critical area of ...