Lightnews — Scholar-powered news

Hackers exploiting zero-day in Gladinet file sharing software

Sami Laiho @samilaiho.com · 10h

Hackers exploiting zero-day in Gladinet file sharing software
www.bleepingcomputer.com/news/securit...

Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication.

Apple now offers $2 million for zero-click RCE vulnerabilities

Sami Laiho @samilaiho.com · 11h

Apple now offers $2 million for zero-click RCE vulnerabilities
www.bleepingcomputer.com/news/securit...

Apple is announcing a major expansion and redesign of its bug bounty program, doubling maximum payouts, adding new research categories, and introducing a more transparent reward structure.

Hacktivists deactivate after falling into researchers' trap

Sami Laiho @samilaiho.com · 11h

Pro-Russia hacktivist group dies of cringe after falling into researchers'
trap
www.theregister.com/2025/10/10/r...

: Forescout's phony water plant fooled TwoNet into claiming a fake cyber victory – then it quietly shut up shop

Cops seize Scattered Lapsus$ Hunters' BreachForums domain

Sami Laiho @samilaiho.com · 11h

Cops nuke BreachForums (again) amid cybercrime supergroup extortion blitz
www.theregister.com/2025/10/10/c...

: US and French fuzz pull the plug on Scattered Lapsus$ Hunters' latest leak shop targeting Salesforce

Velociraptor leveraged in ransomware attacks

Reposted by Sami Laiho

Nicky De Westelinck @nickydewestelinck.be · 14h

Got my hands on this awesome sticker! Thanks @samilaiho.com! 🙏🏻 #Stickers

2 8

Sami Laiho @samilaiho.com · 11h

Velociraptor leveraged in ransomware attacks
blog.talosintelligence.com/velociraptor...

Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool.

blog.talosintelligence.com

Sami Laiho @samilaiho.com · 1d

krebsonsecurity.com/2025/10/ddos...

DDoS Botnet Aisuru Blankets US ISPs in Record DDoS

The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Ver...

krebsonsecurity.com

Sami Laiho @samilaiho.com · 1d

That is actually a valid question 🤔 I have not yet had to decide whether Admin Right are Animal Rights. @paulacqure.bsky.social s raccoons look like they at least think so.

Reposted by Sami Laiho

Nicky De Westelinck @nickydewestelinck.be · 1d

Last session before the Closing Keynote at @appmanagevent.bsky.social, @samilaiho.com showing us 11 ways to hack Windows 11. #AppManagEvent2025

1 1

Sami Laiho @samilaiho.com · 1d

Luckily not the Admin foot

Developing a machine-learning model to detect DLL hijacking

Sami Laiho @samilaiho.com · 1d

How we trained an ML model to detect DLL hijacking
securelist.com/building-ml-...

An expert at the Kaspersky AI expertise center explains how the team developed a machine-learning model to identify DLL hijacking attacks.

securelist.com

Sami Laiho @samilaiho.com · 1d

Responding to Cloud Incidents A Step-by-Step Guide from the 2025 Unit 42
Global Incident Response Report
unit42.paloaltonetworks.com/responding-t...

Responding to Cloud Incidents: A Step-by-Step Guide From the 2025 Unit 42 Global Incident Response Report

Cloud breaches are rising. This step-by-step guide from Unit 42 shows how to investigate, contain and recover from cloud-based attacks.

unit42.paloaltonetworks.com

Sami Laiho @samilaiho.com · 1d

Global Cyber Threats September 2025: Attack Volumes Ease Slightly, but GenAI
Risks Intensify as Ransomware Surges 46%
blog.checkpoint.com/security/glo...

Global Cyber Threats September 2025: Attack Volumes Ease Slightly, but GenAI Risks Intensify as Ransomware Surges 46% - Check Point Blog

In September 2025, the global cyber threat landscape reflected a temporary stabilization in overall attack volumes — yet beneath the surface, ransomware

blog.checkpoint.com

Discord says 70,000 users had government IDs exposed in third-party breach

Sami Laiho @samilaiho.com · 1d

Discord says 70,000 users had government IDs exposed in third-party breach
therecord.media/discord-gove...

The social media platform Discord said about 70,000 users had their government IDs stolen by cybercriminals, as the company sought to dispel claims by the purported hackers of a larger breach.

therecord.media

Sami Laiho @samilaiho.com · 1d

Hacktivists target critical infrastructure, hit decoy plant
www.bleepingcomputer.com/news/securit...

Hacktivists target critical infrastructure, hit decoy plant

A pro-Russian hacktivist group called TwoNet pivoted in less than a year from launching distributed denial-of-service (DDoS) attacks to targeting critical infrastructure.

Kubernetes crash takes down Azure Portal and Microsoft Entra

Sami Laiho @samilaiho.com · 1d

Kubernetes kicks down Azure Front Door
www.theregister.com/2025/10/09/k...

: This time outage was not actually Microsoft's fault

SonicWall breach hit every cloud backup customer, not 5%

1 1

Sami Laiho @samilaiho.com · 1d

SonicWall breach hits every cloud backup customer after 5% claim goes up in
smoke
www.theregister.com/2025/10/09/s...

: Affects users regardless of when their backups were created

RondoDox botnet targets 56 n-day flaws in worldwide attacks

Sami Laiho @samilaiho.com · 1d

RondoDox botnet targets 56 n-day flaws in worldwide attacks
www.bleepingcomputer.com/news/securit...

A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosed during Pwn2Own hacking competitions.