New infosec products of the week: October 24, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Axoflow, Elastic, Illumio, Keycard, Netscout and Rubrik. Axoflow Security Data Layer …
Researchers expose large-scale YouTube malware distribution network
Check Point researchers have uncovered, mapped and helped set back a stealthy, large-scale malware distribution operation on YouTube they dubbed the “YouTube Ghost …
Wireshark 4.6.0 brings major updates for packet analysis and decryption
If you’ve ever used Wireshark to dig into network traffic you know how vital even small upgrades can be. With version 4.6.0 the team behind the open-source network protocol …
Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)
CVE-2025-61932, an “improper verification of source of a communication channel” vulnerability affecting Lanscope Endpoint Manager, has been exploited as a zero-day …
Critical Adobe Commerce, Magento vulnerability under attack (CVE-2025-54236)
Attackers are trying to exploit CVE-2025-54236, a critical vulnerability affecting Adobe Commerce and Magento Open Source, Sansec researchers have warned. The company blocked …
Faster LLM tool routing comes with new security considerations
Large language models depend on outside tools to perform real-world tasks, but connecting them to those tools often slows them down or causes failures. A new study from the …
Your wearable knows your heartbeat, but who else does?
Smartwatches, glucose sensors, and connected drug-monitoring devices are common in care programs. Remote monitoring helps detect changes early and supports personalized …
How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector
ESET researchers have uncovered a fresh wave of Operation DreamJob, a long-running campaign linked to North Korea’s Lazarus Group. This latest activity targeted several …
The next cyber crisis may start in someone else’s supply chain
Organizations are getting better at some aspects of risk management but remain underprepared for the threats reshaping the business landscape, according to a new Riskonnect …
Gartner predicts the technologies set to transform 2026
Gartner has unveiled its vision for the technologies that will define 2026, spotlighting the innovations and risks that business and IT leaders can’t afford to ignore. The …
Attackers target retailers’ gift card systems using cloud-only techniques
A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this …
Attackers turn trusted OAuth apps into cloud backdoors
Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain …
Featured news
Resources
Don't miss
- Metis: Open-source, AI-driven tool for deep security code review
- How to cut security tool sprawl without losing control
- Product showcase: Proton Pass, a password manager with identity protection
- Internet slowly recovers after far-reaching Cloudflare outage
- Google patches yet another exploited Chrome zero-day (CVE-2025-13223)