Infosec bits for 2025 week 42

Heloise Meyer | Oct. 17, 2025, 8:27 a.m.

Cybersecurity News:

Prominent South African church group hacked [Jan Vermeulen, MyBroadband]

Gcore Mitigates Record-Breaking 6 Tbps DDoS Attack [HackRead, HackRead]

Beyond the Black Box: Building Trust and Governance in the Age of AI [Steve Durbin, SecurityWeek]

Take Note: Cyber-Risks With AI Notetakers [Gadi Evron, Dark Reading]

Your passwords don’t need so many fiddly characters, NIST says [David Ruiz, Malwarebytes]

Cyberattacks:

Legit tools, illicit uses: Velociraptor, Nezha turned against victims [Zeljka Zorz, Help Net Security]

New Android Pixnapping attack steals MFA codes pixel-by-pixel [Bill Toulas, BleepingComputer]

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign [Ravie Lakshmanan, The Hacker News]

100,000+ IP Botnet Launches Coordinated RDP Attack Wave Against US Infrastructure [Noah Stone, GreyNoise]

Vulnerabilities & Patches:

Operation Zero Disco: Attackers Exploit Cisco SNMP Vulnerability to Deploy Rootkits [Dove Chiu, Trend Micro]

Devs are writing VS Code extensions that blab secrets by the bucketload [Connor Jones, The Register]

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped [Ravie Lakshmanan, The Hacker News]

Adobe Patches Critical Vulnerability in Connect Collaboration Suite [Ionut Arghire, SecurityWeek]

Final Windows 10 Patch Tuesday update rolls out as support ends [Lawrence Abrams, BleepingComputer]

Malware:

New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs [Ravie Lakshmanan, The Hacker News]

NK’s Famous Chollima Use BeaverTail and OtterCookie Malware in Job Scam [Deeba Ahmed, HackRead]