Cyber News 16OCT2025

General

• AU: Austrade to be future breach victim…they’re installing FortiFail: https://www.itnews.com.au/news/austrade-to-replace-its-data-centre-core-network-621042
• UK: Classic DE vs OE… DE ‘our SOC actions P2 alerts in 45 minutes’, OE ‘we get to them in a couple of days’…and they provide SOC services to others: https://therecord.media/capita-record-fine-uk-ico-ransomware-attack / https://www.theregister.com/2025/10/15/ico_fines_capita_14m/ / https://www.bleepingcomputer.com/news/security/capita-to-pay-14-million-for-data-breach-impacting-66-million-people/
• (This one's everywhere!) F5 says hackers stole undisclosed BIG-IP flaws, source code: https://www.cybersecuritydive.com/news/f5-supply-chain-breach-nation-state-cisa/802887/ / https://www.bleepingcomputer.com/news/security/hackers-breach-f5-to-steal-undisclosed-big-ip-flaws-source-code/ / https://www.sec.gov/Archives/edgar/data/1048695/000104869525000149/ffiv-20251015.htm / https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/Multiple-high-severity-vulnerabilities-in-F5-products-and-incident-impacting-F5 / https://arstechnica.com/security/2025/10/breach-of-f5-requires-emergency-action-from-big-ip-users-feds-warn/
• Okta outage: https://status.okta.com/ / https://cyberplace.social/system/media_attachments/files/115/379/778/557/716/341/original/4abf0f7e2b065750.jpeg
• Discord vs 5CA - still pointing fingers: https://www.theverge.com/news/799274/discord-security-breach-5ca-vendor-blamed-not-hacked
• shinyhunte[.]rs is now displaying this message on their site: https://infosec.exchange/@vxdb/115379546881552353
• US: More on the big US bitcoin seizure: https://www.elliptic.co/blog/15-billion-us-seizure-reveals-prince-groups-connection-to-iran-china-bitcoin-mining-theft
• 🤦 Call centre software with a clanger of a bug (UnAuth RCE): https://www.vulncheck.com/blog/ictbroadcast-kev / https://github.com/rapid7/metasploit-framework/pull/20446/files#diff-a7dfe4ff61ef8c02a8c96506a6b5d6cacf4ade2cb0b2153fbce8f61ed75947b5R79-R87

Getting techy

• AMD Secure Enclave attack: https://rmpocalypse.github.io/
• Linux malware analysis, with magic packet: https://www.synacktiv.com/en/publications/linkpro-ebpf-rootkit-analysis

AI

• Nvidia DGX Spare - interesting option for local LLMs: https://arstechnica.com/ai/2025/10/nvidia-sells-tiny-new-computer-that-puts-big-ai-on-your-desktop/ / https://simonwillison.net/2025/Oct/14/nvidia-dgx-spark/
• Vibe coding your secrets into the public domain: https://www.theregister.com/2025/10/15/vc_code_extension_leaks/
• Bypassing perplexity-based jailbreak detection (LatentBreak): https://arxiv.org/abs/2510.08604