SecurityProNews

Today's News | 10/22/25

Chinese Hackers Exploit Patched SharePoint Flaw in Global Espionage Campaign

Chinese state-linked hackers exploited a patched SharePoint vulnerability (CVE-2025-53770) to target telecoms, governments, and organizations across continents, deploying malware like Zingdoor and ShadowPad for espionage. Despite Microsoft's July 2025 patches, attacks persisted into October, highlighting the need for rapid patching and enhanced global cybersecurity defenses.

Apple Warns Fired iOS Exploit Developer of Mercenary Spyware Attack

Apple warned a former Trenchant Labs iOS exploit developer that his iPhone was targeted by government-linked mercenary spyware, shortly after his firing for suspected leaks. This ironic incident highlights the escalating cyber espionage arms race, where even exploit creators become victims. It underscores the need for stronger regulations on spyware sales.

How Virtual Phone Numbers Revolutionize Online Account Verification

Discover how virtual phone numbers enhance privacy and streamline account verification while protecting your personal data from unwanted exposure.

SecurityProNews
Trump Admin Lays Off 200 CISA Staff, Shifts to Border Security

SecurityProNews
AWS Appoints Ex-DataStax CEO Chet Kapoor as VP for AI Security

SecurityProNews
Apple Doubles Bug Bounty Payout to $2M for Severe Vulnerabilities

Apple has doubled its bug bounty program's maximum payout to $2 million for discovering severe vulnerabilities, such as zero-click attacks akin to Pegasus spyware, with bonuses up to $5 million for lockdown mode or beta findings. This initiative aims to counter state-sponsored threats and incentivize ethical hacking worldwide.