{"uuid": "5dcdade7-8573-4d45-95e8-ac6dd591b21f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-10035", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/618", "content": "Top Security News for Today\n\nMassive npm infection: the Shai-Hulud worm and patient zero  \nhttps://securelist.com/shai-hulud-worm-infects-500-npm-packages-in-a-supply-chain-attack/117547/\n\nWhy \u201ccontained\u201d doesn\u2019t mean \u201csafe\u201d in modern SOCs  \nhttps://www.reddit.com/r/netsec/comments/1nq1xu9/why_contained_doesnt_mean_safe_in_modern_socs/\n\nMalicious-Looking URL Creation Service  \nhttps://www.schneier.com/blog/archives/2025/09/malicious-looking-url-creation-service.html\n\nYet Another Random Story. VBScript's Randomize Internals.  \nhttps://www.reddit.com/r/netsec/comments/1nq3i96/yet_another_random_story_vbscripts_randomize/\n\nHacking Furbo - A Hardware Research Project \u2013 Part 5: Exploiting BLE  \nhttps://www.reddit.com/r/netsec/comments/1nq36wg/hacking_furbo_a_hardware_research_project_part_5/\n\nXCSSET evolves again: Analyzing the latest updates to XCSSET\u2019s inventory  \nhttps://www.microsoft.com/en-us/security/blog/2025/09/25/xcsset-evolves-again-analyzing-the-latest-updates-to-xcssets-inventory/\n\nGoogle, period-tracking app to pay combined $56 million to settle privacy claims  \nhttps://therecord.media/google-flo-health-settle-privacy-class-action\n\nFederal agencies given one day to patch exploited Cisco firewall bugs  \nhttps://therecord.media/cisco-asa-firewall-bugs-cisa-federal-agencies-warning\n\nCNAPP is the Solution to Multi-cloud Flexibility  \nhttps://www.trendmicro.com/en_us/research/25/i/cnapp-multi-cloud.html\n\nNew LockBit 5.0 Targets Windows, Linux, ESXi  \nhttps://www.trendmicro.com/en_us/research/25/i/lockbit-5-targets-windows-linux-esxi.html\n\nCyberattack on British retailer Co-op shaved about $275 million from revenues, company says  \nhttps://therecord.media/retailer-the-co-op-cyberattack-lost-revenue\n\nIt Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2 - watchTowr Labs  \nhttps://www.reddit.com/r/netsec/comments/1nqgbd8/it_is_bad_exploitation_of_fortra_goanywhere_mft/\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-09-26T09:30:27.000000Z"}