F5 says hackers stole undisclosed BIG-IP flaws, source code
U.S. cybersecurity company F5 disclosed that nation-state hackers breached its systems and stole undisclosed BIG-IP security vulnerabilities and source code. The company states that it first became aware of the breach on August 9, 2025, with its investigations revealing that the attackers had gained long-term access to its system, including the company’s BIG-IP product development environment and engineering knowledge management platform. F5 is a Fortune 500 tech giant specializing in cybersecurity, cloud management, and application delivery networking (ADN) applications. The company has 23,000 customers in 170 countries, and 48 of the Fortune 50 entities use its products.
Fake LastPass, Bitwarden breach alerts lead to PC hijacks
An ongoing phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, urging them to download a supposedly more secure desktop version of the password manager. The messages direct recipients to download a binary that BleepingComputer has discovered installs Syncro, a remote monitoring and management (RMM) tool used by managed service providers (MSP) to streamline IT operations. The threat actors are using the Syncro MSP program to deploy the ScreenConnect remote support and access software.
Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped
Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the Extended Security Updates (ESU) program. Of the 183 vulnerabilities, eight of them are non-Microsoft issued CVEs. As many as 165 flaws have been rated as Important in severity, followed by 17 as Critical and one as Moderate. The vast majority of them relate to elevation of privilege vulnerabilities (84), with remote code execution (33), information disclosure (28), spoofing (14), denial-of-service (11), and security feature bypass (11) issues accounting for the rest.
UK: NCSC Reports 130% Spike in “Nationally Significant” Cyber Incidents
The UK’s National Cyber Security Centre (NCSC) reported 204 “national significant” cyber incidents between September 2024 and August 2025, according to the agency’s latest Annual Review 2025, published on October 14. This is the highest-ever number and represents an 130% increase compared to the previous year, when UK organizations faced 89 incidents of such high impact. In total, the NCSC received 1727 incident tips in the latest reported period, with 429 of those elevated to cyber incidents which required the agency’s support.
China Hackers Test AI-Optimized Attack Chains in Taiwan
A Chinese threat actor has been testing out whether artificial intelligence (AI) can enhance its cyberattacks against Taiwan. The AI revolution in cyber threats has been long heralded though little observed. For some years now, prognosticators have been warning about incoming AI-generated malware, exploitation techniques, even full attack chains right around the corner. In that time, though, there’s been scattered evidence of AI helping threat actors with much beyond research, very basic coding, and prosaic phishing emails. In an October update on its efforts to secure its own technology from threat actors, OpenAI took ample room to discuss “UNK_DropPitch,” a Chinese state-aligned threat actor. DropPitch has been trying to match the AI hype, using ChatGPT and a bit of DeepSeek to generate phishing emails and enhance its backdoor malware.
