Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed
Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious impersonation and social engineering attacks. The vulnerabilities “allowed attackers to manipulate conversations, impersonate colleagues, and exploit notifications,” Check Point said in a report shared with The Hacker News. Following responsible disclosure in March 2024, some of the issues were addressed by Microsoft in August 2024 under the CVE CVE-2024-38197, with subsequent patches rolled out in September 2024 and October 2025.
Chrome can now store your driver’s license and passport, but is that safe?
Filling out an online form that requests your driver’s license or passport information can be a hassle. You have to dig up your license and passport and then manually enter the requested numbers. Now, Google is enhancing the autofill option in Chrome to store and automatically fill in these details when required. Basic autofill has already been available in Chrome and other browsers. Typically, this option stores and can fill in such details as your name, address, phone number, email address, and even payment information. However, Google is taking the concept a couple of steps further.
Scattered Spider, ShinyHunters and LAPSUS$ Form Unified Collective
Scattered LAPSUS$ Hunters (SLH), previously observed hinting at an extortion-as-a-service offering and testing “Sh1nySp1d3r” ransomware, has now been identified not just as a loose collaboration but as a coordinated alliance blending Scattered Spider, ShinyHunters and LAPSUS$ under a shared operational banner. In a new advisory published today, Trustwave SpiderLabs reported the group is positioning itself as a federated collective. This development moves beyond earlier indications of tactical experimentation noted in October by Palo Alto Networks’ Unit 42.
European Authorities Dismantle €600 Million Crypto Fraud Network in Global Sweep
Nine people have been arrested in connection with a coordinated law enforcement operation that targeted a cryptocurrency money laundering network that defrauded victims of €600 million (~$688 million). According to a statement released by Eurojust today, the action took place between October 27 and 29 across Cyprus, Spain, and Germany, with the suspects arrested on charges of involvement in money laundering from fraudulent activities. In addition to the arrests of the individuals from their homes, authorities conducted searches that led to the seizure of €800,000 ($918,000) in bank accounts, €415,000 ($476,000) in cryptocurrencies, and €300,000 ($344,000) in cash.
M&S pegs cyberattack cleanup costs at £136M as profits slump
Marks & Spencer says its April cyberattack will cost around £136 million ($177.2 million) in total. The British retailer disclosed the figure in its half-year results Wednesday, having recorded £101.6 million ($132.4 million) in charges for the six months ended September 27. It expects another £34 million ($44.3 million) in the second half. M&S said £83 million ($108.2 million) was spent on “immediate systems response and recovery,” while the other expenses are connected to legal and other professional services.
CISA Warns of CWP Vulnerability Exploited in the Wild
The cybersecurity agency CISA on Tuesday warned that a critical vulnerability affecting the Control Web Panel (CWP) server administration software has been exploited in the wild. CWP, previously named CentOS Web Panel, is a free and widely used Linux web hosting control panel that is designed to simplify server management. A vulnerability in CWP, tracked as CVE-2025-48703, allows remote, unauthenticated attackers to execute arbitrary commands on vulnerable systems. An attacker in possession of a valid non-root username can bypass authentication and execute commands using specially crafted requests.
