EtherHiding, Phishing, Adobe Flaw & Data Breach – 10/16/2025

Secure Your Business Now

Today’s privacy briefing highlights critical threats, including North Korean hackers employing ‘EtherHiding’ tactics and an ongoing phishing campaign targeting password manager users. CISA warns of active exploitation of a maximum-severity Adobe flaw, while Capita faces a hefty fine for a significant data breach. Scams involving cryptocurrency ATMs continue to pose a risk to consumers.

Top 5 Critical Privacy Alerts

  • North Korean hackers use EtherHiding to hide malware on the blockchain: Hackers are using a new tactic to deliver malware, steal cryptocurrency, and perform espionage. Read more
  • Fake LastPass, Bitwarden breach alerts lead to PC hijacks: Phishing campaign targets password manager users, urging them to download a malicious desktop version. Read more
  • CISA: Maximum-severity Adobe flaw now exploited in attacks: Attackers are actively exploiting a maximum-severity vulnerability in Adobe Experience Manager to execute code. Read more
  • Capita to pay £14 million for data breach impacting 6.6 million people: The ICO has fined Capita £14 million for a 2023 data breach exposing millions of people’s data. Read more
  • Cryptocurrency ATMs: Cryptocurrency ATMs are used to scam people out of their money, with usurious fees and a common place for scammers. Read more

ATMs

  • Cryptocurrency ATMs: Cryptocurrency ATMs are used to scam people out of their money, with usurious fees and a common place for scammers. Read more

Cybersecurity

  • Incident Response Defenses: Can You Take Advantage of a Cyber Program Safe Harbor?: Organizations can take advantage of states’ safe harbor provisions for data incident preparedness. Read more

Data Breach

  • Incident Response Defenses: Can You Take Advantage of a Cyber Program Safe Harbor?: Organizations can take advantage of states’ safe harbor provisions for data incident preparedness. Read more

Data Security

  • Incident Response Defenses: Can You Take Advantage of a Cyber Program Safe Harbor?: Organizations can take advantage of states’ safe harbor provisions for data incident preparedness. Read more

General Privacy & Data Security News & Developments

  • The Sensitive Data Bulk Transfer Rule: What You Need to Know: The U.S. Department of Justice’s Sensitive Data Bulk Transfer Rule is in effect, including due diligence and compliance requirements. Read more

Google

  • YouTube is down worldwide with playback error: YouTube is facing a global outage, with users reporting playback errors on both the website and mobile apps. Read more

Legal

  • Capita to pay £14 million for data breach impacting 6.6 million people: The ICO has fined Capita £14 million for a 2023 data breach exposing millions of people’s data. Read more

Microsoft

  • Microsoft debuts Copilot Actions for agentic AI-driven Windows tasks: Microsoft announced Copilot Actions, enabling AI agents to perform real tasks on local files and applications. Read more
  • Microsoft: Sept Windows Server updates cause Active Directory issues: Microsoft confirmed that the September 2025 security updates are causing Active Directory issues on Windows Server 2025 systems. Read more

Security

  • CISA: Maximum-severity Adobe flaw now exploited in attacks: Attackers are actively exploiting a maximum-severity vulnerability in Adobe Experience Manager to execute code. Read more
  • Unified Exposure Management Platforms: The Future of Preemptive Cyber Defense: Unified Exposure Management Platforms continuously identifies, validates, and fixes exploitable risks before adversaries strike. Read more
  • North Korean hackers use EtherHiding to hide malware on the blockchain: Hackers are using a new tactic to deliver malware, steal cryptocurrency, and perform espionage. Read more
  • Microsoft adds Copilot voice activation on Windows 11 PCs: Windows 11 users can start a conversation with Copilot by saying the “Hey Copilot” wake word. Read more
  • Microsoft debuts Copilot Actions for agentic AI-driven Windows tasks: Microsoft announced Copilot Actions, enabling AI agents to perform real tasks on local files and applications. Read more
  • Capita to pay £14 million for data breach impacting 6.6 million people: The ICO has fined Capita £14 million for a 2023 data breach exposing millions of people’s data. Read more
  • PowerSchool hacker gets sentenced to four years in prison: A college student was sentenced to four years in prison for a cyberattack on PowerSchool in December 2024. Read more
  • Fake LastPass, Bitwarden breach alerts lead to PC hijacks: Phishing campaign targets password manager users, urging them to download a malicious desktop version. Read more
  • F5 releases BIG-IP patches for stolen security vulnerabilities: F5 has released security updates to address BIG-IP vulnerabilities stolen in a breach detected on August 9, 2025. Read more
  • Clothing giant MANGO discloses data breach exposing customer info: Spanish fashion retailer MANGO is sending notices of a data breach to its customers. Read more

Software

  • YouTube is down worldwide with playback error: YouTube is facing a global outage, with users reporting playback errors on both the website and mobile apps. Read more

Uncategorized

  • Get a credit freeze to stop identity thieves: Freezing your credit is a great place to start to help protect yourself from identity theft. Read more
  • How to spot a job scam: There are some ways to spot phony business opportunities, work-at-home scams, shady employment agencies, and scammy multi-level marketing schemes. Read more
  • How to prepare yourself to deal with an emergency and avoid disaster-related scams: Having a plan and knowing how to spot disaster-related scams can make a difference to anyone recovering from a disaster. Read more
  • How to help protect foster youth from identity theft: Foster youth are at greater risk of identity theft, so here are ways to help protect them. Read more
  • No, that’s not an FTC commissioner on the phone: Nobody who works at the FTC will ever tell you to move your money to protect it. Read more
  • When sharing your info online leads to unwanted and unlawful telemarketing calls: Learn how to cut down on the number of unwanted telemarketing calls you get. Read more
  • This Medicare Open Enrollment season, learn how to protect yourself from scams: Learn to spot the scams that get more active around Medicare Open Enrollment Period. Read more
  • Thinking about selling your timeshare? Key steps to avoid scams: Key steps to avoid scams when selling your timeshare. Read more
  • Before you donate, find out where the money is going: Find out where the money is going before you donate to a cause. Read more
  • Who’s eligible for a refund from Amazon?: Amazon agreed to pay $2.5 billion to settle the FTC’s charges, so who gets a refund? Read more
  • Barrister found to have used AI to prepare for hearing after citing ‘fictitious’ cases: An immigration barrister was found to be using AI to do his work for a tribunal hearing. Read more
  • ROG Xbox Ally X review – like nothing handheld gaming has seen before, for better or worse: The ROG Xbox Ally X is an impressive, yet expensive, piece of gaming tech. Read more
  • Italian news publishers demand investigation into Google’s AI Overviews: Italian news publishers are calling for an investigation into Google’s AI Overviews. Read more
  • Spotify partnering with multinational music companies to develop ‘responsible’ AI products: Spotify is teaming up with the world’s biggest music companies to develop “responsible” artificial intelligence products. Read more
  • Cryptocurrency ATMs: Cryptocurrency ATMs are used to scam people out of their money, with usurious fees and a common place for scammers. Read more
  • Plug-in hybrids pollute almost as much as petrol cars, report finds: Plug-in hybrid electric vehicles (PHEVs) pump out nearly five times more planet-heating pollution than official figures show. Read more
  • 🎃 A Full Month of Privacy Tips from EFF | EFFector 37.14: EFF is helping you take control of your online privacy with Opt Out October. Read more
  • Opt Out October: Daily Tips to Protect Your Privacy and Security: EFF provides daily tips to protect your privacy and security during Opt Out October. Read more

United States

  • The Sensitive Data Bulk Transfer Rule: What You Need to Know: The U.S. Department of Justice’s Sensitive Data Bulk Transfer Rule is in effect, including due diligence and compliance requirements. Read more

cryptocurrency

  • Cryptocurrency ATMs: Cryptocurrency ATMs are used to scam people out of their money, with usurious fees and a common place for scammers. Read more

data breach

  • Incident Response Defenses: Can You Take Advantage of a Cyber Program Safe Harbor?: Organizations can take advantage of states’ safe harbor provisions for data incident preparedness. Read more

scams

  • Cryptocurrency ATMs: Cryptocurrency ATMs are used to scam people out of their money, with usurious fees and a common place for scammers. Read more
Contact Us for a FREE Security Consultation!
Picture of Chris Armour

Chris Armour

Director of Software Engineering at Grab The Axe, leads the development of secure, scalable software solutions that drive growth and innovation. With expertise in network security, coding, and AI, he aligns technology strategies with business goals while mentoring high-performing teams. He holds a Bachelor of Science degree in Network Security from the University of Advancing Technology and is dedicated to advancing digital security and software innovation.

YOU MIGHT ALSO LIKE

Animal Rescue Security

Enhancing Animal Rescue Security: A Comprehensive Case Study

The $102 Million Password: A Case Study in Converged Security at the Louvre

E-commerce Security

Enhancing E-commerce Security: A Comprehensive Case Study