👉 What are the latest cybersecurity alerts, incidents, and news?

https://creators.spotify.com/pod/profile/cybermaterial/episodes/October-20--2025---Cyber-Briefing-e39pba8

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get Help

🚨 Cyber Alerts

1. TikTok Videos Driving Infostealer Attacks

Cybercriminals are using TikTok videos that masquerade as free activation guides for popular software like Windows and Spotify to spread the Aura Stealer information-stealing malware via a social engineering technique called a ClickFix attack. Users are tricked into running a malicious PowerShell command that compromises their system, leading to the theft of saved credentials, cookies, and cryptocurrency wallet information.

2. Chrome Extensions Hijack WhatsApp Web

A massive spam campaign is targeting Brazilian users using 131 nearly identical, rebranded Google Chrome extensions designed to automate bulk messaging on WhatsApp Web. These add-ons, which collectively have over 20,900 active users, function as high-risk spamware, injecting code directly into the WhatsApp Web page to bypass the platform’s anti-spam and rate-limit controls, effectively enabling large-scale, automated outbound messaging.

3. Google Ads Used To Push Fake Software

A new, widespread cyberattack is targeting macOS developers with malicious versions of popular platforms like Homebrew, LogMeIn, and TradingView. This campaign is infecting users with potent info-stealing malware, including AMOS (Atomic macOS Stealer) and Odyssey, by tricking them into executing harmful installation commands in their Terminal.

For more alerts, click here!

Subscribe Now

💥 Cyber Incidents

4. AWS Outage Disrupts Major Services

A major AWS outage has taken down millions of websites and online services, including Amazon.com, PrimeVideo, Perplexity AI, and Canva. The disruption, which began approximately 30 minutes ago, is affecting consumers across all regions, including the United States and Europe, with Amazon confirming it is aware of the issue affecting multiple services in its US-EAST-1 Region.

5. Envoy Air Hit By Oracle System Hack

American Airlines’ subsidiary Envoy Air confirmed it was a victim of the recent cybercrime campaign targeting organizations using Oracle’s E-Business Suite (EBS), an attack attributed to the Cl0p ransomware group and a broader threat cluster known as FIN11. While the hackers posted more than 26 GB of allegedly stolen data and listed American Airlines on their leak site, Envoy Air stated that its investigation found no compromise of sensitive customer data, only a “limited amount of business information and commercial contact details

6. F5 Breach Hits 262000 BIGIP Systems

Nation-state threat actors successfully breached F5’s systems, stealing the source code and data on undisclosed flaws for their BIG-IP devices, which has exposed over 262,000 of these systems online, predominantly in the US. This major security incident, which F5 confirmed and attributed to a highly sophisticated group, raises significant concerns about widespread potential exploitation and the urgency for customers to secure their devices.

For more incidents, click here!

📢 Cyber News

7. Europol Busts SIMBox Ring Operation

Europol’s “SIMCARTEL” operation successfully dismantled a massive illegal SIM-box network that powered over 3,200 fraud cases across multiple countries, resulting in estimated losses of €4.5 million. The service, which used 40,000 active SIM cards to supply phone numbers for scams, extortion, and various other serious crimes, was taken down following the arrest of five individuals and the seizure of its extensive infrastructure.

8. China Claims US Cyberattacks On Time

The US National Security Agency (NSA) allegedly hacked China’s National Time Service Center (NTSC) starting in March 2022 by exploiting flaws in staff mobile phones, allowing the theft of sensitive data. China’s Ministry of State Security claims it has found “irrefutable evidence” of these cyberattacks against the center, which manages China’s official national time standard.

9. Experian Fined For Data Collection

Experian Netherlands was fined EUR 2.7 million by the Dutch Data Protection Authority (AP) for illegally processing personal data from various sources to create credit scores without informing or obtaining consent from the individuals involved, a significant violation of the GDPR. Following the ruling, Experian acknowledged the violation, ceased all operations in the Netherlands, and committed to deleting its entire database of personal data

For more news click here

Check Events

📈Cyber Stocks

On Monday, 20th October, cybersecurity stocks opened the week with mild gains, reflecting cautious optimism across the broader tech sector. Investor sentiment was supported by steady enterprise demand for AI-powered and zero-trust security solutions, as well as continued geopolitical cyber threats driving long-term sector confidence. However, profit-taking and competitive pressures in select segments kept gains modest, marking a relatively balanced start to the week.

• CrowdStrike closed at $484.65, up 0.5%, as renewed optimism around AI-driven endpoint protection and expanding platform adoption lifted investor confidence.

• Zscaler ended at $300.25, up 0.3%, supported by strong enterprise migration toward zero-trust cloud solutions amid consistent demand trends.

• Palo Alto Networks finished at $207.89, up 1.2%, boosted by positive sentiment around its acquisition strategy and security platform integration roadmap.

• Okta settled at $87.43, down 0.3%, as competition in the identity management market and near-term growth concerns weighed slightly on investor outlook.

• Fortinet closed at $83.44, up 0.4%, aided by global geopolitical tensions sustaining demand for network protection, though firewall upgrade concerns limited upside.

💡 Cyber Tip

Beware of “Free Software” TikToks - The ClickFix Infostealer Trap

Cybercriminals are using TikTok videos that masquerade as free activation guides for popular software like Windows and Spotify to spread the Aura Stealer information-stealing malware via a social engineering technique called a ClickFix attack. Users are tricked into running a malicious PowerShell command that compromises their system, leading to the theft of saved credentials, cookies, and cryptocurrency wallet information.

🔐 What You Should Do

• Never copy and run commands: Do not copy-paste any command (especially a one-line PowerShell script) from a TikTok video or unverified website into your computer’s terminal (PowerShell, Command Prompt, Terminal, etc.).

• Only use official sources: Always download or activate software (Windows, Spotify, Adobe, etc.) directly from the official developer’s website or trusted app stores.

• Immediately change compromised passwords: If you have run one of these malicious commands, assume all your credentials are stolen and immediately change the passwords for every account you use, starting with critical ones like banking and email.

• Run a full security scan: Use a reputable, updated antivirus/anti-malware program to perform a deep scan of your entire system.

⚠️ Why This Matters
Cybercriminals are using these fake activation guides to trick you into running a malicious script that installs the Aura Stealer malware. This malware immediately harvests and sends off all your saved passwords, cookies, and cryptocurrency wallet information, leading to complete digital identity theft.

Visit Book Club

📚 Cyber Book

Hacker and Cybersecurity: Infinitely Accelerated Shopping Revolution by Carlton Napper

Get Book

That concludes today’s briefing . You can check the top headlines here!

Copyright © 2025 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.