Issue #171 - October 13, 2025
- Weekly INK
- Oct 13
- 2 min read
Russia-linked hackers attack Texas electric cooperatives
Source: CyberNews
Qilin, the cybercriminal gang behind the alleged ransomware attacks, has listed two Texas electric distribution cooperatives as victims on its leak site on the dark web. One of the alleged victims is San Bernard Electric Cooperative, which has approximately 3,900 miles of electrical distribution lines serving approximately 28,000 households in eight Texas counties, including Austin, Colorado, Fayette, Grimes, Harris, Lavaca, Montgomery, and Waller.
Microsoft Drops Terrifyingly Large October Patch Update
Source: Dark Reading
October’s Patch Tuesday brings actively exploited bugs and high-severity flaws. For SMBs, the practical move is staged rollouts: patch internet-facing systems first, then critical business apps, and finally endpoints—backed by tested backups and maintenance windows.
Hackers exploit Cisco SNMP flaw to deploy rootkit on switches
Source: BleepingComputer
Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in older, unprotected Cisco networking devices to deploy a Linux rootkit and gain persistent access. The security issue leveraged in the attacks affects the Simple Network Management Protocol (SNMP) in Cisco IOS and IOS XE and leads to RCE if the attacker has root privileges.
Weak and Exposed: US Water Utilities a Chinese Hacker Target
Source: Data Breach Today
Rural America is a long way from Taiwan. But cyber power is no respecter of geography. Should China make good on its repeated threats to reunify the island by force, the utilities that provide water and power to small towns all over the United States may find themselves on the digital front lines of a 21st century superpower war.
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score - Already Under Active Attack
Source: The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-54253 (CVSS score: 10.0), a maximum-severity misconfiguration bug that could result in arbitrary code execution.