Security Leftovers

posted by Roy Schestowitz on Oct 16, 2025

• LWN ☛ Security updates for Wednesday

  Security updates have been issued by AlmaLinux (kernel, kernel-rt, vim, and webkit2gtk3), Debian (distro-info-data, https-everywhere, and php-horde-css-parser), Fedora (inih, mingw-exiv2, mirrorlist-server, rust-maxminddb, rust-monitord-exporter, rust-prometheus, rust-prometheus_exporter, rust-protobuf, rust-protobuf-codegen, rust-protobuf-parse, and rust-protobuf-support), Mageia (fetchmail), Oracle (gnutls, kernel, vim, and webkit2gtk3), Red Hat (kernel, kernel-rt, and webkit2gtk3), Slackware (mozilla), SUSE (curl, libxslt, and net-tools), and Ubuntu (linux-azure-5.15, linux-azure-6.8, linux-azure-fips, linux-oracle, linux-oracle-6.14, and linux-raspi).

• OpenSSF (Linux Foundation) ☛ Announcing the Sigstore Transparency Log Research Dataset

  We’re pleased to announce the creation of a new BigQuery public dataset, rekor. The rekor dataset is an easily-queryable mirror of the public good instance of Sigstore’s transparency log, Rekor.

• Scoop News Group ☛ F5 discloses breach tied to nation-state threat actor

  F5, a company that specializes in application security and delivery technology, disclosed Wednesday that it had been the target of what it’s calling a “highly sophisticated” cyberattack, which it attributes to a nation-state actor.

• Federal News Network ☛ CISA directs agencies to address ‘significant cyber threat’

  CISA is directing agencies to address vulnerabilities in widely used F5 products, after the company disclosed it was the victim of a "nation-state" hack.

• Security Week ☛ Adobe Patches Critical Vulnerability in Connect Collaboration Suite

  Adobe has published a dozen security advisories detailing over 35 vulnerabilities across its product portfolio.

• Security Week ☛ High-Severity Vulnerabilities Patched by Fortinet and Ivanti

  Fortinet and Ivanti have announced their October 2025 Patch Tuesday updates, which patch many vulnerabilities across their products. 

• Security Week ☛ Customer Service Firm 5CA Denies Responsibility for Discord Data Breach

  After being named by Discord as the third-party responsible for the breach, 5CA said none of its systems were involved.

• Hackaday ☛ Attack Turns Mouse Into Microphone

  As computer hardware gets better and better, most of the benefits are readily apparent to users. Faster processors, less power consumption, and lower cost are the general themes here. But sometimes increased performance comes with some unusual downsides. A research group at the University of California, Irvine found that high-performance mice have such good resolution that they can be used to spy on a user’s speech or other sounds around them.

• Security Week ☛ F5 Says Nation-State Hackers Stole Source Code and Vulnerability Data

  F5 shared few details on the threat actor, but the attack profile seems to point to China.

• Security Week ☛ ICS Patch Tuesday: Fixes Announced by Siemens, Schneider, Rockwell, ABB, Phoenix Contact

  Over 20 advisories have been published by industrial giants this Patch Tuesday.

• SANS ☛ Clipboard Pictures Exfiltration in Python Infostealer, (Wed, Oct 15th)

  For a while, clipboard content has been monitored by many infostealers.