One poor crypto-bro lost $21 million last week after they leaked their private key Talk about oopsies

Cointelegraph

Hyperliquid Trader Loses $21M in Private Key Exploit

A $21 million exploit on Hyperliquid’s Hyperdrive protocol highlights rising DeFi security risks and the need for tighter wallet protection pract...

Talks from the REcon 2025 security conference, which took place in June, are available on YouTube https://www.youtube.com/@reconmtl/videos

Google does something really clever and now lets users recover their accounts through a family member or friends' account

Google

Recovery Contacts: Sign in with a little help from your friends and family

An overview of Recovery Contacts, so friends and family can verify your identity if you lose access to your Google account.

F5 says a state-sponsored hacking group stole BIG-IP source code and vulnerability reports

ffiv-20251015

-Windows 10 reaches End-of-Life -CISA layoffs didn't touch cyber personnel -US seizes $15 billion from cyber scam compound operator -Secure Boot bypass impacts 200k Framework systems -German police take down 1,400 scam sites -South Korea to investigate KT for obstruction over a breach -Ansell, Harvard breached -5CA denies role in Discord hack -Unity shop got skimmed -4chan fined in the UK -Calls to investigate TikTok in the UK Podcast:

Risky Bulletin: Windows 10 reaches End-of-Life - Risky Business Media

Windows 10 reaches End-of-Life, CISA cyber personnel avoided last week’s layoffs, the US seizes $15 billion dollars from a cyber-scam-comp [Read ...

Newsletter:

Risky.Biz

Risky Bulletin: Windows 10 reaches End-of-Life

In other news: CISA layoffs didn't touch cyber personnel; US seizes $15 billion from cyber scam compound operator; Secure Boot bypass impacts 200k ...

Another major surveillance provider exposed: First Wap Its product was used to track some very high-profile figures

Lighthouse Reports

Surveillance Secrets

Trove of surveillance data challenges what we thought we knew about location tracking tools, who they target and how far they have spread

The US seized today $15b from a mega cyber scam operator:

 

Elliptic says it tracked these funds to the the hack of Chinese mining pool LuBian in December 2020:

$15 billion seized by US originates from Iran/China bitcoin miner "theft"

The $15 billion in Bitcoin seized by US authorities from Prince group was stolen from a bitcoin mining business with links to Iran and China.

Things... are getting weird

Synacktiv looks at LinkPro, a new Linux eBPF-based rootkit it found deployed on a customer's hacked AWS infrastructure

Synacktiv

LinkPro: eBPF rootkit analysis

LinkPro: eBPF rootkit analysis

Chinese authorities have issued bounties for 18 Taiwanese military members. Police in China's Fujian province claim the 18 are part of Taiwan's "psychological warfare unit" that spread disinformation and propaganda on Taiwan's independence

German and Bulgarian authorities have seized more than 1,400 websites that were used for financial crypto scams. Officials recorded more than 866,000 attempts to access the sites over the ten days after they were seized, which highlighted the attackers' success https://www.bafin.de/SharedDocs/Veroeffentlichungen/DE/Pressemitteilung/2025/neu/meldung_2025_13_10_cyberkriminalitaet.html