Daily Cyber News – October 6th, 2025
This is today’s cyber news for October 6th, 2025. We open with a Zimbra zero-day delivered through malicious calendar files and why auto-parsing turns invites into compromise. Then we look at researchers repurposing Amazon’s X-Ray tracing for command-and-control, a fivefold surge of scans on Palo Alto portals, and fresh additions to CISA’s Known Exploited Vulnerabilities list. Rounding out the top set, Discord disclosed a third-party support breach exposing personal data and IDs, raising the risk of targeted phishing against recent ticket holders.
You’ll also hear about ParkMobile’s 2021 breach settlement, the “WireTap” side-channel against Intel SGX, a Unity ecosystem flaw with supply-chain implications, Outlook’s SVG block, and new Salesforce leak-site claims. We cover Oracle E-Business extortion emails, the DNS-abusing “Detour Dog” operation feeding Strela, Rhadamanthys stealer upgrades, and the troubling rise of exposed ICS/OT devices. Closing stories include Android spyware impersonating Signal and ToTok, the SORVEPOTEL WhatsApp worm, the Cavalry Werewolf espionage cluster, risks around Windows “Speak for Me,” a full-stack Chinese-language crime crew, and Signal’s post-quantum key upgrade—available at DailyCyber.News
