Daily Security Briefing #045

October 19, 2025 | Read Online

Windows 11 update breaks recovery mode peripherals, Volkswagen ransomware claims, Europol dismantles SIM farm and more…

Executive Summary

Today’s cybersecurity updates highlight significant disruptions and high-stakes incidents affecting both enterprise environments and consumers. Microsoft’s latest Windows 11 update has created critical usability issues in recovery mode, hampering troubleshooting efforts. Meanwhile, Volkswagen faces ongoing scrutiny after ransomware group 8Base claimed a data breach, raising questions over supply chain vulnerabilities. Europol’s takedown of a global SIM farm network signals progress against large-scale cybercrime infrastructures used for fraud. Additionally, growing malware distribution tactics through social platforms and hefty GDPR fines remind organizations of evolving threats and regulatory enforcement.

Top Articles

Windows 11 24H2/25H2 Update Breaks Mouse and Keyboard in Recovery Mode
The recent Microsoft cumulative update KB5066835 for Windows 11 has caused users’ USB mice and keyboards to stop functioning in the Windows Recovery Environment (WinRE). This issue impacts Windows 11 versions 24H2 and 25H2 as well as Windows Server 2025, presenting a major obstacle for system recovery and troubleshooting operations. Microsoft has yet to provide a resolution.
GBHackers

Volkswagen Allegedly Hacked in Ransomware Attack as 8Base Claims Data Leak
The 8Base ransomware group alleges it has stolen and leaked sensitive data from Volkswagen Group. While Volkswagen asserts that its core IT systems remain secure, the possibility of attack through third-party suppliers has not been ruled out, raising concerns about the breach’s scope and impact on the global automaker’s operations. Investigations are ongoing.
GBHackers | CyberPress

TikTok Videos Continue to Push Infostealers in ClickFix Attacks
Cybercriminals are exploiting TikTok videos posed as activation guides for popular software such as Windows, Spotify, and Netflix to distribute information-stealing malware. This deceptive campaign leverages TikTok’s reach to trick users into downloading malware under the guise of free activation keys, highlighting the growing use of social media platforms in malware propagation.
BleepingComputer

Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide
In a major law enforcement operation named SIMCARTEL, Europol disrupted a cybercrime network operating a SIM farm infrastructure. The network facilitated the creation of over 49 million fake accounts used in scams including phishing and investment fraud. The operation led to seven arrests and multiple raids. This takedown demonstrates a significant strike against cybercrime-as-a-service platforms.
TheHackerNews

Experian Fined $3.2 Million for Mass-Collecting Personal Data
Experian Netherlands has been fined EUR 2.7 million (approximately $3.2 million) for violations related to the General Data Protection Regulation (GDPR). The fine was imposed due to improper mass collection and processing of consumer personal data, underscoring the ongoing regulatory scrutiny and the need for strict compliance with data protection laws.
BleepingComputer

Why I Think Karpathy is Wrong on the AGI Timeline
In this opinion piece, the author critiques recent predictions made by Andrej Karpathy regarding the anticipated timeline for achieving artificial general intelligence (AGI). The discussion explores alternative viewpoints and considerations that suggest a different trajectory for AGI development, reflecting ongoing debate in the AI research community.
DanielMiessler

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.