This is today’s cyber news for October 24th, 2025. We lead with an actively exploited flaw in a popular endpoint management tool that can hand attackers domain-level control if left unpatched. Retailers face session hijacking on Magento, while Microsoft is closing a quiet NTLM credential-leak path in File Explorer. An ill-timed agent update knocked some laptops off Entra I D, underscoring identity fragility. And the Medusa gang claimed and leaked a large Comcast data cache after a failed ransom, raising the risk of phishing, account takeover, and regulatory scrutiny.

You’ll also hear how SpaceX cut connectivity to scam centers using Starlink; a “DreamJob” lure targeted drone engineers; Vidar Stealer 2.0 grabs tokens from memory; and malicious VS Code extensions threaten developer pipelines. Retail “Jingle Thief” gift-card fraud, a shift to high-conviction smishing, a Toys “R” Us Canada leak, and a Galaxy S25 contest compromise round out the middle. We close with China-linked telecom and energy intrusions, spoofed AI sidebars, a “privacy” browser acting like spyware, an NGO-focused PhantomCaptcha campaign, 183 million credentials added to Have I Been Pwned, Maryland’s statewide VDP, and an AI browser screenshot flaw—available at DailyCyber.news.