This is today’s cyber news for October 8th, 2025. A Fortune-scale standoff leads the brief as Salesforce refuses to pay after a mass data-theft extortion attempt. We also cover ShinyHunters’ new leak portal, active exploitation against Oracle E-Business Suite, Medusa’s push through GoAnywhere MFT, and a critical Redis flaw dubbed “RediShell.” Rounding out the lineup: CISA’s KEV addition for Zimbra, DraftKings credential-stuffing takeovers, Avnet’s supply-chain incident, a Cisco ASA/FTD zero-day chain with public PoC, and malware delivery through Microsoft Teams features.

Listeners will also hear about DPRK’s $2B crypto heists, how ransomware actors persist via legitimate remote-access tools, Google’s “won’t fix” stance on an ASCII-smuggling prompt attack in Gemini, the plugin-packed XWorm 6.0, and the “Mic-E-Mouse” side-channel. We close with Asahi’s ransomware disruption in Japan. Leaders get crisp decision cues; defenders get concrete control checks and signals to watch. It’s your concise, actionable rundown—also available at DailyCyber.news.