First we will have a lightning round of recent headlines, and then we’ll deep dive into as many of these stories as time allows. Please join us and add your comments live at 4:00pm ET by registering for the open discussion on YouTube Live
Microsoft security change for Azure VMs creates pitfalls
Microsoft postponed a planned Azure network security change to March 2026 after feedback from customers concerned it could disrupt apps dependent on public internet access. The update will make private subnets the default for new virtual networks, blocking automatic outbound connections to the internet to align with zero-trust principles. Existing networks won’t be affected, but experts warn firms to prepare now or risk broken workloads once the change takes effect. (Dark Reading)
Business rival credits cyberattack on M&S for boosting profits
British clothing retailer Next reported that it was “continuing to see sales overperform in the wake of a cyberattack on its rival Marks & Spencer.” It credits “favourable weather conditions and competitor disruption” for a 7.6% surge in sales in the first half of this year. According to reports from analytics company Kantar, Marks & Spencer rivals that had an online presence, such as including Zara, H&M and Sainsbury’s “all experienced a sales uplift, while clothing retailers without a significant online presence, such as Primark, did not.” (The Record)
OpenAI’s Aardvark GPT-5 agent finds and fixes code flaws automatically
This autonomous agent, currently available in private beta, works by “embedding itself into the software development pipeline, monitoring commits and changes to codebases, detecting security issues and how they might be exploited, and proposing fixes to address them using LLM-based reasoning and tool-use.” OpenAI added, Aardvark “analyses a project’s codebase to produce a threat model that it thinks best represents its security objectives and design. With this contextual foundation, the agent then scans its history to identify existing issues, as well as detect new ones by scrutinizing incoming changes to the repository.” (The Hacker News)
CyberRidge emerges with photonic encryption solution
Israeli cybersecurity startup CyberRidge emerged from stealth with $26 million in funding for its photonic encryption system, which transforms transmitted data into encrypted optical noise to prevent interception and quantum decryption. The system requires a constantly changing photonic key to access data, aiming to block “harvest now, decrypt later” attacks. Founded in 2021, CyberRidge already has deployments in defense, intelligence, and telecom sectors across Europe, Australia, Singapore, and Israel, and has 30 employees operating in Israel, Switzerland, and the U.S. (SecurityWeek)
Huge thanks to our sponsor, ThreatLocker
OpenAI Atlas browser hijacked
Researchers have discovered a new attack vector for OpenAI’s Atlas web browser, where its omnibox can be tricked into executing malicious prompts disguised as seemingly harmless URLs. If a user pastes one of these crafted URLs into the omnibox, Atlas interprets the input as trusted user intent, allowing attackers to redirect users, steal credentials, or even delete files from connected apps. The flaw stems from Atlas failing to strictly separate trusted user input from untrusted content, a common weakness in these kinds of browsers. (The Register), (The Hacker News)
BSOD fix?
Microsoft may have a solution to the impending doom that is the Blue Screen of Death (BSOD). Microsoft is testing a new Windows 11 feature that prompts users to run a memory scan after a blue screen of death (BSOD) to catch potential memory issues before they cause more crashes. The proactive memory diagnostics run during the next reboot and notify users if issues are found and mitigated, though it’s not yet available on ARM64 devices or systems with certain security protections. The feature is rolling out to Windows Insiders in the Dev and Beta channels as part of builds 26220.6982 and 26120.6982. (Bleeping Computer)
Microsoft fixes cause Windows update failures
Microsoft has fixed a known issue causing certain Windows 11 updates to fail, linked to missing language packs and feature payloads removed during Automatic or Manual Component Repair. The latest preview update appears to resolve the problem. Administrators unable to install it can use an In-Place Upgrade via installation media or Windows Settings to reinstall missing components without affecting personal files or apps. (Bleeping Computer)
New Android malware types like a human
Researchers at Dutch cybersecurity firm ThreatFabric identified an Android banking malware called Herodotus, which evades detection by mimicking human typing during remote control of infected devices. It’s said to be developed by an attacker known as K1R0, and can steal credentials and intercept one-time passcodes from banking and crypto apps.In Italy, Herodotus disguised itself as an app called Banca Sicura (“Safe Bank”), while in Brazil it posed as Modulo Seguranca Stone, likely pretending to be a security module for a local payment provider. The human-like nature makes automated detection that much harder. (The Record)
F5 claims limited impact from attack
Multicloud security and application delivery company F5 says a recent nation-state breach had limited customer impact. Attackers accessed source code, configuration data, and 44 undisclosed vulnerabilities, but most affected customers report the stolen data isn’t sensitive. F5 says it’s continuing code scans with third-party experts, expanding its bug-bounty program, and adding endpoint detection via CrowdStrike. The company does say it expects short-term revenue disruption in the first half of fiscal 2026. (CyberScoop)
Palo Alto Networks’ AI agents fight cyberattacks
Palo Alto Networks launched Cortex AgentiX, a new suite of AI agents that automate cybersecurity actions like investigating threats and responding to email breaches. CEO Nikesh Arora told CNBC the tools are designed to meet rising demand for automation amid increasingly complex attacks, with most agents still needing human review. This comes after Palo Alto’s $25 billion acquisition of Israeli identity security firm CyberArk. (CNBC)
LinkedIn users have until Monday to opt out of its AI training program
As reported by Graham Cluley, the Microsoft-owned company professional networking site has “quietly announced” that as of this upcoming Monday November 3, it will start using “profile details, public posts, feed activity data, and more from users in the UK, EU, Switzerland, Canada, and Hong Kong to train its artificial intelligence models – as well as to support personalised ads across the broader family of Microsoft companies.” The countries had been excluded from its AI training models to this point. Private messages will not be used, LinkedIn says. “Additional data from LinkedIn will also be shared with other Microsoft-related business entities, for the purposes of serving up more personalised and relevant ads,” Cluley says. (BitDefender)
FCC plans vote to remove cyber regulations installed after theft of presidential info from telecoms
This past week, the Federal Communications Commission announced plans to remove some cybersecurity regulations that had been put in place after Chinese hackers breached at least nine telecommunications giants to steal the correspondence of the President and Vice President last year. Chairman Brendan Carr released a statement that said, “the agency would reverse a declaratory ruling published in January which would have mandated telecoms to better secure their networks and submit annual certifications attesting to the creation of a cybersecurity risk management plan.” On Thursday, FCC Secretary Marlene Dortch added more context, saying that “telecoms have already taken voluntary steps to secure their networks and that the ruling was legally erroneous.”(The Record)