This is today’s cyber news for October 31st, 2025. Today’s brief opens with a polished LinkedIn “board invite” lure stealing Microsoft logins from finance leaders, then shifts to a one-click Chromium crash that can stall kiosks and call floors. We cover hundreds of Android apps abusing near field communication relays, a C I S A deadline to patch a VMware Tools privilege bug, and hacktivists toggling exposed industrial control panels. The middle pack spans a telecom supplier’s long-dwell breach, potential F C C rule rollbacks, attacks on Windows update plumbing, Redis RediShell takeovers, and an npm supply-chain sweep. We close with developer risks, major breach notices, A I data poisoning, and two ransomware and mobile-forensics storylines.

Leaders will hear the business stakes, third-party ripple effects, and which decisions cannot wait. Defenders get the operational tells: inbox rules and Open Authorization grants, browser crash telemetry, mobile relay behavior, Workspace ONE task anomalies, Redis module loads, and Adaptix C two post-exploitation patterns. Builders and platform teams will note dependency hygiene, extension governance, and provenance checks for retrieval pipelines. The Daily Brief is concise but practical—clear actions and signals to watch across cloud, identity, endpoint, and supply chain. A narrated version is available at DailyCyber.news.