This is today’s cyber news for October 21st, 2025. An AWS regional outage exposed hidden single-region dependencies, while CISA’s newest KEV entries pushed Oracle E-Business Suite to the front of many patch queues. We cover a supply-chain hit on developer ecosystems via “GlassWorm,” thousands of exposed WatchGuard firewalls, and a Windows SMB flaw now under active exploitation. Other stories include fallout from the F5 source-code theft, Windows recovery and smart-card breakages after October updates, a WSUS exploit proof-of-concept, and retail operations disrupted by supplier ransomware. The throughline: availability, identity, and third-party risk need fresh attention.
Listeners will hear concise five-sentence briefings for each story, with a plain-English impact statement, who’s most exposed, concrete signals to watch, and one practical next step. Leaders get clear decision prompts; defenders get operational tells they can check today. We also touch on DNS resolver changes in the EU, WhatsApp Web extension abuse, a UK defense contractor leak, an Android zero-click audio flaw, China’s allegations against the NSA, a targeted campaign using the “CAPI Backdoor,” a global SIM-fraud takedown, a tenant tool to find malicious OAuth apps, and a stealthy Windows persistence trick. The narrated feed is available at DailyCyber.news.