Cybersecurity News Roundup – October 11, 2025

Cybersecurity landscape continues to evolve at a rapid pace. Here’s a recap of the top stories and developments from October 11, 2025.

Salesforce refuses to negotiate with hackers

Salesforce confirmed that it will not pay ransom to a criminal group that claims to have stolen customer data from cloud databases. The company’s stance follows a string of extortion attempts in which threat actors exfiltrated data from third‑party managed environments and then demanded payment to avoid public disclosure. Salesforce stated that it is working with affected customers and law enforcement and has not found evidence that core platforms were compromised. The incident underscores the continuing risk of supply‑chain attacks and the importance of incident response plans.

Docker’s Hardened Images catalog goes unlimited

Docker announced that its Hardened Images catalog – a repository of container images that have been security‑hardened and tested – is now free and unlimited for all users. Previously limited by pull quotas, the new model makes certified images available without limits. This move is aimed at helping startups and small organisations deploy secure container infrastructure without incurring additional costs. Docker said the catalog will continue to be updated regularly and encourages users to adopt these hardened images to reduce vulnerability exposure.

Microsoft closes more Windows 11 account bypasses

Microsoft released updates to Windows 11 closing multiple methods that allowed installers to create local accounts and avoid the requirement to sign in with a Microsoft account during setup. Security researchers had documented several techniques to work around the account requirement, including unplugging network cables and using command prompts. The new updates block these loopholes. Microsoft recommends that users apply all available updates to ensure they are running the most secure version of the operating system.

Other notable updates

- Researchers disclosed several high‑severity vulnerabilities in common VPN and firewall appliances; vendors have issued patches.

- A data leak at a regional hospital exposed patient records; authorities are investigating and have warned of potential identity theft.

- A new phishing campaign is targeting employees of financial institutions with fake invoice notifications that deliver malware.

Key takeaways

- Don’t negotiate with criminals: Salesforce’s stance highlights that paying ransom only fuels further attacks.

- Use trusted images: Leverage hardened container images to reduce risk in development and deployment pipelines.

- Keep systems updated: Apply vendor patches promptly, particularly for operating systems and networking equipment.

- Educate your team: Ongoing training and awareness programmes remain critical to mitigating phishing and social engineering attacks.

By staying informed and applying security practices, organisations and individuals can better protect themselves an ever‑changing threat . .