It’s actually only gotten more sophisticated. 
The Ransomware Economy
How and Why the Dark Web Marketplace for Ransomware Is Growing at a Rate of More Than 2,500% Per Year
https://www.carbonblack.com/wp-content/uploads/2017/10/Carbon-Black-Ransomware-Economy-Report-101117.pdf
DoubleLocker: Innovative Android Ransomware
https://www.welivesecurity.com/2017/10/13/doublelocker-innovative-android-malware/
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
https://www.krackattacks.com/
https://papers.mathyvanhoef.com/ccs2017.pdf
https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/
https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
A cleaner, safer web with Chrome Cleanup
https://www.blog.google/products/chrome/cleaner-safer-web-chrome-cleanup/
ROCA: Vulnerable RSA generation (CVE-2017-15361)
https://crocs.fi.muni.cz/public/papers/rsa_ccs17
https://keychest.net/roca
https://www.infineon.com/cms/en/product/promopages/tpm-update/?redirId=59160
https://www.infineon.com/cms/en/product/promopages/rsa-update/rsa-background
State Of Software Security 2017
https://www.veracode.com/state-of-software-security-report
Leaked: Facebook security boss says its corporate network is run “like a college campus”
http://www.zdnet.com/article/leaked-audio-facebook-security-boss-says-network-is-like-a-college-campus/
A New IoT Botnet Storm is Coming
https://research.checkpoint.com/new-iot-botnet-storm-coming/
http://blog.netlab.360.com/iot_reaper-a-rappid-spreading-new-iot-botnet-en/
LokiBot - the first hybrid Android malware
https://clientsidedetection.com/lokibot___the_first_hybrid_android_malware.html
DUHK Attack Exposes Gaps in FIPS Certification
https://threatpost.com/duhk-attack-exposes-gaps-in-fips-certification/128582/
https://duhkattack.com/
https://duhkattack.com/paper.pdf
Unofficial patch against the DDE feature in MS Office:
https://0patch.blogspot.nl/2017/10/0patching-office-dde-ddeauto.html
As Microsoft will not come up with a patch soon, ACROS came up with this “micropatch”
polonus
“Cyber Conflict” Decoy Document Used In Real Cyber Conflict
http://blog.talosintelligence.com/2017/10/cyber-conflict-decoy-document.html
A suspicious adblocker puts iOS users’ privacy at risk
Threat Spotlight: Follow the Bad Rabbit
http://blog.talosintelligence.com/2017/10/bad-rabbit.html
https://www.welivesecurity.com/2017/10/24/kiev-metro-hit-new-variant-infamous-diskcoder-ransomware/
https://securelist.com/bad-rabbit-ransomware/82851/
http://blog.trendmicro.com/trendlabs-security-intelligence/bad-rabbit-ransomware-spreads-via-network-hits-ukraine-russia/
https://blog.avast.com/its-rabbit-season-badrabbit-ransomware-infects-airports-and-subways
Disclosure: WordPress WPDB SQL Injection - Background
https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-background.html
https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
IoTroop Botnet: The Full Investigation
https://research.checkpoint.com/iotroop-botnet-full-investigation/
Junkware Removal Tool to be discontinued
Malwarebytes will continue to provide service and support for JRT until End of Life (EOL) on April 26, 2018.
https://www.malwarebytes.com/junkwareremovaltool/
https://forums.malwarebytes.com/topic/213402-junkware-removal-tool-to-be-discontinued/
One less tool in the battle against the bad guys. 
Cryptocurrency mining malware sneaks onto Google Play
https://blog.avast.com/cryptocurrency-mining-malware-sneaks-onto-google-play