Chinese Hackers: A new advisory reveals widespread cyberespionage activity by a Chinese state-sponsored threat actor. Operation details: Known flaws areโฆ
News
Persistent operations: Blind Eagle continues its advanced spearphishing and RAT-based malware campaigns. Malware targets: TAG-144โs focus remains primarily on Southโฆ
Targeting manufacturing: A sophisticated social engineering campaign targets supply chain-critical manufacturing companies with MixShell malware. How it starts: Hackers startโฆ
Salesforce theft: An OAuth token theft operation compromised the Salesloft SalesDrift platform, allowing unauthorized access to Salesforce environments. Impacted users:โฆ
Fifth conviction: The last of the five accused individuals was convicted for participating in a Nigerian fraud scheme targeting U.S.โฆ
AI integration issues: Managing AI integration within embedded systems in organizations reveals vulnerabilities. The discrepancy: Inadequate governance frameworks were seenโฆ
PRC-nexus espionage: A UNC6384 cyber operation demonstrates escalated capabilities in state-sponsored cyber espionage. Who is targeted: The multi-stage attack chainโฆ
State offices breach: Nevada Governor Joe Lombardo announced the closure of state offices due to a cyber intrusion. Impacted services:โฆ
RAT delivery: Security researchers observed a global campaign delivering PureHVNC, DCRat, and Babylon RAT, among others. Enterprise campaign: Phishing emailsโฆ
Threat trends: API vulnerabilities and AI-related risks are rising, with over 600 API-related CVEs disclosed in Q2 2025. Strategic shift:โฆ
Moniz Silva breach: The notorious Qilin threat actor announced the alleged breach of healthcare company Moniz Silva, citing ethical reasons.โฆ
Targeting email defense: A new phishing campaign reportedly targets both users and AI-based defenses. Prompt injection against AI: The plain-textโฆ
Discovery: Fake ghrc.io registry mimics GitHubโs legitimate ghcr.io. Risk: Developers may unknowingly pull malicious containers from the typo domain. Impact:โฆ
The botnet: Gayfemboy, a Mirai-based botnet, has been targeting IoT devices globally. Impact: It exploits known vulnerabilities in routers andโฆ
Massive Risk: Google Play 20+ VPN apps with 972M installs have flaws and expose users to major privacy threats. Hiddenโฆ
AI defense bypass: Security researchers discovered a significant AI defense bypass vulnerability via a routing logic exploit. ChatGPT-5 rules: Theโฆ
Streaming pirate arrest: Authorities arrested the operator of a popular pirate streaming site in Argentina and seized the associated goods.โฆ
Nissan breach: A post on the Qilin Ransomware leak site claims a branch of the Nissan design network was breached.โฆ
Healthcare cyberattack: Hackers accessed the lab database of U.S. dialysis services provider DaVita and 2.7 million records.ย What was impacted:โฆ
Prison sentence: The 55-year-old Chinese national who locked thousands of users out of their company accounts got four years inโฆ
Get expert insights on threats, breaches, scams, and security trends โ delivered every Saturday.
Most Popular
