‘Payroll Pirate’ Attacks Target U.S. Universities, Diverting Employee Salaries
Microsoft Threat Intelligence has revealed a spate of financially motivated cyberattacks against universities across the United States. The…
SonicWall: Firewall configs stolen for all cloud backup customers
SonicWall has confirmed that all customers that used the company's cloud backup service are affected by the security breach last month.…
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks
SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the…
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More
Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to…
SaaS Breaches Start with Tokens – What Security Teams Must Watch
Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen…
Qilin ransomware claims Asahi brewery attack, leaks data
The Qilin ransomware group has claimed the attack on Japanese beer giant Asahi by adding the company to the list of victims on its data leak…
Step Into the Password Graveyard… If You Dare (and Join the Live Session)
Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don't need…
OpenAI Finds Growing Exploitation of AI Tools by Foreign Threat Groups
OpenAI’s latest “Disrupting Malicious Uses of AI” report shows that hackers and influence operators are moving toward a more…
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware…
DraftKings warns of account breaches in credential stuffing attacks
Sports betting giant DraftKings has notified an undisclosed number of customers that their accounts had been hacked in a recent wave of…
Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials
Elastic has released a security advisory detailing a medium-severity vulnerability in the Kibana CrowdStrike Connector that could allow for…
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons…
CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief
Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity's agentic AI browser Comet by…
New Study Warns Several Free iOS and Android VPN Apps Leak Data
Millions who rely on free mobile Virtual Private Network (VPN) apps for online privacy may actually be putting their data at greater risk,…
Clop Ransomware Targets Oracle E-Business Suite: Extortion Wave Hits Global Enterprises
A new wave of extortion attacks linked to the Clop ransomware group has recently shaken organizations using Oracle E-Business Suite (EBS),…
Hackers Attempting to Exploit Grafana Vulnerability that Enables Arbitrary File Reads
Grafana, the popular open-source analytics and visualization platform, has once again become the target of a large‐scale, coordinated…
Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security
Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing…
Red Hat Confirms Data Breach After Hackers Claim to Steal 570GB of Private GitHub Repositories
Red Hat, the world’s leading enterprise open-source software provider, has officially confirmed a significant security incident…
Confucius APT Evolves: Espionage Group Shifts from WooperStealer to Advanced Python Backdoor AnonDoor
The Confucius group, a long-running cyber-espionage actor first identified in 2013, has resurfaced with a new wave of operations across South…
Free VPN Apps Found Riddled With Security Flaws
A large-scale study of free virtual private network (VPN) apps has uncovered serious privacy and security risks that affect both consumers and…
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
From unpatched cars to hijacked clouds, this week's Threatsday headlines remind us of one thing — no corner of technology is safe.…
Small Businesses and Ransomware: Navigating the AI Era Threat
Ransomware has evolved from a niche hacker tactic into a mainstream threat, and small businesses are increasingly in the crosshairs. While…
DoS Flaws in Argo CD: Unauthenticated Attackers Can Crash Kubernetes Server with Single Request
The Argo CD project has released patches addressing several denial-of-service (DoS) that could allow attackers to crash the argocd-server…
CISA Warns of Critical RCE Flaw (CVE-2025-10659, CVSS 9.8) in Megasys Telenium Online Web Application
The U.S. Cybersecurity and Infrastructure Agency (CISA) has issued a advisory warning of a critical in the Megasys Telenium Online Web…
Cyber Brief 25-10 – September 2025
Cyber Brief (September 2025)October 1, 2025 - Version: 1TLP:CLEARExecutive summaryWe analysed 285 open source reports for this Cyber Security…
Shortcut-based Credential Lures Deliver DLL Implants
A campaign that packages credential-themed ZIP archives with malicious Windows shortcut (.lnk) files has been tracked by cybersecurity…
New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones
A previously undocumented Android banking trojan called Klopatra has compromised over 3,000 devices, with a majority of the infections…
48+ Cisco Firewalls Vulnerable to Actively Exploited 0-Day Vulnerability in the Wild
A critical zero-day vulnerability affecting thousands of Cisco firewalls is being actively exploited by threat actors in the wild. The…
New MatrixPDF toolkit turns PDFs into phishing and malware lures
A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that…
Chinese hackers exploiting VMware zero-day since October 2024
Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has…
Threat Actors Allegedly Listed Veeam RCE Exploit for Sale on Dark Web
Veeam Backup & Replication, a cornerstone of many enterprises’ data protection strategy, has reportedly become the focus of a new…
Windows 11 KB5065789 update released with 41 changes and fixes
Microsoft has released the KB5065789 preview cumulative update for Windows 11 24H2, which includes 41 improvements, including…
Microsoft Flags AI Phishing Attack Hiding in SVG Files
Forget the old, error-filled emails you could spot easily. Cybercriminals have completely upgraded their methods, using AI (Artificial…
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO)…
You name it, VMware elevates it (CVE-2025-41244)
On September 29th, 2025, Broadcom disclosed a local privilege escalation vulnerability, CVE-2025-41244, impacting VMware’s guest service…
AI-Generated Code Used in Phishing Campaign Blocked by Microsoft
A credential phishing campaign that likely relied on AI-generated code to evade detection has been stopped by Microsoft Threat Intelligence.…
Akira ransomware: From SonicWall VPN login to encryption in under four hours
Four hours or less: that’s how long it takes for Akira affiliates to break into organizations and deploy the ransomware on their…
New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data
A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive…
SonicWall SSL VPN Attacks Escalate, Bypassing MFA
Security experts have warned of a surge in malicious activity from Akira ransomware actors targeted at victims running SonicWall SSL VPN…
Akira Ransomware Exploits SonicWall VPN Accounts With Lightning-Fast Intrusions
Akira ransomware Leaksite Arctic Wolf has observed a major uptick in Akira ransomware activity since late July 2025, with attackers…
Morte Botnet Unveiled: A Rapidly Growing Loader-as-a-Service Campaign Exploiting Routers and Enterprise Apps
Researchers at CloudSEK Threat Intelligence (TRIAD) have exposed a sophisticated botnet operation that systematically compromises SOHO…
Akira ransomware breaching MFA-protected SonicWall VPN accounts
Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully…