Multi-year wait for destruction comes to an end for mystery attackers Security experts have helped remove malicious NuGet packages planted in 2023 that were designed to destroy systems years in advance, with some payloads not due to hit until the latter part of this decade.…

This kind of material economic impact from online crooks thought to be a UK-first The Bank of England (BoE) has cited the cyberattack on Jaguar Land Rover (JLR) as one of the reasons for the country's slower-than-expected GDP growth in its latest rates decision.…

Move fast - miscreants compromised a domain controller in 17 hours Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity.…

Spies, not crooks, were behind digital heist – damage stopped at the backups, says US cybersec biz SonicWall has blamed an unnamed, state-sponsored collective for the September break-in that saw cybercriminals rifle through a cache of firewall configuration backups.…

Stolen creds let miscreants waltz into 17K employees' chats, spilling info on staff and partners Japanese media behemoth Nikkei has admitted to a data breach after miscreants slipped into its internal Slack workspace, exposing the personal details of more than 17,000 employees and business partners....

Meanwhile, others tried to social-engineer the chatbot itself Nation-state goons and cybercrime rings are experimenting with Gemini to develop a "Thinking Robot" malware module that can rewrite its own code to avoid detection, and build an AI agent that tracks enemies' behavior, according to Google ...

Retailer's tech systems aren’t down anymore, but the same can’t be said for its rocky financials Marks & Spencer says its April cyberattack will cost around £136 million ($177.2 million) in total.…

Curly COMrades strike again Russia's Curly COMrades is abusing Microsoft's Hyper-V hypervisor in compromised Windows machines to create a hidden Alpine Linux-based virtual machine that bypasses endpoint security tools, giving the spies long-term network access to snoop and deploy malware.…

France-based victims hit especially hard, while UK named most-targeted country generally Researchers are seeing a "dramatic" increase in cybercrime involving physical violence across Europe, with at least 18 cases reported since the start of the year.…

55 cuffed last week after court ruled sting operation was legal Australian police last week made 55 arrests using evidence gathered with a backdoored messaging app that authorities distributed in the criminal community.…

Rogues committed extortion while working for infosec firms A ransomware negotiator and an incident response manager at two separate cybersecurity firms have been indicted for allegedly carrying out ransomware attacks of their own against multiple US companies.…

Old-school cargo heists reborn in the cyber age Cybercriminals are increasingly orchestrating lucrative cargo thefts alongside organized crime groups (OCGs) in a modern-day resurgence of attacks on freight companies.…

PLUS: Cyber-exec admits selling secrets to Russia; LastPass isn't checking to see if you're dead; Nation-state backed Windows malware; and more Infosec in brief  Australia’s Signals Directorate (ASD) last Friday warned that attackers are installing an implant named “BADCANDY” on unpatched Cis...

Rare case of the state turning on its own, but researchers say it may be doing so more often Russia's Interior Ministry says police have arrested three suspects it believes helped build and spread the Meduza infostealer.…

Bitcoin bridge biz offers 10 percent reward to attackers if they play nice Blockchain company Garden admits it was compromised and temporarily shut down its app after approximately $11 million worth of assets were stolen.…

Expired security cert, real Brussels agenda, plus PlugX malware finish the job Cyber spies linked to the Chinese government exploited a Windows shortcut vulnerability disclosed in March – but that Microsoft hasn't fixed yet – to target European diplomats in an effort to steal defense and nationa...

Infosec agency warns hacktivists broke into critical infrastructure systems to tamper with controls Hacktivists have breached Canadian critical infrastructure systems to meddle with controls that could have led to dangerous conditions, marking the latest in a string of real-world intrusions driven b...

Emails confirm payroll and bank details lifted in cyberattack on US subsidiary Global marketing giant Dentsu is writing to current and former staff after a cyberattack on a subsidiary led to bank, payroll, and other sensitive data being stolen.…

Five Eyes intel alliance has created a team to target these scum who prey on kids Australia’s Federal Police (AFP) is working on an AI to interpret emojis and the slang used online by Generation Z and Generation Alpha, so it can understand them when they discuss crime online.…

Move follows months-long procurement process as retailer refreshes parts of its IT support setup UK retailer Marks & Spencer has replaced Tata Consultancy Services as its IT service desk provider following a procurement process that began in January.…

If at first you don’t succeed, patch and patch again More threat intel teams are sounding the alarm about a critical Windows Server Update Services (WSUS) remote code execution vulnerability, tracked as CVE-2025-59287 and now under active exploitation, just days after Microsoft pushed an emergency...

Ravin Academy confirms the intrusion on Telegram, says student data was stolen Iran's school for state-sponsored cyberattackers admits it suffered a breach exposing the names and other personal information of its associates and students.…

Jen Easterly says most breaches stem from bad software, and smarter tech could finally clean it up Ex-CISA head Jen Easterly claims AI could spell the end of the cybersecurity industry, as the sloppy software and vulnerabilities that criminals rely on will be tracked down faster than ever.…

Allows surveillance and cross-border evidence sharing, which worries human rights groups The United Nations on Saturday staged a signing ceremony for the Convention against Cybercrime, the world’s first agreement to combat online crime. And while 72 nations picked up the pen, critics continue to p...

Redmond says it's fixed this particular indirect prompt injection vuln updated  Microsoft fixed a security hole in Microsoft 365 Copilot that allowed attackers to trick the AI assistant into stealing sensitive tenant data – like emails – via indirect prompt injection attacks.…

The 0-days have left the building Federal prosecutors have charged a former general manager of US government defense contractor L3Harris's cyber arm Trenchant with selling secrets to an unidentified Russian buyer for $1.3 million.…

What?! No complimentary credit monitoring? The Canadian outpost of retailer Toys R Us on Thursday notified customers that attackers accessed a database, stole some of their personal information, then posted the data online.…

Check Point helps exorcise vast 'Ghost Network' that used fake tutorials to push infostealers Google has taken down thousands of YouTube videos that were quietly spreading password-stealing malware disguised as cracked software and game cheats.…

Criminal outfits had been using Musk's broadband beacons to run cyber-slavery scams across Southeast Asia SpaceX says it has shut down thousands of Starlink terminals that were powering Myanmar's notorious scam compounds after its satellite network was found to be keeping human trafficking and cyber...

That's a lot of extended warranties The Jaguar Land Rover (JLR) cyberattack could end up being the costliest such incident in UK history, billed at an estimated £1.9 billion and affecting over 5,000 organizations.…

Japanese retailer halts online orders after attack cripples third-party vendor Japanese retailer Muji is suspending online orders after logistics partner Askul was knocked offline by a ransomware attack.…

CISA adds high-severity flaw to KEV list, urges swift updating Uncle Sam's cyber wardens have warned that a high-severity flaw in Microsoft's Windows SMB client is now being actively exploited – months after it was patched.…

P2P lending platform says it could not verify the claims at present Data breach tracker HaveIBeenPwned claims the victim count of peer-to-peer lender Prosper's September cyberattack stands at 17.6 million.…

Who needs enemies when you have friends like Xi? China's cyberspies quietly broke into a Russian IT service provider in what researchers say is a rare example of Beijing turning its digital gaze on Moscow.…

Bill Cassidy letter asks if Switchzilla sat on critical flaws before feds were forced into emergency patching US Senator Bill Cassidy has fired off a pointed letter to Cisco over the firewall flaws that allegedly let hackers breach "at least one federal agency."…

Alert says financial account information lifted from systems Auction house Sotheby's says it was breached on July 24, and those behind the intrusion stole an unspecified amount of data, including Social Security numbers and financial account information.…

How to avoid your business being felled by an AI-powered ransomware attack that costs less than a laptop. Partner Content  KNP Logistics Group, a British transport company from Northamptonshire that’s been around longer than the mass-produced lightbulb, collapsed after a devastating security brea...

ICO makes example of outsourcing giant over sluggish cyber response The UK's Information Commissioner's Office (ICO) has issued a £14 million ($18.6 million) penalty to outsourcing giant Capita following a catastrophic 2023 cyberattack that exposed the personal data of 6.6 million people.…

Japan's beer behemoth still mopping up after ransomware spill that disrupted deliveries and delayed results Asahi's cyber hangover just got worse, with the brewer now admitting that personal information may have been tapped in last month's attack.…

Latest in a long line of EBS flaws leta miscreants remotely compromise enterprise systems to pinch sensitive data Oracle is rushing out another emergency patch for its embattled E-Business Suite as the fallout from the Clop-linked attacks continues to spread.…

Warn businesses to act now as high-severity incidents keep climbing Cyberattacks that meet upper severity thresholds set by the UK government's cyber agents have risen 50 percent in the last year, despite almost zero change in the volume of cases handled.…

'We will never stop,' say crooks, despite retiring twice in the space of a month The Scattered Lapsus$ Hunters (SLSH) cybercrime collective - compriseed primarily of teenagers and twenty-somethings - announced it will go dark until 2026 following the FBI's seizure of its clearweb site.…

Crooks phish campus staff, slip into HR systems, and quietly reroute paychecks Microsoft's Threat Intelligence team has sounded the alarm over a new financially-motivated cybercrime spree that is raiding US university payroll systems.…

US and French fuzz pull the plug on Scattered Lapsus$ Hunters' latest leak shop targeting Salesforce US authorities have seized the latest incarnation of BreachForums, the cybercriminal bazaar recently reborn under the stewardship of the so-called Scattered Lapsus$ Hunters, with help from French cyb...

Prospect apologizes for cyber gaffe affecting up to 160K members UK trade union Prospect is notifying members of a breach that involved data such as sexual orientation and disabilities.…

Affects users regardless of when their backups were created SonicWall has admitted that all customers who used its cloud backup service to store firewall configuration files were affected by a cybersecurity incident first disclosed in mid-September, walking back earlier assurances that only a small ...

CRM giant 'will not engage, negotiate with, or pay' the scumbags Salesforce won't pay a ransom demand to criminals who claim to have stolen nearly 1 billion customer records and are threatening to leak the data if the CRM giant doesn't pony up some cash.…

No fraud monitoring and no apology after miscreants make off with medical, financial data Florida-based Doctors Imaging Group has admitted that the sensitive medical and financial data of 171,862 patients was stolen during the course of a November 2024 cyberattack.…

Florida comms outfit serving cops, firefighters, and the military says hackers pinched some employee data but insists its systems stayed online BK Technologies, the Florida-based maker of mission-critical radios for US police, fire, and defense customers, has confessed to a cyber intrusion that brie...

It also banned some suspected Russian accounts trying to create influence campaigns and malware OpenAI has banned ChatGPT accounts believed to be linked to Chinese government entities attempting to use AI models to surveil individuals and social media accounts.…