412/68 Monday, October 20, 2025 Researchers at Fortinet have revealed that the hacker group Winos 4.0 (also known as ValleyRAT) is expanding its operations from China and Taiwan into Japan and Malaysia, using phishing campaigns to distribute the HoldingHands RAT (also tracked as Gh0stBins), a Remote Access Trojan that enables remote control of compromised machines. […]
411/68 Monday, October 20, 2025 Have I Been Pwned (HIBP), the well-known data breach notification service founded by security expert Troy Hunt, has revealed that the recent cyberattack against Prosper, a peer-to-peer (P2P) lending platform, may have impacted as many as 17.6 million users. The stolen data reportedly includes a wide range of sensitive personal […]
410/68 Friday, October 17, 2025 The UK Information Commissioner’s Office (ICO) has fined Capita £14 million (approximately $18.7 million) following a 2023 data breach that exposed the personal information of more than 6.6 million individuals. Capita is one of the UK’s largest outsourcing and business consulting firms, providing services to government bodies such as local […]
409/68 Friday, October 17, 2025 SAP has issued a security update addressing 13 newly discovered vulnerabilities, including one critical flaw with the highest severity rating (CVSS 10.0), tracked as CVE-2025-42944 in SAP NetWeaver. The issue, categorized as Insecure Deserialization, allows attackers to execute malicious commands. This vulnerability can be exploited remotely without authentication via the […]
408/68 Friday, October 17, 2025 Users of popular password managers LastPass and Bitwarden are being targeted in a new phishing campaign, where attackers send fake security alert emails claiming that the companies have been hacked. The emails urge recipients to immediately download a supposedly “more secure desktop version” of the software to protect their data. […]
407/68 Thursday, October 16, 2025 The U.S. Department of Justice (DOJ) announced the seizure of more than $15 billion worth of cryptocurrency (approximately 560 billion THB) from the leaders of the cybercrime network known as Prince Group, which orchestrated a massive crypto investment scam, also referred to as “Pig Butchering.” Victims were tricked into transferring […]
406/68 Thursday, October 16, 2025 Harvard University has confirmed that it was targeted in a cyberattack exploiting a vulnerability in Oracle E-Business Suite (EBS), after the Cl0p ransomware group published over 1.3 terabytes of data on its leak site on the Tor network. The university stated that the incident only affected a “small administrative unit” […]
405/68 Thursday, October 16, 2025 FortiGuard Labs, a cybersecurity research company, has disclosed a new wave of attacks spreading an information-stealing malware known as “Stealit.” Threat actors are disguising Stealit inside fake game and VPN installers, which they then upload to popular file-sharing platforms such as Mediafire and Discord to lure unsuspecting users into downloading […]
404/68 Wednesday, October 15, 2025 Unity Technologies, the developer of the Unity game engine-a widely used tool for building 3D games and applications-has confirmed that the website for SpeedTree, its graphics software and plugin marketplace, was compromised with malicious code on its payment page, resulting in the theft of customer data. The incident was detected […]
403/68 Wednesday, October 15, 2025 Researchers from the threat monitoring platform GreyNoise have detected a massive campaign leveraging over 100,000 botnet IP addresses worldwide to attack Remote Desktop Protocol (RDP) services in the United States. The campaign, which began on October 8, 2025, originates from multiple countries, including Brazil, Argentina, Iran, China, Mexico, Russia, South […]
