X-Industry

Credit rating company TransUnion has suffered a data breach, which has impacted the personal information of nearly 4.5 million Americans.  The firm revealed that unauthorized access was gained to a third-party application serving its US consumer support operations in a notification letter to impacted customers.  The information was limited to specific data elements and did not include credit reports or core credit information.

TransUnion has not publicly provided any more details on the nature o

SquareX first discovered and disclosed Last Mile Reassembly attacks at DEF CON 32 last year, warning the security community of 20+ attacks that allow attackers to bypass all major SASE/SSE solutions and smuggle malware through the browser. Despite responsible disclosures to all major SASE/SSE providers, no vendor has made an official statement to warn its customers about the vulnerability in the past 13 months, that is until two weeks ago. 

As more attackers are leveraging Last Mile Reassembly t

North Korean hackers exploited OpenAI’s ChatGPT to generate deepfake military ID cards in a phishing campaign against South Korean defense-related institutions, researchers have found.  The July 2025 attack was credited to the Kimsuky group, also known as APT43, which has been sanctioned by the US and its allies for supporting Pyongyang’s foreign policy and sanctions-evasion efforts through intelligence-gathering operations.

South Korean cybersecurity firm Genians reports that the hackers used C

A new sneaky type of malware, known as Raven Stealer, has been identified by the Lat61 Threat Intelligence Team at Point Wild.  The research team, led by Onkar R. Sonawane, has found that this seemingly simple program is surprisingly adept at remaining undetected while stealing your personal information.  The research, shared with Hackread.com, reveals that the malware is primarily spread through underground forums and often bundled with pirated software.

Built using the programming languages De

In a recent warning to global organizations, cybersecurity firm Netscout has unveiled its latest DDoS Threat Intelligence Report for the first half of 2025, highlighting an unrelenting barrage of Distributed Denial-of-Service (DDoS) attacks that are increasingly sophisticated, geopolitically motivated, and amplified by artificial intelligence.  Netscout's report, titled "Digital Aftershocks: Collateral Damage from DDoS Attacks," documents over 8 million attacks worldwide, with more than 3.2 mill

Incident responders discovered a novel malware framework while investigating an attack on a Philippine military company attributed to a government-backed hacking group from China.  Cybersecurity company Bitdefender published a blog post this week about EggStreme,  a multi-stage toolset that gave the alleged Chinese hackers backdoor access to conduct an espionage campaign.  The core component of the malware, EggStremeAgent, allows hackers to perform reconnaissance, move laterally around a victim’

Cyber researchers have uncovered a large-scale software supply chain attack on GitHub dubbed “GhostAction”, which has exposed more than 3,300 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare API keys, AWS access keys, and database credentials so far.  

The campaign came to light after suspicious activity was detected in the FastUUID project on September 2.  Attackers had compromised maintainer accounts and injected a malicious GitHub Actions workflow designed to trigger on code

A joint study by Cybersecurity at MIT Sloan (CAMS) and Safe Security has examined 2,800 ransomware incidents and found that a staggering 80.83%, or more than 2,272 attacks, were driven by artificial intelligence. This statistic is not theoretical; it's based on comprehensive, real-world data collected during 2023–2024.

The Rethinking the Cybersecurity Arms Race working paper paints a vivid picture of how AI is transforming attack methods. Adversaries are no longer relying on manual orchestration

What began as a quiet investigation into suspicious Salesforce activity has escalated into one of the most significant SaaS supply chain incidents of the year. Google's Threat Intelligence Group (GTIG) reports that a threat actor, tracked as UNC6395, exploited compromised OAuth tokens from Salesloft's Drift integrations to extract data from multiple customers' Salesforce instances. The campaign ran at least from 8 to 18 August 2025. GTIG's assessment is blunt: "GTIG assesses the primary intent o

Cybercriminals are abusing Grok AI, the conversational assistant built into X (formerly Twitter), to spread malware through a campaign researchers have dubbed "Grokking."  The scheme was uncovered by Guardio Labs researcher Nati Tal, who found that attackers are leveraging Grok's trusted status on the platform to amplify malicious links hidden in promoted ads.[1]

Instead of including a clickable link directly in the ad where X's scanning mechanisms might detect i,t attackers hide the malicious U

In a significant move toward accountability, Qantas Airways has reduced short-term bonuses for its executive leadership, cutting 15% of their pay considering a recent cyber breach that compromised customer data for millions.  So, what happened, and what does it all mean for CISOs, their teams, and the broader corporate ecosystem?   Qantas slashed short-term bonuses in fiscal 2025 for its top executives, including CEO Vanessa Hudson, by 15%, amounting to a A$250,000 cut for the CEO and a combined

Organizations today are often ambivalent about agentic AI because of both its unpredictable failures and its potential use in cybercrime.  Agentic systems are increasingly being given more control and are operating autonomously, taking on complex tasks and decision-making processes on behalf of users.   These are often conducted with minimal human oversight, and agentic AI systems are interacting directly with enterprise systems to automate workflows.  While this approach offers efficiency in ro

Microsoft Corporation issued security updates on 9 September 2025 to fix more than 80 vulnerabilities in its Windows operating systems and software.  There are no known “zero-day” or actively exploited vulnerabilities in this month’s bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft’s most-dire “critical” label.  Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.

Microsoft assigns security flaws a “critical”

Our friends at FortiGuard Labs recently discovered a phishing campaign that employs multiple advanced evasion techniques.  These include the use of an Easy Programming Language (EPL) to develop a staged payload, concealing malicious operations and disabling security tools to prevent alert triggers, securing Command and Control (C2) communications using mutual TLS (mTLS), supporting various methods for deploying additional payloads, and even installing popular remote access tools to grant attacke

In collaboration with the internet intelligence platform Validin, SentinelLABS has been tracking activity on the platform, which we attribute with high confidence to North Korean threat actors involved in the Contagious Interview campaign cluster.  This activity, which took place between March and June 2025, involved the threat actors examining cyber threat intelligence (CTI) information related to their infrastructure.  Our unique visibility has provided valuable insights into their operational

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated

Autonomous vehicles and many other automated systems are controlled by AI, but the AI itself could be compromised by malicious attackers who take control of the AI’s weights.  Weights within AI’s deep neural networks represent the models’ learning and how it is used.  A weight is usually defined in a 32-bit word, and there can be hundreds of billions of bits involved in this AI's reasoning process.  It is a no-brainer that if an attacker controls the weights, they control the AI.[1]

A research t

The US needs a "whole-of-nation approach" to deterring and warding off cyber-attacks backed by foreign states, President Trump’s newly confirmed national cyber director said on 9 September.  Such attacks will continue until officials impose more severe consequences on bad actors, Sean Cairncross said in his first public address since his confirmation last month to lead the Office of the National Cyber Director.[1]

The nation “must send a message this behavior is unacceptable” and will come at a

Jaguar Land Rover (JLR) finds itself in a 'truly dreadful situation' after the cyber assault that shuttered numerous facilities last week, an expert has claimed.  The Coventry-headquartered automotive giant confirms it is operating 'round the clock' to address the continuing issue.

A statement previously issued by JLR disclosed the incident had caused significant disruption to business and production activities - the firm has now confirmed it is collaborating with specialists and police to tackl

Hackers, criminals, and spies are rapidly adopting Artificial Intelligence (AI), and considerable evidence is emerging of a substantial acceleration in AI-enabled crime.  This includes evidence of the use of AI tools for financial crime, phishing, distributed denial of service (DDoS), child sexual abuse material (CSAM), and romance scams.  In all these areas, criminal use of AI is already augmenting revenue generation and exacerbating financial and personal harms.  Scammers and social engineers,