X-Industry

The US Secret Service on 23 September reported it has foiled what appears to be a sophisticated plot for cyber-espionage and disruption of mobile networks in New York at a time when more than 100 heads of state and governments and foreign ministers are in the city for the UN General Assembly’s leaders’ session.

In a statement, the Secret Service said that the agency recovered more than 300 co-located SIM servers and 100,000 SIM cards across multiple sites in New York tristate area.  The agency s

Ransomware attacks may have decreased recently, but that does not mean the risk has gone.  It remains one of the most disruptive cyber threats facing organizations.   Headlines sometimes create a false sense of relief.  Ransomware attacks are down by 15%, according to Verizon's latest DBIR report, but those of us working in cybersecurity know this doesn’t give the whole picture.  The most important issue isn’t how often an attack occurs; it is what happens to the organization when it does.

The f

The automotive sector, once defined by mechanical innovation, now operates in a digital ecosystem riddled with cybersecurity vulnerabilities.  From 2023 to 2025, the industry has witnessed a seismic shift in the scale and sophistication of cyber threats, with ransomware attacks, data breaches, and supply chain compromises becoming the new normal.  According to Upstream's 2025 Global Automotive Cybersecurity Report, 60% of cybersecurity incidents in 2024 involved data and privacy breaches, a 20%

A Chinese state-sponsored threat actor known as TA415 has been linked to a string of spearphishing attacks against US government entities, think tanks, and academic institutions in July and August of 2025.  The campaign tailored its lures by using US-China economic and trade topics, even impersonating the US-China Business Council and the Chair of the House Select Committee on Strategic Competition to target individuals focused on relations and policy between the two nations.

Emails appeared to

US lawmakers have accused the Chinese government of being behind a cyber espionage campaign that impersonated a prominent Congressman.  The House Select Committee on Strategic Competition between the US and the Chinese Communist Party (CCP) said that CCP-affiliated actors impersonated its Chairman, Representative John Moolenaar (R-MI), in emails to “trusted counterparts” to try and trick them into malicious files and links.[1]

These files and links were designed to grant attackers access to vict

Adobe has warned of a critical security flaw in its Commerce and Magento Open Source platforms that, if successfully exploited, could allow attackers to take control of customer accounts.  The vulnerability, tracked as CVE-2025-54236 (aka SessionReaper), carries a CVSS score of 9.1 out of a maximum of 10.0.  It has been described as an improper input validation flaw.  Adobe said it's not aware of any exploits in the wild.   "A potential attacker could take over customer accounts in Adobe Commerc

As part of the latest wave of Big Tech spending on AI, Google recently announced a $9 billion investment to build a new data center campus in Loudoun County, Virginia, part of what's being called "Data Center Alley."  This kind of development is not confined to Northern Virginia.  Across the country, a data center industrial boom is reshaping landscapes, local economies, and the environment.

The Cool Down set out to map and analyze the impact of these changes across the country, interviewing top

Credit rating company TransUnion has suffered a data breach, which has impacted the personal information of nearly 4.5 million Americans.  The firm revealed that unauthorized access was gained to a third-party application serving its US consumer support operations in a notification letter to impacted customers.  The information was limited to specific data elements and did not include credit reports or core credit information.

TransUnion has not publicly provided any more details on the nature o

SquareX first discovered and disclosed Last Mile Reassembly attacks at DEF CON 32 last year, warning the security community of 20+ attacks that allow attackers to bypass all major SASE/SSE solutions and smuggle malware through the browser. Despite responsible disclosures to all major SASE/SSE providers, no vendor has made an official statement to warn its customers about the vulnerability in the past 13 months, that is until two weeks ago. 

As more attackers are leveraging Last Mile Reassembly t

North Korean hackers exploited OpenAI’s ChatGPT to generate deepfake military ID cards in a phishing campaign against South Korean defense-related institutions, researchers have found.  The July 2025 attack was credited to the Kimsuky group, also known as APT43, which has been sanctioned by the US and its allies for supporting Pyongyang’s foreign policy and sanctions-evasion efforts through intelligence-gathering operations.

South Korean cybersecurity firm Genians reports that the hackers used C

A new sneaky type of malware, known as Raven Stealer, has been identified by the Lat61 Threat Intelligence Team at Point Wild.  The research team, led by Onkar R. Sonawane, has found that this seemingly simple program is surprisingly adept at remaining undetected while stealing your personal information.  The research, shared with Hackread.com, reveals that the malware is primarily spread through underground forums and often bundled with pirated software.

Built using the programming languages De

In a recent warning to global organizations, cybersecurity firm Netscout has unveiled its latest DDoS Threat Intelligence Report for the first half of 2025, highlighting an unrelenting barrage of Distributed Denial-of-Service (DDoS) attacks that are increasingly sophisticated, geopolitically motivated, and amplified by artificial intelligence.  Netscout's report, titled "Digital Aftershocks: Collateral Damage from DDoS Attacks," documents over 8 million attacks worldwide, with more than 3.2 mill

Incident responders discovered a novel malware framework while investigating an attack on a Philippine military company attributed to a government-backed hacking group from China.  Cybersecurity company Bitdefender published a blog post this week about EggStreme,  a multi-stage toolset that gave the alleged Chinese hackers backdoor access to conduct an espionage campaign.  The core component of the malware, EggStremeAgent, allows hackers to perform reconnaissance, move laterally around a victim’

Cyber researchers have uncovered a large-scale software supply chain attack on GitHub dubbed “GhostAction”, which has exposed more than 3,300 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare API keys, AWS access keys, and database credentials so far.  

The campaign came to light after suspicious activity was detected in the FastUUID project on September 2.  Attackers had compromised maintainer accounts and injected a malicious GitHub Actions workflow designed to trigger on code

A joint study by Cybersecurity at MIT Sloan (CAMS) and Safe Security has examined 2,800 ransomware incidents and found that a staggering 80.83%, or more than 2,272 attacks, were driven by artificial intelligence. This statistic is not theoretical; it's based on comprehensive, real-world data collected during 2023–2024.

The Rethinking the Cybersecurity Arms Race working paper paints a vivid picture of how AI is transforming attack methods. Adversaries are no longer relying on manual orchestration

What began as a quiet investigation into suspicious Salesforce activity has escalated into one of the most significant SaaS supply chain incidents of the year. Google's Threat Intelligence Group (GTIG) reports that a threat actor, tracked as UNC6395, exploited compromised OAuth tokens from Salesloft's Drift integrations to extract data from multiple customers' Salesforce instances. The campaign ran at least from 8 to 18 August 2025. GTIG's assessment is blunt: "GTIG assesses the primary intent o

Cybercriminals are abusing Grok AI, the conversational assistant built into X (formerly Twitter), to spread malware through a campaign researchers have dubbed "Grokking."  The scheme was uncovered by Guardio Labs researcher Nati Tal, who found that attackers are leveraging Grok's trusted status on the platform to amplify malicious links hidden in promoted ads.[1]

Instead of including a clickable link directly in the ad where X's scanning mechanisms might detect i,t attackers hide the malicious U

In a significant move toward accountability, Qantas Airways has reduced short-term bonuses for its executive leadership, cutting 15% of their pay considering a recent cyber breach that compromised customer data for millions.  So, what happened, and what does it all mean for CISOs, their teams, and the broader corporate ecosystem?   Qantas slashed short-term bonuses in fiscal 2025 for its top executives, including CEO Vanessa Hudson, by 15%, amounting to a A$250,000 cut for the CEO and a combined

Organizations today are often ambivalent about agentic AI because of both its unpredictable failures and its potential use in cybercrime.  Agentic systems are increasingly being given more control and are operating autonomously, taking on complex tasks and decision-making processes on behalf of users.   These are often conducted with minimal human oversight, and agentic AI systems are interacting directly with enterprise systems to automate workflows.  While this approach offers efficiency in ro

Microsoft Corporation issued security updates on 9 September 2025 to fix more than 80 vulnerabilities in its Windows operating systems and software.  There are no known “zero-day” or actively exploited vulnerabilities in this month’s bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft’s most-dire “critical” label.  Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.

Microsoft assigns security flaws a “critical”