Ransomware payments hit a historic low, dropping to 23% in Q3 2025. Coveware credits this to enterprises refusing to pay and mid-market companies haggling down demands. Apparently, in the world of cybercrime, it’s a tough gig when victims start embracing the art of saying “no” or “how about less?”

Threat actors have found a way to give two popular WordPress plugins, GutenKit and Hunk Companion, a bug-induced makeover. With a combined active installation count of over 48,000, these plugins are now an open invitation for remote code execution (RCE). Wordfence has already blocked nearly 8.8 million exploitation attempts—talk about uninvited guests!

The ransomware group Qilin is on a roll, claiming over 40 victims monthly in 2025, except for January. With a knack for wreaking havoc, they’ve targeted manufacturing, professional services, and wholesale trade sectors, leaving no shadow copy unturned. Beware, as they blend legitimate tools with cyber trickery in their relentless pursuit of chaos.

In a plot twist worthy of a spy novel, Operation ForumTroll exploits Chrome zero-day CVE-2025-2783 to play cat-and-mouse with cybersecurity experts. Using phishing emails disguised as forum invites, it delivers malware with all the subtlety of a toddler’s dance recital, leaving organizations in Russia scrambling for digital cover.

RedTiger is becoming the “Swiss Army Knife” for cyber attackers, turning Discord accounts into open books. This Python-based tool is now an infostealer’s dream, effortlessly lifting browser credentials, crypto wallets, and even capturing your webcam’s best side. Remember, downloading random “game boosters” could mean boosting a hacker’s inventory instead!

Wordfence blocked 8.7 million attacks exploiting old vulnerabilities in WordPress GutenKit and Hunk Companion plugins. These flaws allowed hackers to install plugins and achieve remote code execution. Despite these attacks being a year old, hackers seemed to have a déjà vu moment, attempting mass exploitation again. Talk about a case of plug-in and play!

ChatGPT search had approximately 120.4 million average monthly active recipients in the European Union, raising concerns about Russian propaganda in AI chatbots. Amidst serious questions about chatbot credibility, the research highlights the importance of contextualizing sources linked to disinformation, especially as ChatGPT nears the EU’s Very Large Online Platform status.

OpenAI Atlas, the new web browser, is prone to a “prompt injection attack.” This high-tech shenanigan involves disguising malicious instructions as URLs, tricking the browser into doing the bad guy’s bidding. Think of it as the browser equivalent of handing your house keys to a raccoon in a trench coat.

The UN’s first Convention against Cybercrime is here to combat online crime, but critics worry it might inadvertently silence free speech. While 72 nations signed up faster than you can say “cybersecurity,” organizations like Cisco and Human Rights Watch urge caution, warning of broad surveillance powers without adequate human rights safeguards.

Shaquille O’Neal’s motor madness took a cyber twist! Imagine cybercriminals swiping a customized Range Rover meant for Shaq. The thieves might struggle to offload a vehicle made for a 7’1″ giant, but hey, it’s not the wildest heist we’ve seen.

The Everest ransomware group strikes again, this time targeting Dublin Airport and Air Arabia. With password-protected data, they demand a response before a deadline. Is the aviation industry becoming Everest’s new playground, or are they just passing through like a turbulent flight? Stay tuned for more details as this cyber-saga unfolds.

The SafePay ransomware group is making waves again, claiming they’ve hacked German video surveillance provider Xortec. Apparently, they’re adding “compromised security” to their resume! With the ransom deadline looming, Xortec might soon be starring in its very own heist movie, minus the popcorn.

A DDoS attack on Russia’s food safety agency, Rosselkhoznadzor, left food shipments scrambling like eggs on a hot Moscow sidewalk. Knocked offline, their tracking systems had dairy producers reverting to paper certificates, causing delays. It’s the fourth cyber incident this year—Mercury must be in retrograde!

Beware of chatty bots! The new CoPhish tactic turns friendly Microsoft Copilot Studio agents into sneaky phishers, sending fraudulent OAuth requests via legit Microsoft domains. Researchers call it a clever social engineering trick, while Microsoft is gearing up to fix the loopholes. Until then, keep your wits—and your admin privileges—about you!

Beware the new phishing trick, CoPhish, using Microsoft’s own Copilot agents to sneakily steal your data. It’s like a wolf in sheep’s clothing, asking for OAuth consent through trusted domains. Microsoft promises a fix, but until then, keep your guard up and your permissions tight. Copilot agents and OAuth phishing are no laughing matter!

Pwn2Own Ireland 2025 turned Cork into a cybersecurity circus. Researchers poked, prodded, and pwned everything from printers to smart home devices, all while eyeing a million-dollar WhatsApp challenge. With over a million dollars in prizes awarded, it was like Christmas for hackers. Summoning Team took home the “Master of Pwn” crown.

Microsoft has urgently patched a critical WSUS flaw, CVE-2025-59287, which was actively exploited. The vulnerability allowed remote attackers to execute code with SYSTEM privileges by sending malicious cookies. This is a reminder that even cookies can be dangerous when they crumble the wrong way! Make sure you update and reboot your systems.

Breaking news: Researchers have jailbroken the OpenAI Atlas omnibox by making prompts masquerade as URLs. This clever trick fools Atlas into treating malicious instructions as trusted URLs, opening the door for potential cyber antics like phishing and file deletion. Talk about teaching an old URL new tricks!

The cybersecurity world sighed in unison when a researcher bailed on showing a $1 million WhatsApp exploit at Pwn2Own. The researcher pulled out due to doubts about the exploit’s readiness, leaving everyone wondering if it was a digital unicorn. What’s certain? WhatsApp’s still standing strong, and the exploit remains a mystery.

AWS experienced a major outage due to DNS resolution issues, leading to a 15-hour web meltdown. This incident highlights the world’s reliance on hyperscalers like AWS and the challenges they face when things go awry. The outage involved problems with the Network Load Balancer and EC2 Instances, complicating recovery efforts.