A phishing campaign evolved from a simple Python-based infostealer to deploying PureRAT, a sophisticated remote access trojan. The attackers used clever tactics like DLL sideloading and process hollowing, and the operation was traced back to Vietnam. This highlights the need for defense-in-depth strategies to handle complex threats.

A 17-year-old hacker allegedly linked to Scattered Spider was released to his parents after cyberattacks hit Vegas casinos. Despite a clean record, prosecutors claim he has $1.8 million in Bitcoin. Restrictions include limited electronics use—no more Netflix marathons! Will he hold on to his freedom or gamble it away? Stay tuned!

North Korea-linked threat actors, known for the Contagious Interview campaign, are targeting software developers through fake job offers on platforms like LinkedIn. The campaign employs the AkdoorTea backdoor and other malware to steal cryptocurrency and sensitive data. DeceptiveDevelopment, as dubbed by ESET, cleverly blends social engineering with open-source tools for a nefarious touch.

RTX confirmed that a ransomware attack disrupted airport services, causing delays and cancellations, as airlines resorted to manual processes. The ransomware, HardBit, infected systems supporting passenger processing software. While RTX continues to investigate, European airports are still feeling the impact. Meanwhile, a 40-year-old suspect was arrested and released on bail in the UK.

Politics in the workplace can be a security risk, introducing divisiveness, exclusion, and groupthink. Keep political beliefs out of professional forums to maintain a cohesive and effective security team. Your organization’s security posture will thank you, and your water cooler conversations will become blissfully boring again.

RedNovember, a Chinese cyberespionage group, has compromised US defense contractors and various organizations worldwide, says Recorded Future. The group exploits vulnerabilities in devices like Cisco and Sophos, deploying the Pantegana backdoor and tools like Cobalt Strike. Their global targets include government, aerospace, and private sectors, focusing on newly disclosed vulnerabilities.

Microsoft is offering free Extended Security Updates for Windows 10 users in the European Economic Area. This move comes after pressure from Euroconsumers, who argued that access to security updates shouldn’t hinge on using Microsoft services. Now, European users can enjoy a reprieve from updating to Windows 11, with no strings attached.

Google’s Threat Intelligence Group and Mandiant have uncovered a Chinese cyberespionage campaign involving the stealthy backdoor BrickStorm. The hackers, tracked as UNC5221, linger in networks for over a year, targeting industries like SaaS and technology. Their mission? Pilfer source code to uncover zero-day vulnerabilities, because why not multitask while you’re at it?

UNC5221, a Chinese-aligned threat cluster, is causing a digital ruckus by hacking into US organizations. Their favorite pastime? Exploiting zero-day vulnerabilities and poking around in emails. With a sophisticated BRICKSTORM backdoor, they sneak into VMware systems and stay hidden, evading traditional security tools while causing a virtual storm!

Cisco’s IOS is once again the belle of the vulnerability ball, thanks to a new zero-day flaw, CVE-2025-20352. Attackers are using it to crash devices or run code as root. The only dance move here is to patch, while Cisco suggests limiting SNMP access as a temporary tango.

Security for SaaS is a shared responsibility, like splitting a dinner bill. Providers secure the cloud; customers secure their data. But with hundreds of SaaS apps, it’s like herding cats on a tightrope. The SaaS Security Capability Framework aims to standardize controls, making securing SaaS less of a circus act.

The Co-op lost £206m in revenue due to a “malicious” cyber-attack, with sales impacts continuing into H2 2025. Linked to the Scattered Spider group, the attack also targeted M&S and Harrods. Co-op’s CEO praised resilience but noted areas for improvement. Meanwhile, UK law enforcement arrested four suspects, three of whom were teenagers.

The Gcore Radar report shows DDoS attacks are evolving at breakneck speed, with a 41% increase in attack volume. The tech sector now leads as the top target, overtaking gaming. Attackers are getting creative with multi-layered strategies and sustained assaults. In the DDoS landscape, it’s survival of the fittest—or fastest!

Fortra’s GoAnywhere MFT solution faces a CVE-2025-10035 flaw with a perfect 10.0 risk score, risking system takeover. The vulnerability exploits deserialization in the License Servlet. With over 20,000 instances exposed online, experts urge immediate patch updates and restricted access to prevent a potential cyber calamity.

Get ready to pose for the EU Entry/Exit System (EES), going live soon! Travelers, including Britons and Americans, will now need to register fingerprints and facial images to enter the Schengen area. Say goodbye to passport stamps and hello to the ultimate selfie experience at border controls! EES: Because who doesn’t love a surprise photo…

Volvo Group North America is alerting employees about a data breach linked to a Swedish IT company, Miljödata, hit by ransomware. This cyber fiasco exposed personal details, including Social Security numbers. Affected individuals get 18 months of free identity protection—because nothing says “sorry we lost your data” like complimentary credit monitoring!

SecurityScorecard’s report reveals that 53% of Indian vendors experienced third-party breaches, with outsourced IT operations taking the lead. While 27% of vendors flunked cybersecurity ratings, 25% scored an “A,” proving that some can ace cyber threats. Looks like India’s supply chain security needs a bit more than a patch job!

BRICKSTORM malware, the digital equivalent of a ninja, has been quietly infiltrating US companies for over a year. With the finesse of a cat burglar, these hackers are swiping sensitive data while Mandiant researchers chase them down. It’s a classic game of cyber cat and mouse, but with Chinese hackers and a lot more zeros…

The Co-operative Group is grappling with an £80 million hangover from a cyberattack, which left its systems offline earlier this year. Despite thwarting full-blown ransomware, Co-op suffered chaos, lost revenue, and a data breach affecting 6.5 million members. The retailer slumped to a £32 million loss, offering discounts to woo back customers.

Cisco’s latest patch party squashes 14 vulnerabilities in IOS and IOS XE, including a wild stack overflow bug. Low-privilege attackers can cause chaos with denial-of-service attacks, while high-privilege ones can play hacker-in-chief. Cisco urges users not to play “Who Wants to be a Vulnerable Millionaire?” and update pronto!