Cybercrime
-
Netskope seeks up to $6.5 billion valuation in U.S. IPO
Netskope said it is seeking up to a $6.5 billion valuation in a U.S. IPO, proposing to sell 47.8 million shares at $15–$17 to raise up to $813 million; it plans to list on Nasdaq under the symbol NTSK with Morgan Stanley and J.P. Morgan as lead underwriters.
-
Plex urges password resets after data breach; authentication data exposed
Plex disclosed a data breach that exposed a subset of customer data, including emails, usernames, and securely hashed passwords. The company urged users to reset their passwords, sign out of devices, and enable two-factor authentication, noting that no payment card data was affected.
-
GhostAction: GitHub supply-chain attack exposes 3,325 secrets across hundreds of repositories
Researchers say a GitHub supply-chain campaign named GhostAction stole about 3,325 secrets across PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys, by compromising maintainer accounts to inject malicious GitHub Actions workflows that exfiltrate secrets to an attacker-controlled endpoint.
-
Lovesac confirms data breach after ransomware attack; notices indicate data exposure and recovery steps
Lovesac disclosed a data breach after a March 2025 ransomware intrusion, exposing personal data of an undisclosed number of individuals. The company discovered the breach on Feb. 28, 2025, and offered 24-month credit monitoring through Experian while noting no current evidence of misuse. A Vermont AG notice and a GlobeneNewswire release provide context on the…
-
Noisy Bear Linked to Kazakh Energy Sector in Operation BarrelFire, Seqrite Says
Security researchers attribute a new campaign, Operation BarrelFire, to the Noisy Bear group, targeting Kazakhstan’s KazMunayGas with phishing lures and a DLL-based implant designed to deliver a reverse shell, amid broader regional cyberactivity and training-misinterpreted reports.
-
Qantas cuts executive bonuses by 15% after data breach
Qantas cut senior executive short-term bonuses by 15% after a late-June data breach that exposed millions of customers, reducing CEO Vanessa Hudson’s bonus by A$250,000 and five other executives’ bonuses by a combined A$550,000 while noting overall executive pay rose and the airline posted an A$2.4 billion underlying pre-tax profit.
-
Wealthsimple reports data breach affecting under 1% of customers; breach tied to third‑party software in suspected supply‑chain attack
Wealthsimple disclosed a data breach affecting less than 1% of its customers, with attackers accessing personal data but not funds or passwords. The breach is linked to a compromised third-party software package and is being treated as part of a broader Salesloft supply-chain attack. The firm is offering two years of free credit monitoring and…
-
VirusTotal flags 44 undetected SVGs in Colombian phishing campaign; hundreds of SVGs detected in the wild
VirusTotal has flagged a new malware campaign using 44 undetected SVG files to phish as Colombia’s Fiscalía General de la Nación, injecting a Base64-encoded HTML page and triggering a hidden ZIP download. Overall SVG detections in the wild have reached 523, with earliest samples dating to August 14, 2025.
-
GhostRedirector threat cluster compromises 65 Windows servers, deploys Rungan backdoor and Gamshen IIS module for SEO fraud
A fresh threat cluster named GhostRedirector has compromised at least 65 Windows servers, deploying a passive backdoor called Rungan and an IIS module named Gamshen to conduct SEO fraud, according to ESET researchers. The campaign shows SQL injection-based initial access, PowerShell-based tool delivery, and persistence through multiple remote-access tools, with a China-aligned attribution considered plausible…
-
Chess.com discloses data breach linked to third-party file-transfer app; around 4,500 users affected
Chess.com says a data breach tied to a third-party file-transfer app affected about 4,500 of its 100 million users, with potential exposure of names and other PII but no financial data, and says law enforcement was notified and monitoring continues.
