Cybercrime
-
Lovesac confirms data breach after ransomware attack; notices indicate data exposure and recovery steps
Lovesac disclosed a data breach after a March 2025 ransomware intrusion, exposing personal data of an undisclosed number of individuals. The company discovered the breach on Feb. 28, 2025, and offered 24-month credit monitoring through Experian while noting no current evidence of misuse. A Vermont AG notice and a GlobeneNewswire release provide context on the…
-
Noisy Bear Linked to Kazakh Energy Sector in Operation BarrelFire, Seqrite Says
Security researchers attribute a new campaign, Operation BarrelFire, to the Noisy Bear group, targeting Kazakhstan’s KazMunayGas with phishing lures and a DLL-based implant designed to deliver a reverse shell, amid broader regional cyberactivity and training-misinterpreted reports.
-
Qantas cuts executive bonuses by 15% after data breach
Qantas cut senior executive short-term bonuses by 15% after a late-June data breach that exposed millions of customers, reducing CEO Vanessa Hudson’s bonus by A$250,000 and five other executives’ bonuses by a combined A$550,000 while noting overall executive pay rose and the airline posted an A$2.4 billion underlying pre-tax profit.
-
Wealthsimple reports data breach affecting under 1% of customers; breach tied to third‑party software in suspected supply‑chain attack
Wealthsimple disclosed a data breach affecting less than 1% of its customers, with attackers accessing personal data but not funds or passwords. The breach is linked to a compromised third-party software package and is being treated as part of a broader Salesloft supply-chain attack. The firm is offering two years of free credit monitoring and…
-
VirusTotal flags 44 undetected SVGs in Colombian phishing campaign; hundreds of SVGs detected in the wild
VirusTotal has flagged a new malware campaign using 44 undetected SVG files to phish as Colombia’s Fiscalía General de la Nación, injecting a Base64-encoded HTML page and triggering a hidden ZIP download. Overall SVG detections in the wild have reached 523, with earliest samples dating to August 14, 2025.
-
GhostRedirector threat cluster compromises 65 Windows servers, deploys Rungan backdoor and Gamshen IIS module for SEO fraud
A fresh threat cluster named GhostRedirector has compromised at least 65 Windows servers, deploying a passive backdoor called Rungan and an IIS module named Gamshen to conduct SEO fraud, according to ESET researchers. The campaign shows SQL injection-based initial access, PowerShell-based tool delivery, and persistence through multiple remote-access tools, with a China-aligned attribution considered plausible…
-
Chess.com discloses data breach linked to third-party file-transfer app; around 4,500 users affected
Chess.com says a data breach tied to a third-party file-transfer app affected about 4,500 of its 100 million users, with potential exposure of names and other PII but no financial data, and says law enforcement was notified and monitoring continues.
-
Bridgestone confirms cyberattack affecting North American manufacturing; company says containment achieved
Bridgestone Americas said a limited cyber incident affected some North American manufacturing facilities, but it contained the threat early and did not indicate customer data was breached, as reports spread from South Carolina to Quebec.
-
Threat actors weaponize HexStrike AI to exploit recently disclosed vulnerabilities, Check Point warns
Threat actors are weaponizing HexStrike AI, an AI-driven offensive security tool, to exploit recently disclosed vulnerabilities, prompting Check Point to urge immediate patching and hardening of affected systems.
-
Iranian-aligned group linked to multi-wave spear-phishing targeting embassies worldwide, researchers say
An Iran-linked threat group is behind a coordinated, multi-wave spear-phishing campaign targeting embassies and consulates worldwide, using VBA macro payloads to deploy malware, according to researchers.
