News
-
Malicious Go module masquerades as SSH brute-forcer, exfiltrates credentials via Telegram bot, researchers say
Security researchers have identified a malicious Go module masquerading as an SSH brute-force tool that quietly exfiltrates credentials to a threat actor via Telegram. The module, golang-random-ip-ssh-bruteforce, targets random SSH services, disables host key verification, and relays harvested data to a Telegram bot, highlighting ongoing software supply chain and credential theft risks.
-
Data I/O reports ransomware attack disrupts operations; SEC filing indicates ongoing investigation
Data I/O, a major electronics maker with high-profile clients, disclosed a ransomware infection that began August 16 and continues to disrupt operations. The company activated response protocols, hired cybersecurity experts, and is investigating, with no timetable for restoration.
-
China-linked Murky Panda exploits cloud trust to move laterally, CrowdStrike finds
A CrowdStrike 2025 Threat Hunting Report finds a 136% increase in cloud intrusions, driven by Murky Panda’s use of zero-day exploits and, more notably, their manipulation of trusted cloud relationships to move from SaaS providers into downstream customer environments, with links to a February 2025 breach of Commvault’s Microsoft Azure cloud environment highlighted as a…
-
Interpol-led Africa cybercrime crackdown nets 1,209 arrests, $97.4 million recovered
Interpol says authorities across 18 African countries arrested 1,209 cybercriminals in the second phase of Operation Serengeti 2.0, recovering $97.4 million and dismantling thousands of illicit infrastructures as part of a broad cross-border crackdown on ransomware, online scams and business email compromise.
-
DaVita ransomware breach exposes data of nearly 2.7 million people, OCR confirms
DaVita disclosed that a ransomware attack compromised the personal and health data of nearly 2.7 million people, with OCR confirming 2,689,826 affected and the company noting a possible 2.4 million. The breach exposed information from DaVita’s labs database, with the company offering credit monitoring to affected individuals as investigations continue.
-
Ransomware group Qilin claims 4TB data breach at Nissan CBI, leaking 3D designs and VR files
Ransomware group Qilin claims to have copied more than 4 terabytes of data from Nissan Creative Box Inc. (CBI), including 3D design data and VR files, threatening to release the material if demands are not met. Nissan has not yet commented on the claim, and experts caution that the breach, if verified, could threaten trade…
-
Nearly 1 Million Health Records Exposed in Ohio Medical Alliance Data Breach
Cybersecurity researchers say two unprotected databases linked to Ohio Medical Alliance exposed 957,434 patient records, including SSNs and driver’s-license images, in a breach that required immediate remediation and raises privacy and identity-theft concerns in the medical marijuana sector.
-
Microsoft restricts Chinese firms’ access to vulnerability warnings amid SharePoint attacks
Microsoft has restricted certain Chinese firms from its vulnerability early warning program after concerns that data could be linked to a wave of SharePoint server attacks, sparking debate over governance and the global sharing of threat intelligence.
-
Orange Belgium reports data breach affecting about 850,000 customers
Orange Belgium says attackers accessed data from about 850,000 customer accounts in a July breach, exposing names, phone numbers, and related account details, while passwords and financial information were not accessed; customers are being notified by email or SMS and advised to watch for impersonation attempts.
-
Apple patches zero-day CVE-2025-43300 after highly targeted attack, urges immediate updates
Apple has issued security updates for CVE-2025-43300, a zero-day flaw in Apple’s Image I/O framework that was exploited in a highly targeted attack; users are urged to install the latest iOS, iPadOS and macOS updates.
