Risk
-
Transparent Tribe targets Indian government with dual-platform Linux and Windows malware, researchers say
Researchers say the Transparent Tribe (APT36) has expanded its assault on Indian government networks with a cross‑platform campaign targeting Windows and Linux‑BOSS systems through spear‑phishing, weaponized desktop shortcuts, and a Go‑based backdoor, complemented by anti‑analysis techniques and 2FA‑focused phishing.
-
Malicious Go module masquerades as SSH brute-forcer, exfiltrates credentials via Telegram bot, researchers say
Security researchers have identified a malicious Go module masquerading as an SSH brute-force tool that quietly exfiltrates credentials to a threat actor via Telegram. The module, golang-random-ip-ssh-bruteforce, targets random SSH services, disables host key verification, and relays harvested data to a Telegram bot, highlighting ongoing software supply chain and credential theft risks.
-
Data I/O reports ransomware attack disrupts operations; SEC filing indicates ongoing investigation
Data I/O, a major electronics maker with high-profile clients, disclosed a ransomware infection that began August 16 and continues to disrupt operations. The company activated response protocols, hired cybersecurity experts, and is investigating, with no timetable for restoration.
-
Interpol-led Africa cybercrime crackdown nets 1,209 arrests, $97.4 million recovered
Interpol says authorities across 18 African countries arrested 1,209 cybercriminals in the second phase of Operation Serengeti 2.0, recovering $97.4 million and dismantling thousands of illicit infrastructures as part of a broad cross-border crackdown on ransomware, online scams and business email compromise.
-
Ransomware group Qilin claims 4TB data breach at Nissan CBI, leaking 3D designs and VR files
Ransomware group Qilin claims to have copied more than 4 terabytes of data from Nissan Creative Box Inc. (CBI), including 3D design data and VR files, threatening to release the material if demands are not met. Nissan has not yet commented on the claim, and experts caution that the breach, if verified, could threaten trade…
-
Nearly 1 Million Health Records Exposed in Ohio Medical Alliance Data Breach
Cybersecurity researchers say two unprotected databases linked to Ohio Medical Alliance exposed 957,434 patient records, including SSNs and driver’s-license images, in a breach that required immediate remediation and raises privacy and identity-theft concerns in the medical marijuana sector.
-
Microsoft restricts Chinese firms’ access to vulnerability warnings amid SharePoint attacks
Microsoft has restricted certain Chinese firms from its vulnerability early warning program after concerns that data could be linked to a wave of SharePoint server attacks, sparking debate over governance and the global sharing of threat intelligence.
-
Orange Belgium reports data breach affecting about 850,000 customers
Orange Belgium says attackers accessed data from about 850,000 customer accounts in a July breach, exposing names, phone numbers, and related account details, while passwords and financial information were not accessed; customers are being notified by email or SMS and advised to watch for impersonation attempts.
-
Researchers warn of DOM-based extension clickjacking in password managers
Security researchers at DEF CON 33 revealed a DOM-based extension clickjacking flaw affecting popular password-manager browser extensions, capable of stealing credentials, 2FA codes, and more with a single click on a malicious page; Bitwarden has issued a fix, and others are in progress, with guidance to disable auto-fill until patches are deployed.
-
Static Tundra: Russia-linked group exploits Cisco flaw to maintain long-term access to global networks, researchers say
A Russian state-sponsored group known as Static Tundra has been quietly compromising network devices worldwide for over a decade, exploiting a seven-year-old Cisco vulnerability to steal data and maintain access, according to Cisco Talos Intelligence.
