Everest Ransomware Hits Swedish Power Grid Operator, Steals 280GB of Data
The Everest ransomware group has claimed a data breach against Sweden
πΈπͺ Sweden's power grid operator, Svenska kraftnΓ€t, confirms data breach after Everest ransomware gang claims theft of 280GB of data. The attack was limited to an external system; power grid unaffected. β‘ #Everest #Ransomware #DataBreach #Sweden
04.11.2025 18:16 β π 0 π 0 π¬ 0 π 0
Europe Now #2 Global Ransomware Target, Attacks Accelerating to 24-Hour Deployments
CrowdStrike
π Europe is now the #2 global target for ransomware, says new CrowdStrike report. Attacks are accelerating, with some deployments taking just 24 hours. Geopolitical tensions from Russia, China & DPRK are fueling the fire. #Ransomware #ThreatIntel
04.11.2025 18:16 β π 0 π 0 π¬ 0 π 0
Microsoft Discovers
Microsoft researchers have discovered
π€ Novel 'SesameOp' backdoor discovered by Microsoft uses the OpenAI Assistants API for C2 communications. This espionage tool hides malicious traffic within legitimate API calls, making detection a major challenge. #Malware #OpenAI #C2 #Espionage
04.11.2025 18:16 β π 0 π 0 π¬ 0 π 0
China Amends Cybersecurity Law, Massively Increasing Fines and Adding AI Governance Clause
China has amended its Cybersecurity Law, effective January 1, 2026, to significantly increase financial penalties for non-compliance and introduce new rules for AI governance.
βοΈ China amends its Cybersecurity Law, massively increasing fines for non-compliance up to 10x for critical infrastructure operators. The new rules, effective Jan 1, 2026, also introduce a new clause on AI governance. #CyberLaw #China #Compliance
04.11.2025 18:16 β π 0 π 0 π¬ 0 π 0
SK Telecom Profit Plummets 90% Following Massive Data Breach Affecting 27 Million Customers
SK Telecom
πΈ Financial fallout: SK Telecom's operating profit drops 90% due to a data breach affecting 27M customers. The breach went undetected for 3 years and resulted in a $96.5M fine. A stark reminder of the cost of cyber incidents. #DataBreach #SKTelecom
04.11.2025 18:15 β π 0 π 0 π¬ 0 π 0
Insider Threat Shocker: Cybersecurity Pros Indicted for Wielding ALPHV/BlackCat Ransomware
Two cybersecurity professionals from Sygnia and DigitalMint have been indicted for using ALPHV/BlackCat ransomware to attack and extort U.S. businesses.
π¨ Unbelievable insider threat: Two cybersecurity pros from incident response & negotiation firms indicted for using ALPHV/BlackCat ransomware to extort U.S. companies. Nearly $1.3M stolen from one victim. #Ransomware #InsiderThreat #BlackCat
04.11.2025 18:15 β π 0 π 0 π¬ 0 π 0
CISA Adds Actively Exploited Motex LANSCOPE RCE Flaw to KEV Catalog
CISA has added CVE-2025-61932, a critical remote code execution vulnerability in Motex
CISA adds critical Motex LANSCOPE RCE flaw (CVE-2025-61932) to its KEV catalog. β οΈ The bug is actively exploited to drop backdoors. Federal agencies must patch by Nov 12. #KEV #CISA #Vulnerability #CyberSecurity
04.11.2025 17:53 β π 0 π 0 π¬ 0 π 0
T-Mobile Enters Credit Card Market with Capital One, Raising Data Security Questions
T-Mobile is partnering with Capital One to launch its first credit card, a move that creates a new data ecosystem and raises significant cybersecurity, data privacy, and regulatory compliance challenges.
T-Mobile is launching a credit card with Capital One, entering the financial services market. π³ The partnership creates a new, complex data ecosystem, raising significant questions about data privacy and cybersecurity. #Fintech #CyberSecurity #Privacy
04.11.2025 17:53 β π 1 π 0 π¬ 0 π 0
Samsung
Samsung
Samsung's November 2025 security update is here! π‘οΈ It patches 45 vulnerabilities, including Google's critical zero-click RCE (CVE-2025-48593) and flaws in Exynos chips. Update your Galaxy device now! #Samsung #Android #Security #PatchTuesday
04.11.2025 17:53 β π 0 π 0 π¬ 0 π 0
"SleepyDuck" RAT Emerges in Open VSX Marketplace via Malicious Update
A new RAT named SleepyDuck has been found in a malicious extension in the Open VSX marketplace, using an Ethereum smart contract for a resilient command-and-control (C2) mechanism to target developers.
π¨ Malicious VS Code extension 'SleepyDuck' found in Open VSX! π¦ The RAT uses an Ethereum smart contract for a resilient C2 infrastructure. Targets developers via a trojanized Solidity extension. #Malware #SupplyChain #Crypto #DevSecOps
04.11.2025 17:53 β π 0 π 0 π¬ 0 π 0
Google Patches Critical Zero-Click RCE Flaw in Android; Millions of Devices at Risk
Google
π¨ CRITICAL ANDROID FLAW! Google patches a zero-click RCE vulnerability (CVE-2025-48593). No user interaction needed for exploitation. Affects Android 13, 14, 15 & 16. Update your devices NOW! #Android #CyberSecurity #PatchNow
04.11.2025 17:53 β π 0 π 0 π¬ 0 π 0
Penn Data Breach: Hacker Claims 1.2M Donor Records Stolen, Exposes "Terrible Security"
A major data breach at the University of Pennsylvania has exposed the personal and financial data of 1.2 million donors and alumni after a hacker compromised an employee
β οΈ University of Pennsylvania suffers massive data breach! Hacker claims to have stolen 1.2M donor records after compromising an employee SSO account. Sensitive personal & financial data exposed. #DataBreach #HigherEd #CyberSecurity
04.11.2025 17:53 β π 0 π 0 π¬ 0 π 0
Data Breaches Hit Toys
Several consumer-facing companies including Toys
Multiple data breaches reported: Toys 'R' Us Canada, Japanese retailer Askul (hit by ransomware), and security firm Verisure have all exposed customer data, including PII and SSNs. ππ #DataBreach #CyberAttack #Retail
04.11.2025 17:50 β π 0 π 0 π¬ 0 π 0
New "Airstalk" Malware Abuses VMware API in Nation-State Supply Chain Attack
A new malware strain named "Airstalk" is being used in a nation-state supply chain attack, using the VMware Workspace ONE API for command and control.
βοΈ New "Airstalk" malware in suspected nation-state supply chain attack! Abuses VMware Workspace ONE API for covert C2 and uses a stolen code-signing certificate to evade detection. #SupplyChain #Malware #ThreatIntel #VMware
04.11.2025 17:50 β π 0 π 0 π¬ 0 π 0
Australia Warns of
The Australian Signals Directorate (ASD) warns of ongoing attacks deploying
π¦πΊ Australia's ASD warns of 'BADCANDY' malware attacks on Cisco IOS XE devices. Hackers are exploiting critical flaw CVE-2023-20198 to take over routers. 150+ devices infected in October alone. #Cisco #CyberSecurity #BADCANDY #PatchNow
04.11.2025 17:50 β π 0 π 0 π¬ 0 π 0
New
Researchers have discovered a new ransomware strain named KYBER that uses a sophisticated hybrid encryption scheme, including the post-quantum Kyber1024 algorithm, and engages in data-driven extortion.
β£οΈ New 'KYBER' ransomware discovered! Uses advanced post-quantum crypto (Kyber1024) and AES-256. Threatens to leak stolen data, targeting Aerospace & Defense and tech firms. Shows signs of evolving into a major RaaS threat. #Ransomware #KYBER #Cyber...
04.11.2025 17:50 β π 0 π 0 π¬ 0 π 0
Ukrainian Conti Ransomware Affiliate Extradited to US
Oleksii Lytvynenko, a Ukrainian national and alleged member of the Conti ransomware syndicate, was extradited from Ireland to the US to face cybercrime and extortion charges.
βοΈ Ukrainian national Oleksii Lytvynenko, an alleged affiliate of the notorious Conti ransomware group, has been extradited from Ireland to the US. He faces up to 25 years for attacks that extorted over $150M globally. #Conti #Ransomware #Cybercrime
04.11.2025 17:50 β π 0 π 0 π¬ 0 π 0
Akira Ransomware Claims Breach of Apache OpenOffice, Threatens Data Leak
The Akira ransomware group claims to have breached the Apache Software Foundation, developers of Apache OpenOffice, and exfiltrated 23GB of sensitive data.
π» Akira ransomware claims it has breached Apache OpenOffice, alleging theft of 23GB of sensitive data including financial records and employee PII. The Apache Software Foundation has not yet confirmed the attack. #Ransomware #Akira #DataBreach
04.11.2025 17:50 β π 0 π 0 π¬ 0 π 0
China-Backed Group Exploits Unpatched Windows Flaw to Spy on EU Diplomats
Analysis of a cyber-espionage campaign by China-linked UNC6384 exploiting the unpatched Windows vulnerability CVE-2025-9491 to target European diplomats with the PlugX RAT.
β οΈ China-linked hackers (UNC6384) exploit unpatched Windows flaw CVE-2025-9491 to spy on EU diplomats. Attacks use malicious LNK files to deploy PlugX RAT. Microsoft has declined to patch the vulnerability. #CyberEspionage #ZeroDay #PlugX
04.11.2025 17:50 β π 0 π 0 π¬ 0 π 0
Data Breaches Hit Toys
Several consumer-facing companies including Toys
Multiple data breaches reported: Toys 'R' Us Canada, Japanese retailer Askul (hit by ransomware), and security firm Verisure have all exposed customer data, including PII and SSNs. ππ #DataBreach #CyberAttack #Retail
04.11.2025 16:47 β π 0 π 0 π¬ 0 π 0
New "Airstalk" Malware Abuses VMware API in Nation-State Supply Chain Attack
A new malware strain named "Airstalk" is being used in a nation-state supply chain attack, using the VMware Workspace ONE API for command and control.
βοΈ New "Airstalk" malware in suspected nation-state supply chain attack! Abuses VMware Workspace ONE API for covert C2 and uses a stolen code-signing certificate to evade detection. #SupplyChain #Malware #ThreatIntel #VMware
04.11.2025 16:47 β π 0 π 0 π¬ 0 π 0
π¦πΊ Australia's ASD warns of 'BADCANDY' malware attacks on Cisco IOS XE devices. Hackers are exploiting critical flaw CVE-2023-20198 to take over routers. 150+ devices infected in October alone. #Cisco #CyberSecurity #BADCANDY #PatchNow
04.11.2025 16:47 β π 0 π 0 π¬ 0 π 0
β£οΈ New 'KYBER' ransomware discovered! Uses advanced post-quantum crypto (Kyber1024) and AES-256. Threatens to leak stolen data, targeting Aerospace & Defense and tech firms. Shows signs of evolving into a major RaaS threat. #Ransomware #KYBER #Cyber...
04.11.2025 16:47 β π 0 π 0 π¬ 0 π 0
βοΈ Ukrainian national Oleksii Lytvynenko, an alleged affiliate of the notorious Conti ransomware group, has been extradited from Ireland to the US. He faces up to 25 years for attacks that extorted over $150M globally. #Conti #Ransomware #Cybercrime
04.11.2025 16:47 β π 0 π 0 π¬ 0 π 0
π» Akira ransomware claims it has breached Apache OpenOffice, alleging theft of 23GB of sensitive data including financial records and employee PII. The Apache Software Foundation has not yet confirmed the attack. #Ransomware #Akira #DataBreach
04.11.2025 16:47 β π 0 π 0 π¬ 0 π 0
β οΈ China-linked hackers (UNC6384) exploit unpatched Windows flaw CVE-2025-9491 to spy on EU diplomats. Attacks use malicious LNK files to deploy PlugX RAT. Microsoft has declined to patch the vulnerability. #CyberEspionage #ZeroDay #PlugX
04.11.2025 16:47 β π 0 π 0 π¬ 0 π 0
Conduent Data Breach: 10 Million+ Individuals
Government contractor Conduent confirms a data breach exposed the personal and medical information, including Social Security numbers, of over 10 million individuals.
β οΈ Massive data breach at government contractor Conduent exposes personal & medical info of over 10 MILLION people. Data includes SSNs & health details. Unauthorized access occurred from Oct 2024 to Jan 2025. #DataBreach #Conduent #PII
31.10.2025 18:15 β π 0 π 0 π¬ 0 π 0
Canada Issues National Alert as Hacktivists Target Critical Infrastructure
The Canadian Centre for Cyber Security issues a national alert over rising hacktivist attacks targeting internet-exposed Industrial Control Systems (ICS) in critical sectors.
Canada issues national alert as hacktivists breach internet-accessible Industrial Control Systems (ICS). Water, food & manufacturing sectors targeted. Urgent call for defensive measures. π¨π¦ #ICS #OTsecurity #CriticalInfrastructure #Hacktivism
31.10.2025 18:15 β π 0 π 0 π¬ 0 π 0
Developers of digital forensics weapons which include Arsenal Image Mounter, Hibernation Recon, LevelDB Recon, HBIN Recon, & Registry Recon. Arm Yourself! #DFIR
#DFIR π«@ Magnet Forensics
Blog βοΈ @ BakerStreetForensics.com
Opinions are my own and are subject to change.
βββ
βββββ ββββββ
ββ
---
Hunting Threats & Malware | #Threathunting #DFIR #OSINT #Privacy
---
You know itβs funny what's happening to us.Our lives [β¦]
[bridged from https://infosec.exchange/@jo3rg on the fediverse by https://fed.brid.gy/ ]
Leading digital forensics and DFIR news, analysis and discussion. Join us at www.forensicfocus.com
DFIR, wife, mama, researcher, author, instructor, veteran. Trust but validate. Thoughts are mine. SANS Fellow and Cellebrite.
Discover our IT solutions tailored for your strategic security needs. Black Cat White Hat helps businesses strengthen security with clear G.R.C. solutions, risk assessments, user and device monitoring, incident response, and advanced protection tools.
We are ilert, the AI-first incident management platform designed to cover the entire incident response lifecycleβfrom alerting to post-incident learning. All in one app!
Built with β€οΈ in π©πͺ.
Learn more @ ilert.com
Reverse engineering dragon VTuber ππ
I stream malware analysis and RE on Twitch!
https://vgen.co/c/cyberkaida/cyberkaida-2-0
Twitch - https://twitch.tv/cyberkaida
GitHub - https://github.com/cyberkaida
Independent Malware Analyst & Researcher,Notes (Philosophy & Poetry) β The Path of Clarity & Poems of Malware Analysis.
Blog: http://malwareanalysisspace.blogspot.com
Website: http://clibm079.net
Offensive cyber security researcher
https://shakhawat.me
Recovering CISO
May have an orchid problem
Bad photography
Worse dad jokes
The worst Infosec hot takes
Podcast: https://defensivesecurity.org
Blog [β¦]
π bridged from β https://infosec.exchange/@jerry, follow @ap.brid.gy to interact
Cybersecurity fella. That Fraud Guy. Occasional chef. Musician and composer. Writer and presenter for Dark Reading and other places. Writing CISO Intelligence one day at a time. Fled the UK to Northern Portugal.
Risk Advisory Services Leader & vCISO | Cybersecurity Executive, Visionary Strategist, Published Author & Speaker - C|CISO, CISSP, CCSP, CDPSE, CISA, QSA
We are Microsoft's global network of security experts. Follow for security research and threat intelligence. https://aka.ms/threatintelblog
FR-EN #CyberSecurity #Security #InfoSec #CeptBiro #ISO #Risk #VulnerabilityManagement #Audit Working @CeptBiro http://ht.ly/upc7307EQhA - Posts are my own
PhD in political science, studying infosec, cyber conflict & information war at IFSH. Self-taught hacker & blue team.
Blog and podcast about my work over at https://percepticon.de or https://ioc.exchange/@percepticon
Europe based pentesting products distributor #Proxmark #Flipperzero #USBKILL #NFCkill #Macobox rewritable #rfid tags and more #infosec #blueteam #redteam
Profile WIP:
Infosec Professional, former 3D Generalist currently hobbyist, weeb of the ancients into vtubers, artists, and tech. He/Him.
I have an etsy shop come check stuff out:
https://kajicostudio.etsy.com
#InfoSec #Cybersecurity #threatintel and Politics. I try my best.
Also @deepthoughts10@twitter.com
Searchable
[bridged from https://infosec.exchange/@deepthoughts10 on the fediverse by https://fed.brid.gy/ ]
Home of the Cybersecurity News hub. Information sharing and raising awareness. Think, talk and grow while on the go. Visit https://www.cybersecuritynews.today/ for more coverage.
Cybersecurity News Today! is on buymeacoffee.com/cybersecuritynewstoday
