Daily News - Julho / Agosto (27/07 - 02/08) - 31 Semana de 2025Felipe Prado27 de jul. de 202513 min de leituraAtualizado: 2 de ago. de 202502/08$908K Stolen in Phishing Tied to 458-Day-Old Wallet ApprovalAkamai SOTI report: Ransomware grows more complex, hits APAC hardAkira Ransomware Exploits 0-Day Vulnerability in SonicWall Firewall DevicesAkira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched DevicesAttackers exploit link-wrapping services to steal Microsoft 365 loginsBaillie Lumber Data Breach: 52 GB of Sensitive Data StolenBarrett-Jackson Data Breach Exposes Social Security NumbersCybercrime Grows More Aggressive in 2025 as Identity Becomes a Central TargetEmpresa brasileira publica relatório com o passo a passo do ciberataque que causou bilhões em prejuízo a seis instituições financeirasGenoa Medical Facilities discloses data breach exposing Social Security numbersHackers Abuse Microsoft 365’s Direct Send Feature to Deliver Internal Phishing AttacksHostage to hackers: Can the war against ransomware be won?How Amazon's 'AI mistake' is a basic lesson for every engineer using Gen-AI for codingNew Undetectable Plague Malware Targeting Linux Servers for Persistent SSH AccessPhil Smith Automotive Data Breach Affects 12,274 PeopleQilin Ransomware Surging Following The Fall of dominant RansomHub RaaSRansomware attacks cripple government services across Dutch Caribbean islandsRussian hacker group using Internet service providers to spy on foreign embassiesSafePay Ransomware Infected 260+ Victims Across Multiple CountriesSingapore faces world’s highest regulatory extortion riskSonicWall Firewall Devices 0-day Vulnerability Actively Exploited by Akira RansomwareTea App Data Breach Exposes 1.1 Million Private Messages in Catastrophic Privacy Failure01/0812 Most Common Phishing Attacks With ExamplesActivist Carronade builds pressure on Viasat to split businessAeroflot Airline Cancels Flights After Pro-Ukraine Hacktivist Cyber AttackAffiliates of disrupted ransomware gangs sought by other operationsAI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before TakedownAI-powered Cursor IDE vulnerable to prompt-injection attacksAllianz Life cyberattack gets worse as company confirms Social Security numbers stolenAlmost a quarter of the files workers upload to AI has sensitive infoASIO boss confirms multiple defence industry companies targeted by foreign espionageAtaque ao SharePoint expõe empresas; veja como se proteger dos hackersAttackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 AccountsAuthorities seize BlackSuit ransomware gang’s serversBeware of packages containing malicious QR codes, FBI warnsBrowser extensions could be used to exploit AI tools, researchers sayChina acusa EUA de usar brecha da Microsoft para hackear dados militaresChina Summons Nvidia Over Alleged Backdoor Risks in AI ChipsCISA released Thorium platform to support malware and forensic analysisCloudbrink adds CrowdStrike integration to its SASE platformCoinbase reveals $307M data breach cost in Q2Comp AI secures $2.6M pre-seed to disrupt SOC 2 marketCursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt InjectionCybercrooks faked Microsoft OAuth apps for MFA phishingCybersecurity M&A Roundup: Palo Alto Networks Agrees $25bn Deal to Acquire CyberArkCybersecurity threats surge in first half, report findsDiscord leveraged to spread updated DoubleTrouble banking trojanDollar Tree denies data breach - says hackers targeted its rival insteadEverest’s Mailchimp hacking claims downplayedFederal quantum cybersecurity strategy pushed by new legislationFeds Confiscate Millions in Bitcoin from Emerging Ransomware GroupFlorida Internal Medicine Practices Discloses November 2024 Data BreachFSB-linked hackers targeting diplomats in Moscow using ISP accessGlobal Data Breach Costs See First Decline in 5 Years, Thanks to AI and AutomationHacker coloca à venda dados de clientes e infraestrutura AWS da ClaroHackers accessed more data than thought in Legal Aid Agency cyber attackHackers Exploit Microsoft 365’s Direct Send Feature for Internal Phishing AttacksHackers Regularly Exploit Vulnerabilities Before Public Disclosure, Study FindsHackers says they attacked Mailchimp and stole user data - and the community laughed it offIdle Infrastructure, Active Threats: Why Unmanaged Network Resources Are A Hacker’s DreamIllumina to pay $9.8M to resolve alleged cyber faultsIt’s time to sound the alarm on water sector cybersecurityLegal Aid Agency data breach bigger than first thoughtLovense adult toy app leaks private user email addresses - what we know, and how to stay safe if you're affectedLuxembourg probes reported attack on Huawei tech that caused nationwide telecoms outageMalicious ads target millions to steal their bitcoin and cryptoMeta Offers $1M bounty at Pwn2Own Ireland 2025 for WhatsApp exploitsMicrosoft Authenticator is deleting your passwords today - here is what to do nowMicrosoft says Russian hackers are planting fake antivirus software in embassy attacksMicrosoft updates .NET bug bounty programModern credential stuffing attacks manipulate business logic, exploit APIsMore Than Half of Healthcare Orgs Attacked with Ransomware Last YearMultiple HoneyWell Experion PKS flaws addressedNew DoubleTrouble banking trojan spreads via Discord - so be on your guardNovel phishing campaign facilitated by link wrapping exploitationOpen-source CISA malware, forensic analysis platform unveiledOpera vs. Microsoft: Brazil opens antitrust case over Edge and AI pushPalo Alto to acquire CyberArk in US$25bn dealPi-hole discloses data breach triggered by WordPress plugin flawPwn2Own hacking contest pays $1 million for WhatsApp exploitQilin Ransomware Sees Surge After Collapse of Dominant RansomHub RaaSRansomware attack on Florida prisons disrupts phones, email and visitationRansomware gangs are now expanding to physical threats in the real worldRussia's FSB targets foreign embassies in Moscow in cyber espionage campaign, Microsoft saysScattered Spider exploits Slack and Microsoft Teams in latest Ransomware campaignSecret Blizzard Targets Moscow-Based Embassies in New Espionage CampaignSecurity gaps still haunt shared mobile device use in healthcareSmart steps to keep your AI future-readySonicWall firewall devices hit in surge of Akira ransomware attacksStaggering 800% Rise in Infostealer Credential TheftStay pragmatic as cyberwarfare reaches a tipping pointStorm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware AttacksSummer: Why cybersecurity must be strengthened as vacations aboundThe American View: The Cost of Putting the Wrong People in PowerToolShell under siege: Check Point analyzes Chinese APT Storm-2603UK Leads the Way with £15m AI Alignment ProjectWatch this: Hackers can take over un-updated Dahua smart camerasWhat attackers know about your company thanks to AIWordPress AI Engine Plugin Bug Allows Remote Code Execution – Update NowYou Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them31/071 in 20 Financial Service Online Identity Verification Attempts Is FraudulentAI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ RevealsAI is changing the vCISO gameAlert Fatigue, Data Overload, and the Fall of Traditional SIEMsAndroid Malware Targets Banking Users Through Discord ChannelsAustralia restricts YouTube use for children under 16Bangladesh Road Transport Authority Data Allegedly Breached – Over 1 Million Records for SaleBrowser Extensions Can Exploit ChatGPT, Gemini in ‘Man in the Prompt’ AttackChina's cyberspace watchdog summons Nvidia over H20 chip security concernsCISA Unveils Eviction Strategies Tool to Aid Incident ResponseClub Grido Loyalty Program Data Allegedly Leaked on Dark WebCrypto shock: Samourai Wallet founders admit guilt in Bitcoin privacy caseCybercriminals ‘Spooked’ After Scattered Spider ArrestsEverest Ransomware Claims Mailchimp as New Victim in Relatively Small BreachExperts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login CredentialsFunkSec Ransomware Victims Can Now Recover Files with Free DecryptorHackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin InstallHackers hunt passwords: theft explodes 800%How to Restore Exchange MailboxKremlin monitors foreign embassies in Moscow through cyber-espionage at ISP levelLovense tried to silence me, hacker claimsMalicious extensions can use ChatGPT to steal your personal data - here's howMind the overconfidence gap: CISOs and staff don’t see eye to eye on security postureNew AI model offers faster, greener way for vulnerability detectionNorth Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in CryptoNot just YouTube: Google is using AI to guess your age based on your activity - everywhereOnlyFans, Discord ClickFix-Themed Pages Spread Epsilon Red RansomwareOrange hit by major data security incident disrupting operations in FranceOver 200 Malicious Open Source Packages Traced to Lazarus CampaignPasswordless Future Years Away Despite Microsoft Authenticator MovePrivate ChatGPT conversations show up on Google, leaving internet users shockedProton launches free standalone cross-platform Authenticator appQilin Ransomware Claims Attacks on Jordan’s ASEZA and Colombia’s PDCQuintana Roo Mobility Institute (IMOVEQROO) Allegedly Breached – Driver’s Licenses LeakedRansomware Attacks Escalate to Physical Threats Against ExecutivesResearchers Link New SS7 Encoding Attack to Surveillance Vendor ActivityRiteCheck discloses year-old data breach affecting over 68,000 individualsRussia-linked APT Secret Blizzard targets foreign embassies in Moscow with ApolloShadow malwareSafePay ransomware gang threatens to leak 3.5TB of stolen Ingram Micro dataSecret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow EmbassiesSecrets are leaking everywhere, and bots are to blameSpending on cybersecurity rising sharply, expected to hit $240 billion next yearThis handy NordVPN tool flags scam calls on Android - even before you answerTwo critical Android 16 security features you're not using (but absolutely should)UC Berkeley Targeted in Major Data Breach – Full University Database Allegedly For Sale OnlineUNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for FraudUsers sue Tea App over data breach that exposed 72K images and endless PIIWhy rural hospitals are losing the cybersecurity battleWhy stolen credentials remain cybercriminals’ tool of choiceWood River Health data breach exposed personal information of over 50,000 individuals30/07AI is here, security still isn’tAllianz Life Insurance Impacted By Third Party BreachApple Patches Safari Vulnerability Also Exploited as Zero-Day in Google ChromeArtemis: Open-source modular vulnerability scannerAverage cost of a data breach in US shoots to record $10 million (IBM)Bangladesh Government Portal Suffers Major Data Breach – 4.1 Million Citizens Records Allegedly for SaleBoards shift focus to tech and navigate cautious investorsBrazilian Healthcare Federation Federassantas Allegedly BreachedCegid Suffers Data Breach – 74,000 Customer Records Allegedly LeakedCheap burgers flip to costly subscription: thousands online baited by $2 Big MacsChinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage ToolsCodeIgniter4 Flaw CVE-2025-54418 Enables Remote Code Execution via File UploadsColchester Charity Reports Russian Cyber-AttackCritical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload ExploitsCrypto scammers face prison after fake AI trading bots and “deals with Panama” schemesCyberattack shuts down hundreds of Russian pharmacies, disrupts healthcare servicesData Breach Costs Fall for First Time in Five YearsDollar Tree Allegedly Hit by INC Ransom – 1.2 TB of Sensitive Data ExposedDollar Tree data breach exposes company data – hackersEmergency after cyberattack in St. Paul: could your data be at risk?Espionagem cibernética Chinesa: Hackers patenteiam ferramentasFamily Service League Targeted by INC Ransom – Sensitive Data of Vulnerable Citizens Allegedly CompromisedFBI seizes over $2.3 million in Bitcoin from Chaos ransomware affiliate in TexasFrom Automation to Augmentation: The Future of SOCs in Enterprise CybersecurityFunkSec Ransomware Decryptor Released Free to Public After Group Goes DormantGerman Manufacturer RUKU Tore – Türen Allegedly Targeted by Global RansomwareGoogle is using passkeys and new security tools to help you fight cyberattacks - here's howGoogle Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project ZeroGoogle to Publicly Report New Vulnerabilities Within One Week of Vendor DisclosureHackers disrupt Aeroflot operations, dozens of flights canceled amid cyber attackHackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color MalwareHackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading AppsHafnium Tied to Advanced Chinese Surveillance ToolsHidden Backdoor Found in ATM Network via Raspberry PiIBM Report Sees Drop in Global Data Breach Costs Except in U.S.Inc Ransomware Claims 1.2TB Data Breach at Dollar TreeInvasão na Record: três momentos em que hackers roubaram a transmissão de TVLebanese Auto Supplier Jean Bakhos Allegedly Suffers Data LeakMajor flaws found in Lenovo BIOS: attackers can take over systemsMinnesota activates National Guard following major cyberattack on St. PaulMinnesota National Guard Deployed After Major Cyberattack on St. Paul City SystemsNaval Group launches investigation after 1TB of confidential data leaked on dark webNearly 70K exposed after hacker attack on New York check casherNew Lenovo UEFI firmware updates fix Secure Boot bypass flawsOrange discloses security incident: no customer data stolenOWASP Launches Agentic AI Security GuidanceRansomware Is Targeting Nonprofits: Why Risk a Disaster When Protection Is Affordable?Ransomware upstart Gunra goes cross-platform with encryption upgradesScattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security PressureTea takes part of women-only dating app offline after second cybersecurity data leakThe food supply chain has a cybersecurity problemThe ghost of FTX Japan is still online, exposing 35,000 usersThird of Exploited Vulnerabilities Weaponized Within a Day of DisclosureTrickBot Behind More Than $724 Million in Crypto Theft and ExtortionUAE Equestrian Federation Data Allegedly BreachedUS Tops Hit List as 396 SharePoint Systems Compromised GloballyUsed external hard drives selling as new on Amazon, data recovery firm warns“Welcome to the police state,” Spotify introduces age checks under UK Online Safety ActWhy CISOs should rethink identity risk through attack pathsWill AI go rogue now that it can bypass some CAPTCHA tests?Wishy-washy age verification system puts X in the spotlightYouTube joins global age-verification rush with AI that guesses your age29/07200 million American targeted in new wave of phishing attacksAcarlar Ltd, W.L. FOODS, and MGI Singapore PAC Allegedly Hit by Direwolf RansomwareAeroflot cancels more flights, claims schedule stabilized after cyberattackAI-Driven Phishing and Ransomware Targeting Smaller FirmsAlleged breach of ice maker exposes employee detailsAllianz Life Data Breach Hits 1.4 Million CustomersAmerican cleaning firm Prestige Maintenance hit by major data breachAtaque hacker contra companhia aérea russa leva a cancelamento de voosAuto-Color Backdoor Malware Exploits SAP VulnerabilityAvala Data Breach Exposes Sensitive Patients' Social Security NumbersBrien Center Data Breach Exposes Protected Health InformationChaos Ransomware-as-a-Service (RaaS) Emerges After BlackSuit Takedown, Demanding $300K from U.S. VictimsCharity Fined After Destroying “Irreplaceable” RecordsCISA Adds Cisco ISE and PaperCut Vulnerabilities to Known Exploited Vulnerabilities CatalogCISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active ExploitationCISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services EngineCritical Authentication Flaw Identified in Base44 Vibe Coding PlatformCybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia's Mobile NetworksCybersecurity pros drowning in too much data to make sense of it allCyble Uncovers RedHook Android Trojan Targeting Vietnamese UsersDepartment of Justice (DOJ) launches forfeiture action to recover $2.3m in Bitcoin tied to Chaos Ransomware groupFalha de segurança na Amazon quase deixou hacker apagar dados com prompt de IAFBI seizes $2.4M in Bitcoin from new Chaos ransomware operationFBI Seizes $2.4m in Crypto from Chaos Ransomware GangFirst Baptist Church of Hammond Allegedly Targeted by Rhysida RansomwareFrench nuclear secrets exposed to hacker attackFrench Telco Orange Hit by Cyber-AttackFrench telecom giant Orange discloses cyberattackGoogle says UK government has not demanded an encryption backdoor for its users’ dataGunra Ransomware Group Unveils Efficient Linux VariantHackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malwareHow Scattered Spider Used Fake Calls to Breach Clorox via CognizantInside the application security crisis no one wants to talk aboutLuxury Jeweler Frank & co. Allegedly Suffers Data BreachLynx Ransomware Allegedly Breaches Countertop Specialist Premier Surfaces IncMassive data breach at Zumpano Patricios exposes sensitive data of 280,000 IndividualsMicrosoft finds a way into Mac users’ secrets, helps fix the flawMortensen Law Offices Allegedly Breached By Kairos Ransomware GroupNetwork Access to Major $400M+ Indian Corporation Allegedly for SaleNew Choicejacking Attack Steals Data from Phones via Public ChargersNew N-able Report Underscores Escalating Cyber Threats Facing SMBsNew ransomware group Chaos poses serious threatOrange, France’s largest telecoms company, hit by cyberattackOver 2,000 South Koreans linked to Cambodia-based voice phishing networksPolish Healthcare Giant Medicover Allegedly Breached – Patient Account Data LeakedPro-Ukraine Hacktivists Ground Dozens of Aeroflot FlightsPyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike DomainRansomware groups snap up to 238 TB a year, Zscaler reportsRansomware Surges as Attempts Spike 146% Amid Aggressive Extortion TacticsRansomware threats rise, attackers adopt quadruple extortionRansomware will thrive until we change our strategyRussia’s largest airline cancels dozens of flights following Ukrainian cyber attackRussian airline Aeroflot grounded by pro-Ukrainian hackers, sends "psychological message,” security expert saysRussian airline Aeroflot grounds dozens of flights after cyberattackSAP NetWeaver Vulnerability Used in Auto-Color Malware Attack on US FirmSex toy maker Lovense leaks users’ email addresses months after disclosureSeychelles Commercial Bank Reported Cybersecurity IncidentSpy satellite agency says law enforcement probing 'incident' affecting contracting siteTea App Data Breach: 72,000 Selfies and IDs of Women Leaked OnlineTea App Suffers Second Major Breach – Allegedly Exposing Sensitive User MessagesTelecom Giant Orange Responding to Cyberattack on ‘Information Systems’The final frontier of cybersecurity is now in spaceThreat Actors Use Phishing to Target Belgian Grand Prix Fans and TeamsTurkish Engineering Firm Yapi Teknik Proje Allegedly Breached by Qilin RansomwareUK cyber vigilantes generating mock IDs of local MPs to protest Online Safety ActUS seeks to claim $2.4M in Bitcoin seized from ransomware groupVirtualweb Technologies Reportedly Breached by Brain Cipher RansomwareWhy behavioral intelligence is becoming the bank fraud team’s best friendWiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base4428/071.4 Million People Hit in Huge Allianz Life Cyberattack141 Million Data Breach Files Reveal Bank Statements And Crypto KeysAeroflot Cancels Dozens of Flights After Major CyberattackAIIMS ORBO Portal Vulnerability Leads to Massive Data ExposureAllianz Life Confirms Major Data Breach via Third-Party Cloud PlatformAllianz Life insurance cyber attack affects ‘majority’ of US customersAmerican woman sentenced for role in massive $17M North Korean IT worker fraud schemeAnonymous Dating Review Platform Tea Falls Victim to Major Security IncidentBoley Centers Data Breach Exposes Social Security NumbersByteDance’s AI coding tool Trae IDE caught allegedly spying on usersChina-linked group Fire Ant exploits VMware and F5 flaws since early 2025CISA flags PaperCut RCE bug as exploited in attacks, patch nowCollege Saint Jean-Baptiste de La Salle and CCI Torrevieja Allegedly Hit by Arcus RansomwareCritical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems WorldwideCritical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeoverCrypto hackers hide stolen funds faster – researchData breach at Allianz Life affects “majority” of its 1.4 million customersDating App Breach Exposes Images of 13,000 WomenDubai Municipality Allegedly BreachedEmail Security Is Stuck in the Antivirus Era: Why It Needs a Modern ApproachFrance's warship builder Naval Group investigates 1TB data breachFree Tool Autoswagger Finds The API Flaws Attackers Hope You Miss“Hello, stranger:” romance emails snare German victims in a malware trapHow to fight document fraud with the latest tech tools“I hope it's not part of the exploding program:” users angry after this Google Pixel model catches fireIndian Payment Gateway Airpay Allegedly BreachedKenya records historic cyber attack surge with 4.6 billion threats in four months this yearMajor rise in global email impersonation threatsMalicious ISO File Used in Romance Scam Targeting German SpeakersNation Group Hit by 200 Million Cyberattacks Amid Thai-Cambodian TensionsNaval Group Denies Hack Claims, Alleges "Reputational Attack"New Scattered Spider Tactics Target VMware vSphere EnvironmentsPro-Ukrainian hackers claim responsibility for a massive cyberattack on Russia’s AeroflotRussia's Aeroflot cancels dozens of flights after alleged cyberattack by pro-Ukraine hackersScattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. InfrastructureScattered Spider targets VMware ESXi in using social engineeringThe CISO’s challenge: Getting colleagues to understand what you doThe legal minefield of hacking backThird-Party Breach Impacts Majority of Allianz Life US CustomersUK online crackdown sparks VPN downloads and Wikipedia's legal battleUS Woman Gets Eight Years for Part in $17m North Korean SchemeVietnamese Logistics Firm EupFin Allegedly Breached – Full Admin Access and Customer Database for SaleVulnhuntr: Open-source tool to identify remotely exploitable vulnerabilitiesYour supply chain security strategy might be missing the biggest risk27/07Allianz Life data breach exposed the data of most of its 1.4M customersAllianz Life Insurance Data Breach – 1.4 Million Customers’ Data at RiskAllianz Life says majority of US customers’ data stolen in hackCrypto Traders Alert: Phishing Scams Target MistTrack Users Through Malicious Google AdsScattered Spider is running a VMware ESXi hacking spreeTaliban fighters 'have been brought to the UK on secret airlift flights' after Afghanistan data breach revealed by the MailLAST WEEK - ÚLTIMA SEMANADaily News - Julho (20/07 - 26/07) - 30 Semana de 2025
Comentários