Daily News - Outubro (05/10 - 11/10) - 41 Semana de 2025Felipe Prado5 de out.13 min de leituraAtualizado: 12 de out.11/10Asahi Cyber Attack Reinforces the Global Need for Retail Security – cybersecurity experts commentsCity of Michigan City confirms network disruption was ransomware incidentCrypto Betting Site Shuffle Hit by Massive Data BreachDeadline passes on ransom to stop 5.7m Qantas customer records being leakedDiscord notifies 70,000 users after third-party data breach exposes government ID imagesExperts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 AccountsHackers leak Qantas data containing 5 million customer records after ransom deadline passesHackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware AttacksHow hackers forced brewing giant Asahi back to pen and paperJapan’s Asahi Beer Shortage Deepens After Cyber Attack Cripples ProductionNASCAR’s RFK Racing Sued in Class-Action Over Data Breach: A Stark Warning for All MotorsportsProsecutors seek 7-year prison term for ‘sophisticated’ PowerSchool hackerQantas hit by major data breach as hackers leak 5 million customer recordsShuffle Data Breach: Major Crypto Casino Hit by Third-Party CRM AttackSpain dismantles “GXC Team” cybercrime syndicate, arrests leaderSpeeding ticket phishing scam circulating in Quinte WestVelociraptor used in active attacks to distribute LockBit and Babuk ransomware10/10$21 Million Crypto Theft on Hyperliquid Tied to Private Key Leak175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign85,000 Pet and Pet Owner Records ExposedAkira Ransomware Group Claims Hits Carlson Building Maintenance and Five Star Mechanical IncAll SonicWall firewall cloud backups stolen, admins urged to act immediatelyAnthropic says it’s easy to poison LLMs, no matter what size they areApple offers $2 million for zero-click exploit chainsAttackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)Aussie power supply maker warns customers of possible phishing exposureBreachForums Seized by FBI and Global Partners in TakedownChatGPT Under Fire: NSW Flood Recovery Data Breach Exposes 3,000 People’s Personal InformationCl0p found exploiting Oracle EBS zero-day months before critical patch releaseCL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software FlawCreatorlink Data Breach Exposes Over 575,000 User RecordsData breach at Camden accounting firm leaves residents searching for answersData Breach Exposes Colombian Immigration Database RecordsDiscord breach of 70,000 customer IDs exposes cracks in third-party age verification services, experts sayDiscord data breach: Company clarifies 70,000 IDs leaked from third-party service provider, here’s what to doDiscord updates breach disclosure, government IDs of tens of thousands compromisedFalco Electronics Targeted in Black Shrantac Ransomware AttackFBI 'seizes and destroys' website linked to hackers threatening to release Qantas customers' dataFBI seizes clear web domain linked to Scattered Lapsus$ HuntersFBI takes down BreachForums portal used for Salesforce extortionFrom Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 ExploitationFrom theory to training: Lessons in making NICE usableGlobal Cyberattacks Using 175 Malicious npm Packages and 26,000 Downloads Against Technology and Energy CompaniesGoogle: Clop Accessed “Significant Amount” of Data in Oracle EBS ExploitGoogle Issues Alert on CL0P Ransomware Actively Exploiting Oracle E-Business Suite Zero-DayGoogle Launches AI Bug Bounty with $30,000 Top RewardGoogle researchers say Oracle EBR hackers have hit dozens of organizationsHackers infiltrate Discord’s ID checks, and it's bad news — 70,000 users' personal data exposedHandala Hack Team Claims Major Data Breach of Delek GroupJaguar Land Rover Resumes Production Following Significant CyberattackK-12 districts are fighting ransomware, but IT teams pay the priceKuwaiti Construction Firm Data Breach: 37TB for SaleLLM-enabled MalTerminal Malware Leverages GPT-4 to Generate Ransomware CodeLockBit, Qilin, DragonForce join forces as ransomware cartelMicrosoft: Cyber gang hijacks university salaries via Workday accountsMicrosoft Warns of 'Payroll Pirates' Hijacking HR SaaS Accounts to Steal Employee SalariesMicrosoft Warns of “Payroll Pirate” Phishing Attacks Targeting US Universities and Workday SystemsNagios: Open-source monitoring solutionOctober 2025 Patch Tuesday forecast: The end of a decade with MicrosoftOpen-source DFIR Velociraptor was abused in expanding ransomware efforts‘Payroll Pirate’ Attacks Target U.S. Universities, Diverting Employee SalariesPoland blames Russia as cyberattacks on critical systems risePro-Russia Hacktivists “Claim” Attack on Water Utility HoneypotRansom Group LockBit Forms ‘Unholy Alliance’ to Escalate AttacksRondoDox Botnet targets 56 flaws across 30+ device types worldwideSecuring agentic AI with intent-based permissionsSenators Peters and Rounds Introduce Bipartisan Bill to Restore Cybersecurity ProtectionsShinyHunters Attempts Extortion of Red Hat, Releases Stolen Data SamplesShuffle.com confirms data breach through third-party provider Fast TrackSonicWall SSL VPN Devices Targeted by Threat Actors to Distribute Akira RansomwareStealit Malware Abuses Node.js Single Executable Feature via Game and VPN InstallersTexas police accused of using surveillance data to hunt woman over abortionThe number of ransomware groups rockets as new, smaller players emergeThey were victims of a massive data breach in 2009. Their employer denied it for a decadeThis huge data breach is why I'll never provide my ID onlineTraxNYC Luxury Jeweler Hit by Major Data Breach‘Trinity of Chaos’ ransomware collective launches data leak siteWhat Does The Recent Discord Data Breach Say About Risks Of Age Verification Laws?‘What If Cybercrime Becomes As A Service’? Microsoft Sounds Alarm On This Growing BusinessYour SOC is tired, AI isn’t09/10All SonicWall Cloud Backup Users Have Firewall Configuration Files StolenAsahi Resumes Production After Ransomware Attack Disrupts OperationsAttackers compromised ALL SonicWall firewall configuration backup filesAzure outage blocks access to Microsoft 365 services, admin portalsBehind the screens: Building security customers appreciateCalifornia enforces browser-level privacy controls, but will companies respect them?Casino giant sued by employee over data breach that exposed Social Security numbersCISA Warns of Actively Exploited Zero-Day XSS Flaw in Zimbra Collaboration SuiteClayRat campaign uses Telegram and phishing sites to distribute Android spywareClayRat Spyware Campaign Targets Android Users in RussiaCritical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder ThemeCrypto drainers experiment with new ways to hide malware and steal fundsCVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accountsData Breach at Chile’s National Register of Motor Vehicles (SRCEI)Data leak at global e-Commerce giant VTEX exposes six million shoppers’ personal informationDiscord Data Breach Exposes ID Photos of 70,000 Users Through Third-Party CyberattackDiscord denies massive breach, confirms limited exposure of 70K ID photosDiscord Says Hackers Stole 70,000 ID Photos, Dismisses Extortion ClaimsDraftKings admits to another credential stuffing breach exposing customer dataFake Teams Installers Dropping Oyster Backdoor (aka Broomstick)Fake TikTok and WhatsApp Apps Infect Android Devices with ClayRat SpywareFrom HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage MalwareFrom infostealer to full RAT: dissecting the PureRAT attack chainFrom Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on UkraineHackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security ChecksHackers leveraging Teams to drop malware, steal data, Microsoft warnsHackers now use Velociraptor DFIR tool in ransomware attacksHacktivists target critical infrastructure, hit decoy plantHigh Number of Windows 10 Users Remain as End-of-Life LoomsICO’s £7.5m Clearview AI Fine a Step Closer After Legal VictoryInstagram glitch exposes private notes, users are panickingKFC Venezuela Customer and Order Database Leaked for SaleLegit tools, illicit uses: Velociraptor, Nezha turned against victimsLightship Security and the OpenSSL Corporation Submit OpenSSL 3.5.4 for FIPS 140-3 ValidationMicrosoft 365 Outage Disrupts Teams, Azure, and Global ServicesMicrosoft Defender mistakenly flags SQL Server as end-of-lifeMicrosoft: Hackers target universities in “payroll pirate” attacksMicrosoft Windows 10 is approaching its expiration date. What should you do?Microsoft: Windows Backup now available for enterprise usersNCSC: Observability and Threat Hunting Must ImproveNew Chaos-C++ Ransomware Targets Windows by Wiping Data, Stealing CryptoNew ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok AppsOMH SCIENCE Group Targeted in Network Access BreachOutdated encryption leaves crypto wide openQuebec schools app leaks kids' data, sparking outrageRansomware gang claims San Francisco’s Cal Club, exposing members of exclusive golf clubResearchers develop AI system to detect scam websites in search resultsResearchers Warn of Security Gaps in AI BrowsersRondoDox botnet targets 56 n-day flaws in worldwide attacksRussia is paralyzing Europe with hybrid warfare, and we must act now, Von der Leyen warnsSaaS Breaches Start with Tokens - What Security Teams Must WatchScattered LAPSUS$ Hunters claims Dell, Telstra, other major firmsSix metrics policymakers need to track cyber resilienceSonicWall: Firewall configs stolen for all cloud backup customersSonicWall Says All Firewall Backups Were Accessed by HackersSquareX Shows AI Browsers Fall Prey to OAuth Attacks, Malware Downloads and Malicious Link DistributionTelstra Denies Cyberattack Claims Amidst Ransom Threats from Scattered SpiderThe Power of Two: Why MFA Matters More Than EverThe ultimate business resiliency test: Inside Kantsu's ransomware responseThreat actors steal firewall configs, impacting all SonicWall Cloud Backup usersTurning the human factor into your strongest cybersecurity defenseYour Shipment Notification is Now a Malware Dropper08/10A Man and boy arrested for Kido Schools hack n data breachAcuna Fombona (AFOM) Targeted in Space Bears Ransomware AttackAI girlfriend can’t keep a secret: app leaks intimate conversations of 400K+ usersAkira Ransomware Attack Hits Cerenade Technology, Harbor Diesel & Equipment, J. Lorber CompanyAnti-porn Michigan Republican denies connection to data breach info leaked from hookup, webcam siteAPT Hackers Exploit ChatGPT to Create Sophisticated Malware and Phishing EmailsAvnet confirms data breach affecting EMEA operations, says stolen data mostly unreadableBK Technologies Data Breach Exposes Sensitive InformationBybit Theft Drives Record-Breaking $2bn Haul for North KoreaCalling All Influencers: Spear-Phishers Dangle Tesla, Red Bull JobsCharter Industrial Supply Hit by Sarcoma Ransomware AttackChinese Hackers Weaponize Open-Source Nezha Tool in New Attack WaveCrimson Collective hackers target AWS cloud instances for data theftCritical Figma MCP Server Flaw Allows Remote Code ExecutionCyber-Attack Contributes to Huge Sales Drop at Jaguar Land Rover (JLR)Developing economies are falling behind in the fight against cybercrimeDigital Fraud Costs Companies Worldwide 7.7% of Annual RevenueDragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscapeGlobal Data Breaches and Cyber Attacks in September 2025: Nearly 2 Million Records Exposed and Potentially 1.5 Billion MoreHackers exploit auth bypass in Service Finder WordPress themeHackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing AttacksHackers leveraging Teams to drop malware, steal data, Microsoft warnsIllinois man files lawsuit against RFK Racing over data breach potentially affecting 100 peopleJaguar Land Rover (JLR) launches phased restart at Solihull factories after cyber attackLaw Enforcement Pressure is Reshaping the Global Ransomware Threat LandscapeLockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware EcosystemLondon police arrests suspects linked to nursery breach, child doxingMet Police Arrest Two Teens in Connection with Kido AttackMitigating the Risk of Triple-Extortion Ransomware AttacksNational Union of Israeli Students Suffers Major Data BreachNezha Tool Used in New Cyber Campaign Targeting Web ApplicationsNew Shuyal Stealer Targets 17 Web Browsers for Login Data and Discord TokensNorth Korean crypto hackers have already stolen $2B this yearNow Book It Data Breach Exposes Over 10 Million RecordsOpenAI bans Chinese, North Korean hacker accounts using ChatGPT to launch surveillanceOpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for CyberattacksOpenAI Finds Growing Exploitation of AI Tools by Foreign Threat GroupsPhilippines’ Full Disclosure Policy Portal (FDPP) Suffers Data BreachPhishing scam targets Brunswick County Schools staff and studentsPolish cyber forces warn of new WhatsApp scam spread through friends’ accountsQantas among nearly 40 companies facing ransom demand from hacker groupQilin ransomware claims Asahi brewery attack, leaks dataQuebec schools app leaks kids' data, sparking outrageRansomware groups multiply as AI lowers entry barriersResearchers uncover ClickFix-themed phishing kitSalesforce Rejects Ransom Demand from Scattered LAPSUS$ GroupScattered LAPSUS$ Hunters Claims Breach of Dell, Telstra, Kuwait Airways, Lycamobile, Verizon and True Corporation & dtacSevere Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch NowTeen hackers arrested following preschool ransomware attackThe State of Ransomware in Healthcare 2025Third-Party Breach Exposes Sensitive UK Customer Data, Renault ConfirmsUK Police Arrest Two Teens Over Kido Nursery Ransomware AttackWestern Sydney University Targeted in Widespread Email Scam Causing Student DistressWhosarat Data Breach Exposes 30,000 User RecordsYurei Ransomware Leverages SMB Shares and Removable Drives to Encrypt Files07/1013-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code RemotelyAppLovin probed by US SEC over data-collection practices, Bloomberg News reportsAttackers Deployed Medusa Ransomware via GoAnywhere MFT Zero-DayBatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job SeekersBrightstar data breach being investigated by law firmClop exploited Oracle zero-day for data theft since early AugustCritical CVE-2025-27237 Vulnerability in Zabbix Agent for Windows Enables Privilege Escalation via OpenSSL MisconfigurationCrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025Cybersecurity’s next test: AI, quantum, and geopoliticsData Breach at Red Hat Exposes Thousands of High-Profile ClientsElectronics giant Avnet confirms breach, says stolen data unreadableGoogle's new AI bug bounty program pays up to $30,000 for flawsGoogle's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch ThemHarrods Data Breach Exposes Data of Over 433,000 CustomersHow to get better results from bug bounty programs without wasting moneyIs the CISO chair becoming a revolving door?Jaguar Land Rover production won’t be back in full capacity for “several weeks”Kuwait Ministry of Public Works (MPW) Hit by Massive Data BreachLautrec Hit by Akira RansomwareLogistics firms are underestimating the impact of a cyber attack, warns ParcelheroMicrosoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware CampaignMicrosoft kills more Microsoft Account bypasses in Windows 11Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa RansomwareNew Research: AI Is Already the 1 Data Exfiltration Channel in the EnterpriseNorth Korean hackers stole over $2 billion in crypto this yearNurtureCare Suffers Data Breach in Kairos Ransomware AttackOracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World AttacksOracle races to patch Zero-day exploited by Cl0p ransomware gangParkMobile data breach victims receive $1 parking credit, say it’s a “slap in the face”Proof-of-age ID leaked in Discord data breachQantas listed on ransomware leak site by Scattered Lapsus$ HuntersRansomware Attack on Asahi Infiltrates Network, Encrypts Critical InfrastructureRedefining Security Validation with AI-Powered Breach and Attack SimulationResearchers Uncover 13-Year-Old Redis Flaw Impacting Nearly 330,000 InstancesScattered Spider Moves from Data Leaks to Insider-Powered Access Markets Targeting Microsoft, Apple, and MoreShinyHunters Unleashes Salesforce Data Leak Site, Targets 39 Victims for ExtortionSinobi Ransomware Attack Hits Law Offices of James Scott Farrin and Rogue Valley DoorSteam, Riot Games hit by disruptions: massive DDoS attack suspectedSunweb Group discloses data breach, warns customers of phishing attemptsT. Choithram And Sons Suffers Ransomware Attack and Data BreachThe architecture of lies: Bot farms are running the disinformation warTheFoat Data Breach Exposes 1.9 Million User RecordsTreasure Coast Hospice notifies 13,000 patients of data breach following email compromiseUniversity Hospitals Plymouth apologizes after email blunder exposes patients’ addressesU.S. CISA adds Oracle, Mozilla, Microsoft Windows, Linux Kernel, and Microsoft IE flaws to its Known Exploited Vulnerabilities catalogUUSLOT Gambling Website Data Breach Exposes Player DataVanan Online Services Hit by KillSec Ransomware AttackXWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities06/105 Critical Questions For Adopting an AI Security Solution62% of Gen Z engaged with phishing scamsAkira Ransomware Group Claims Natoli Engineering, Field and Goldberg LLC, and Saskarc IncAsahi Confirms Ransomware Attack, Data Stolen from ServersBeer Giant Asahi Says Data Stolen in Ransomware AttackChinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS ServersCISOs rethink the security organization for the AI eraCl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)Cyber authorities ring alarm bell over actively exploited Oracle E-Business Suite bugDefending against database ransomware attacksDeFi platform Abracadabra. money hit by hackers for the third time, losing $20M+ in totalDiscord confirms data breach after third-party support vendor compromisedDoctors Imaging Group Suffers Data Breach – 171800+ Users Data ExposedEuropol Calls for Stronger Data Laws to Combat CybercrimeHacker Group claims major theft of Red Hat repositoriesHackers launch data leak site to extort 39 victims, or SalesforceHow to succeed at cybersecurity job interviewsHundreds of free VPNs offer 'no real privacy at all,' researchers warn - does yours?ING's CISO on How Emerging Tech and Regulations are Reshaping Cybersecurity in FinanceInvasão hacker e criptomoedas motivaram Youtube a retirar canal da Câmara de Joinville do arJaguar Land Rover set to restart production five weeks on from crippling cyber attackLessing's Data Breach: Personal Info Potentially ViewedLinkedIn sues ProAPIs for $15K/Month LinkedIn data scraping schemeLinkedIn sues ProAPIs for using 1M fake accounts to scrape user datamcvita.ru Data Breach Exposes Russian User DatabaseMeet ARGUS, the robot built to catch hackers and physical intrudersMicrosoft Blocks Inline SVG Images in Outlook to Combat Surging Phishing ThreatMicrosoft: Critical GoAnywhere bug exploited in ransomware attacksNew malware leverages WhatsApp to target Brazilian government and businessesNew Report Links Research Firms BIETA and CIII to China's MSS Cyber OperationsNorthern Rivers Resilient Homes Program data breachNSW Reconstruction Authority reports data breach linked to former contractor’s use of AI platformOld authentication habits die hardOracle lança patch para fechar vulnerabilidade explorada por hackersOracle patches critical E-Business Suite flaw exploited by Cl0p hackersOracle Patches CVE−2025−61882Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft AttacksOver 760,000 Affected in Major Security Breach at Motility SoftwarePartners in Pediatrics Data Breach AlertPhishing is old, but AI just gave it new lifeProxmox Mail Gateway: Open-source email security solution reaches version 9.0PT Surveyor Indonesia Data Breach Exposes Client DataRadiant Group won't touch kids' data now, but apparently hospitals are fair gameRainwalk Pet Insurance Exposes 158 GB of US Customer and Pet DataRansomware Gangs Exploit Remote Access Tools to Stay Hidden and Maintain ControlRansomware Group “Trinity of Chaos” Launches Data Leak SiteReading the ENISA Threat Landscape 2025 reportRedis warns of critical flaw impacting thousands of instancesRenault Informs Customers of Supply Chain Data BreachRenault warns customers after cyber attack on personal dataScanning of Palo Alto Portals Surges 500%Scattered LAPSUS$ Hunters Claims Red Hat, S&P Global BreachesSignal is asking Germany not to “capitulate” for client-side scanningSpyware Disguised as Signal and ToTok Apps Targets UAE Android UsersSteam and Microsoft warn of Unity flaw exposing gamers to attacksThe Expert View: Managing OT cyber-riskThe Expert View: Why AI risk is a people problem as much as a technology oneThe role of Artificial Intelligence in today’s cybersecurity landscapeThieves steal IDs and payment info after data leaks from Discord support vendorThousands affected by AI-linked data breach in New South WalesXWorm malware resurfaces with ransomware module, over 35 pluginsZeroday Cloud hacking contest offers $4.5 million in bountiesZimbra users targeted in zero-day exploit using iCalendar attachmentsZimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS FilesWorldleaks Ransomware Hits CHRIST Juweliere and Centers LaboratoryYour gaming mouse can easily eavesdrop: here's how05/10Apple in the crosshairs? Alleged 9GB data breach claim on DarkforumsDiscord says customer service provider hack exposed user IDs, support chatsFrom Fields to Servers: Cybercrime's Growing Grip on the Global Food IndustryHacker Bjorka Breaches Personal Data of 341,000 Indonesian National Police PersonnelHacker Group Claims Theft of Nearly 1 Billion Salesforce RecordsHackers exploited Zimbra flaw as zero-day using iCalendar filesInside the 'Trinity of Chaos' group of young hackers targeting major companiesJaguar Land Rover draws up 'radical lifeline' to end cyber attack chaosJapan Asahi Beer Brewery Nearly Dry Due To Ransomware AttackMajor hospitals hit by cyberattacks, patient data sold on hacker forums (Vietnam)Microsoft Outlook will no longer show inline SVG images regularly exploited in phishing attacksNSW Reconstruction Authority (NSWRA) suffers data breach for Resilient Homes Program applicantsOracle confirms the 'dangerous emails' that Google warned companies aboutOracle patches EBS zero-day exploited in Clop data theft attacksRansomware Group Claims Major Breach of Israeli Hospital’s Data SystemsSalesforce Data Breach: Hackers Claim Theft of 1 Billion Customer RecordsSix out of 10 UK secondary schools hit by cyber-attack or breach in past yearYou Were Right To Be Worried About Age Verification Systems, Because Discord's Just LeakedYour Government ID May Have Been Accessed in Discord's Data BreachLast Week - Ultima SemanaDaily News - Setembro / Outubro (28/09 - 04/10) - 40 Semana de 2025
Comentários