Chinese hackers pose a “highly sophisticated and capable” threat to the UK, GCHQ’s cyber security agency has warned. The warning came after the National Cyber Security Centre (NCSC) recorded a 50% increase in “highly significant” online incidents carried out by criminals and state-linked groups in the year to the end of August. The attacks on household names…
The new hacking group, which claimed to have stolen confidential source code and sensitive project files from SK Telecom last month, is now threatening to leak that data if the telecommunications giant doesn’t start negotiations. The previously unheard-of ransomware group, CoinbaseCartel, apparently hoping to garner attention for itself and get a ransom payout from the…
SonicWall recently disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. “The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could increase the risk of targeted attacks,” the company reported. It also noted that it’s working…
Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite extortion campaign, revealing the use of malware. Attackers exploited July-patched EBS flaws and likely a zero-day (CVE-2025-61882), sending extortion emails to company executives. In early October, Google Mandiant and Google Threat Intelligence Group (GTIG) researchers tracked a suspected Cl0p ransomware group’s activity, where threat actors were attempting…
C2A Security Acquires Vigilant Ops, Creating a Global Market-Leading AI-Powered Product Security Powerhouse, adding Tens of MedTech, Telecom and Defense Customers The acquisition delivers faster compliance, stronger supply-chain security, and unparalleled MedTech expertise, while positioning C2A Security for accelerated global growth Jerusalem, Israel, and Pittsburgh, USA, October 8, 2025 – C2A Security, the only context…
Researchers Uncover 13-Year-Old Redis Flaw Impacting Nearly 330,000 Instances The bug, tracked as CVE-2025-49844 and nicknamed RediShell, carried a top severity score — 10.0 on the CVSS scale — and affected every Redis release. An attacker with the ability to submit a Lua script — a capability that Redis supports by default — could trigger…
Crimson Collective, cyber criminal gang claims to have stolen nearly 570GB of compressed data across 28,000 internal development respositories, with the company confirming it was a breach of one of its GitLab instances. This data allegedly includes approximately 800 Customer Engagement Reports (CERs), which can contain sensitive information about a customer’s network and platforms. Red…
Britain’s beloved Harrods department store revealed on Sunday that 430,000 customers have been compromised in yet another cyberattack impacting the retailer in 2025 – this time, via one of its third-party vendors. Now, those same ransomware attackers have been reportedly contacting Harrods customers, ever since the retailer publicly declared it would not negotiate. Key takeaways:…
