Hackers have leaked data stolen from Qantas Airways after the airline missed a ransom deadline. The leak includes customer identifiers, flight data, and communication logs. Authorities are working with ACSC and AFP Cybercrime Operations to contain exposure and verify authenticity.
Spanish authorities have dismantled the notorious GXC Team cybercrime syndicate, arresting its leader and several members in a joint operation with Europol.
The group allegedly ran large-scale credential theft, malware distribution, and financial fraud campaigns targeting victims across Europe and beyond.
Researchers now track a widespread compromise of SonicWall SSL VPN accounts. Because attackers authenticate with valid credentials, defenders face rapid lateral movement and limited warning windows. Therefore, teams must review access logs, reissue secrets, and re-establish trust at the remote edge.
Hackers have corrupted trusted antivirus software installers, injecting malicious code that installs hidden malware instead of legitimate protection.
Security researchers warn that this supply chain compromise could expose enterprises and consumers to large-scale remote control and data theft.
Cybercriminals have found a way to turn Velociraptor an open-source DFIR and endpoint monitoring tool into a stealthy persistence mechanism, deploying hidden backdoors on compromised systems. Security researchers warn that trusted forensic tools are increasingly being repurposed for post-exploitation control.
A critical zero-day vulnerability in Gladinet’s CentreStack file-sharing software is being actively exploited by attackers, allowing full remote system access and potential data exfiltration. Enterprises are urged to apply temporary mitigations until an official patch becomes available.
China’s Ministry of State Security (MSS) has announced a bounty for information on members of Taiwan’s psychological warfare unit, accusing them of separatist activities and cyber influence campaigns. The move signals an escalation in cross-strait information warfare and a growing overlap between propaganda and cybersecurity operations.
Federal authorities dismantled the ShinyHunters group’s Salesforce-branded extortion site, marking a major victory against cybercrime networks that traded in stolen corporate data and customer credentials.
Apple has expanded its bug bounty program to reward researchers up to $2 million for zero-click exploit chains. Bonuses for Lockdown Mode bypasses and beta findings may push payouts even higher.
The ChaosBot malware campaign is exploiting Cisco VPN credentials and Active Directory passwords to infiltrate enterprise environments. By combining brute-force attacks with credential reuse, ChaosBot’s operators are building a fast-spreading botnet focused on corporate VPN and identity systems.