News – October 2025

October 3, 2025

Trend Research is currently investigating an aggressive malware campaign that leverages online instant messaging platform WhatsApp as its primary infection vector. Unlike traditional attacks focused on theft or ransomware, this campaign is engineered for speed and propagation, abusing social trust and automation to spread among Windows users. Trend Research analysis identifies the campaign as SORVEPOTEL, and ...

October 2, 2025

Renault has become the most recent victim of a cyber attack. Customers of the French firm and its sister brand Dacia have been warned that their personal data, including postal addresses and emails, has been stolen by hackers. In an email sent out to customers, Renault said: “We are very sorry to inform you about a ...

October 2, 2025

The Confucius group is a long-running cyber-espionage actor operating primarily across South Asia. First identified in 2013, the group is believed to have links to state-sponsored operations in the region. Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and critical industries—especially in Pakistan—using spear-phishing and malicious documents as initial access ...

October 2, 2025

Red Hat has confirmed suffering a potentially serious data breach, but the company said it was not able to verify hacker claims of stolen customer secrets. A hacking group called Crimson Collective claims to have accessed Red Hat’s private GitHub repositories, and exfiltrated approximately 570GB of different files from 28,000 internal projects. Among the files were ...

October 1, 2025

The US Air Force is reportedly investigating a potential data breach caused by a Microsoft SharePoint issue. A report from The Register revealed the Air Force Personnel Center Directorate of Technology and Information issued a data breach notification shared on social media. “This message is to inform you of a critical Personally Identifiable Information (PII) and ...

October 1, 2025

The U.K. government is still trying to gain access to encrypted iCloud data, according to the Financial Times, after British officials allegedly filed a new secret order demanding Apple build a backdoor. On Wednesday, the British newspaper reported that the U.K. Home Office sent an order to Apple earlier in September requesting that the tech giant ...

October 1, 2025

When it comes to digital forensics, AmCache plays a vital role in identifying malicious activities in Windows systems. This artifact allows the identification of the execution of both benign and malicious software on a machine. It is managed by the operating system, and at the time of writing this article, there is no known way to ...

October 1, 2025

A new PDF phishing kit is being sold on the dark web, promising customers advanced features, a simple interface, and competitive pricing, experts have warned. Security researchers from Varonis spotted MatrixPDF, an advanced solution being advertised as a legitimate tool, despite being circulated around the dark web. Its full name is MatrixPDF: Document Builder – Advanced ...

October 1, 2025

Canada’s second largest airline WestJet said the personal information of 1.2 million passengers was stolen in a cyberattack and data breach earlier this year. The airline disclosed the number of affected passengers in a filing with Maine’s attorney general, which confirmed 240 residents in the state were also affected. According to the notice, the stolen data ...

October 1, 2025

The U.K. Government is seeking to keep most of the $7 billion in Bitcoin it seized in connection with a Chinese investment fraud, following the conviction of the fraud’s alleged organizer this week. Zhimin Qian pleaded guilty on counts of possessing and transferring criminal property at Southwark Crown Court on Monday, following last year’s conviction of ...