Qantas says customer data released by cyber criminals months after cyber breach

Australia’s Qantas Airways said on Sunday that it was one of the companies whose customer data had been published by cybercriminals after it was stolen by a hacker in a July breach of a database containing the personal information of Read More …

The Golden Scale: Bling Libra and the Evolving Extortion Economy

In recent months, threat actors claiming to be part of a new conglomerate dubbed Scattered Lapsus$ Hunters (aka ​​SP1D3R HUNTERS, SLSH) have asserted responsibility for laying siege to customer Salesforce tenants as part of a coordinated effort to steal data Read More …

Inside Russian Market: Uncovering the Botnet Empire

The online cybercrime marketplace, Russian Market, has evolved from selling Remote Desktop Protocol (RDP) access to becoming one of the most active underground hubs for information-stealing malware logs, where stolen user credentials are traded daily. Each compromised login represents a Read More …

Hack on Japan’s biggest brewer renews concerns over cyberattack readiness

Japan’s favorite beer brand is reeling from a cyberattack that paralyzed its production last week. Its factories have started brewing again, and some truckloads of beer are leaving its warehouses, but the attack has spotlighted the poor cybersecurity readiness among Read More …

Hacking group claims theft of 1 billion records from Salesforce customer databases

A notorious predominantly English-speaking hacking group has launched a website to extort its victims, threatening to release about a billion records stolen from companies who store their customers’ data in cloud databases hosted by Salesforce. The loosely organized group, which Read More …

Self-Propagating Malware Spreading Via WhatsApp, Targets Brazilian Users

Trend Research is currently investigating an aggressive malware campaign that leverages online instant messaging platform WhatsApp as its primary infection vector. Unlike traditional attacks focused on theft or ransomware, this campaign is engineered for speed and propagation, abusing social trust Read More …

Cavalry Werewolf raids Russia’s public sector with trusted relationship attacks

BI.ZONE Threat Intelligence recorded Cavalry Werewolf activity from May to August 2025. In order to gain initial access, the attackers sent out targeted phishing emails disguising them as official correspondence from Kyrgyz government officials. The main targets of the attacks Read More …

Confucius Espionage: From Stealer to Backdoor

The Confucius group is a long-running cyber-espionage actor operating primarily across South Asia. First identified in 2013, the group is believed to have links to state-sponsored operations in the region. Over the past decade, Confucius has repeatedly targeted government agencies, Read More …

HSBC warns UK business banking customers of third-party data breach

HSBC has warned business banking customers that personal identification documents submitted during account applications may have been compromised following unauthorised access to a third-party platform. In an email sent to customers earlier this month, the bank confirmed that identity documents, Read More …

Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite

Phantom Taurus is a previously undocumented nation-state actor whose espionage operations align with People’s Republic of China (PRC) state interests. Over the past two and a half years, Unit 42 researchers have observed Phantom Taurus targeting government and telecommunications organizations Read More …