Infosecurity News
UNC2891 Money Mule Network Reveals Full Scope of ATM Fraud Operation
A multi-year ATM fraud campaign by UNC2891 targeted two Indonesian banks, cloning cards, recruiting money mules and coordinating cash withdrawals
CISA Issues New Guidance on Bulletproof Hosting Threat
CISA launches guide to combat cybercrime via bulletproof hosting, recommending measures for ISPs
Supply Chain Breaches Impact Almost All Firms Globally, BlueVoyant Reveals
Despite a growing maturity of third-party risk management programs, supply chain attacks impacted more organizations in 2025 than in previous years
Gartner: 40% of Firms to Be Hit By Shadow AI Security Incidents
Gartner predicts that two-fifths of organizations will suffer security and compliance incidents due to shadow AI by 2030
UK, US and Australia Sanction Russian Bulletproof Hoster Media Land
Allies sanction bulletproof hoster Media Land and four executives
Europol Operation Disrupts $55m in Cryptocurrency For Piracy
Europe-wide Cyber-Patrol Week targeted IP violations, flagging 69 sites and disrupting $55m in crypto services
Eternidade Stealer Trojan Fuels Aggressive Brazil Cybercrime
Trustwave SpiderLabs has observed new banking Trojan Eternidade Stealer targeting Brazil using WhatsApp for propagation and data theft
PlushDaemon Hackers Unleash New Malware in China-Aligned Spy Campaigns
The cyber espionage group uses a previously undocumented network implant to drop two downloaders, LittleDaemon and DaemonLogistics, which deliver a backdoor
China-Linked Operation “WrtHug” Hijacks Thousands of ASUS Routers
SecurityScorecard has revealed a new Chinese campaign targeting thousands of ASUS routers globally
Half of Ransomware Access Due to Hijacked VPN Credentials
Beazley Security data finds the top cause of initial access for ransomware in Q3 was compromised VPN credentials
CISA 2015 Receives Extension, Offering Brief Relief for Cyber Information Sharing
One US cybersecurity leader described the short-term extension of the Cybersecurity Information Sharing Act as a “temporary patch” and called for a long-term solution
New npm Malware Campaign Redirects Victims to Crypto Sites
A new malware campaign has been observed built on seven npm packages and using cloaking techniques and fake CAPTCHAs, operated by threat actor dino_reborn
AI-Enhanced Tuoni Framework Targets Major US Real Estate Firm
A major US real estate firm has been targeted with an advanced intrusion attempt using Tuoni C2, combining social engineering, steganography and in-memory attacks
DoorDash Confirms Data Breach Exposing Customer Personal Information
DoorDash has confirmed an October 2025 data breach that exposed customer names, phone numbers, addresses and email details
GenAI and Deepfakes Drive Digital Forgeries and Biometric Fraud
Entrust says AI is helping fraudsters open new accounts and bypass biometric checks
Half a Million Stolen FTSE 100 Credentials Found on Criminal Sites
Socura finds 460,000 compromised credentials belonging to FTSE 100 company employees
Kraken Uses Benchmarking to Enhance Ransomware Attacks
Cisco Talos has observed overlaps between Kraken and the earlier HelloKitty cartel through attack tactics using SMB flaws for big-game hunting and double extortion
Europol Leads Takedown of Thousands of Extremist Gaming Links
Europol’s Referral Action Day removed extremist links across gaming and gaming-adjacent platforms, targeting radical content
Cyber Readiness Stalls Despite Confidence in Incident Response
New Immersive report finds cyber resilience and decision making are flatlining
US: Five Plead Guilty in North Korean IT Worker Fraud Scheme
The five defendants allegedly assisted North Korean hackers with obtaining remote IT employment with US companies
