Red Hat Hackers Team Up With Scattered Lapsus$ Hunters
Red Hat Hackers Team Up With Scattered Lapsus$ Hunters Summary Crimson Collective — a new extortion-focused crime group — claims to have breached a self-managed GitLab instance used by Red…
Red Hat Hackers Team Up With Scattered Lapsus$ Hunters Summary Crimson Collective — a new extortion-focused crime group — claims to have breached a self-managed GitLab instance used by Red…
LockBit, Qilin & DragonForce Join Forces in Ransomware ‘Cartel’ Summary Three major ransomware and extortion groups — LockBit, Qilin and DragonForce — have announced a coalition-style collaboration, inviting other cybercriminal…
Framelink Figma MCP Server Opens Orgs to Agentic AI Compromise Summary A high-severity command-injection flaw (CVE-2025-53967, CVSS 7.5) was discovered in Framelink’s Figma MCP server integration. The vulnerability exists in…
Medusa Ransomware Actors Exploit Critical Fortra GoAnywhere Flaw Summary Threat actors deploying Medusa ransomware (linked to Storm-1175) have been observed exploiting a maximum-severity deserialization vulnerability in Fortra’s GoAnywhere managed file…
GitHub Copilot ‘CamoLeak’ AI Attack Exfiltrates Data Summary Researcher Omer Mayraz (Legit Security) demonstrated a proof-of-concept called “CamoLeak” that can coax GitHub Copilot into leaking small but sensitive items —…
SonicWall: 100% of Firewall Backups Were Breached Summary SonicWall has updated its incident disclosure to say that an earlier-reported cloud backup breach affected firewall configuration backup files for every customer…
Take Note: Cyber-Risks With AI Notetakers Summary AI notetaking tools — whether built into meeting platforms or run as third-party apps like Granola or Limitless — are now common in…
Chinese Hackers Use Velociraptor IR Tool in Ransomware Attacks Summary Researchers from Cisco Talos observed China-based threat group Storm-2603 (also tracked as Gold Salem) abusing the open-source DFIR tool Velociraptor…
Deepfake Awareness High at Orgs, But Cyber Defences Badly Lag Summary Organisations are increasingly encountering AI-augmented deepfake attacks — from AI-crafted phishing emails to audio and video impersonations — yet…
Microsoft Drops Terrifyingly Large October Patch Update Summary Microsoft’s October Patch Tuesday is enormous: 175 CVEs were patched, including multiple zero-days that are already being exploited and several flaws Microsoft…