ShinyHunters Launches Data Leak Site: Trinity of Chaos Announces New Ransomware Victims Trinity of Chaos, linked to cybercrime groups like Lapsus$ and ShinyHunters, exploited Salesforce vulnerabilities to attack 39 companies, including Google and Cisco. They launched a TOR-based data leak site, threatening to release over 1.5 billion records if ransoms aren't paid. The FBI issued warnings about the risks of stolen data misuse.... 2025-10-3 22:33:21 | 阅读: 18 | 收藏 | Security Affairs - securityaffairs.com salesforce trinity dls ransomware

ProSpy, ToSpy malware pose as Signal and ToTok to steal data in UAE 研究人员发现两款安卓间谍软件ProSpy和ToSpy伪装成Signal和ToTok应用，在阿联酋通过伪造网站和社交工程手段窃取用户数据。这些恶意软件伪装成Signal加密插件或ToTok升级版本，诱导用户手动安装后持续窃取敏感信息。... 2025-10-3 13:44:5 | 阅读: 16 | 收藏 | Security Affairs - securityaffairs.com totok spyware prospy tospy malicious

ProSpy, ToSpy malware pose as Signal and ToTok to steal data in UAE ESET研究人员发现两个Android间谍软件活动ProSpy和ToSpy，伪装成Signal和ToTok应用，在阿联酋通过假冒网站和社会工程手段传播，窃取用户数据。... 2025-10-3 13:44:5 | 阅读: 18 | 收藏 | Security Affairs - securityaffairs.com totok spyware prospy malicious tospy

Google warns of Cl0p extortion campaign against Oracle E-Business users Google发现Cl0p勒索团伙向使用Oracle E-Business Suite的企业高管发送勒索邮件，声称窃取数据并索要高额赎金。攻击者可能利用默认密码重置功能获取有效凭证。FIN11团伙或参与其中，Cl0p曾利用零日漏洞攻击Accellion等软件。... 2025-10-3 05:21:58 | 阅读: 27 | 收藏 | Security Affairs - securityaffairs.com cl0p ransomware extortion mandiant fin11

CERT-UA warns UAC-0245 targets Ukraine with CABINETRAT backdoor CERT-UA警告UAC-0245组织利用恶意Excel XLL加载项传播CABINETRAT后门攻击乌克兰。该恶意软件通过伪装成合法工具传播，并具备反分析功能和多种数据收集能力。... 2025-10-2 18:1:26 | 阅读: 17 | 收藏 | Security Affairs - securityaffairs.com xll ukraine cabinetrat malicious 0245

Allianz Life data breach impacted 1.5 Million people Allianz Life数据泄露事件影响约150万人，涉及姓名、地址、出生日期和社会安全号码等信息。黑客通过社会工程手段入侵第三方CRM系统。尽管内部网络未受侵入，但调查仍在进行中。ShinyHunters黑客组织或与此事件相关，并泄露了超过280万条记录。受影响者将获得两年免费身份监控服务以防止身份盗窃。... 2025-10-2 14:13:43 | 阅读: 12 | 收藏 | Security Affairs - securityaffairs.com allianz security salesforce dates

Cybercrime group claims to have breached Red Hat ‘s private GitHub repositories 网络犯罪团伙Crimson Collective声称入侵了Red Hat的私人GitHub仓库，窃取了570GB数据，包括28,000个项目和800份客户参与报告（CER），涉及敏感网络信息。Red Hat确认了此次数据泄露，并采取补救措施，但强调事件不影响其他服务或产品安全。... 2025-10-2 10:37:5 | 阅读: 30 | 收藏 | Security Affairs - securityaffairs.com collective crimson security github cers

China-linked APT Phantom Taurus uses Net-Star malware in espionage campaigns against key sectors 中国关联的APT组织Phantom Taurus利用Net-Star恶意软件针对政府和电信机构实施间谍活动，采用独特战术持续两年。... 2025-10-2 07:40:57 | 阅读: 21 | 收藏 | Security Affairs - securityaffairs.com phantom taurus memory espionage

OpenSSL patches 3 vulnerabilities, urging immediate updates OpenSSL修复了三个漏洞，涉及密钥恢复、代码执行和拒绝服务攻击，并敦促用户立即更新以避免潜在风险。... 2025-10-1 20:15:47 | 阅读: 15 | 收藏 | Security Affairs - securityaffairs.com library tracked encryption 9231

Apple urges users to update iPhone and Mac to patch font bug 苹果发布iOS和macOS更新修复字体处理漏洞CVE-2025-43400，该漏洞可能导致拒绝服务或内存损坏。攻击者可利用此漏洞制作恶意字体引发应用崩溃或内存破坏，甚至可能远程执行代码控制设备。建议用户尽快更新以防范风险。... 2025-10-1 11:0:2 | 阅读: 16 | 收藏 | Security Affairs - securityaffairs.com memory attacker corruption attackers corrupt

WestJet confirms cyberattack exposed IDs, passports in June incident WestJet在6月遭遇网络攻击，影响内部系统和移动应用，导致客户护照、身份证等个人信息泄露。未涉及信用卡号等敏感数据。公司已采取措施应对，并提供24个月免费身份盗窃保护服务。... 2025-10-1 06:38:18 | 阅读: 14 | 收藏 | Security Affairs - securityaffairs.com westjet airline rewards canada security

Broadcom patches VMware Zero-Day actively exploited by UNC5174 Broadcom修复了六个VMware漏洞，包括 CVE-2025-41244（CVSS 7.8），该零日漏洞自 2024 年 10 月起被 UNC5174 利用以实现本地提权至 root。受影响版本包括 VMware Cloud Foundation、vSphere、Aria Operations、Tools 等多个系列。此外还修复了信息泄露和授权问题。... 2025-9-30 14:6:54 | 阅读: 13 | 收藏 | Security Affairs - securityaffairs.com broadcom unc5174 cloud aria 41244

UK convicts Chinese national in £5.5B crypto fraud, marks world’s largest Bitcoin seizure 一名中国籍女子因涉及55亿英镑的加密货币欺诈案在英国被判有罪，警方查获了61,000个比特币，创全球最大比特币 seizure记录。她通过虚假投资承诺欺骗了12.8万名受害者，并试图将赃款洗白用于购房。... 2025-9-30 13:21:38 | 阅读: 10 | 收藏 | Security Affairs - securityaffairs.com police seizure met laundering qian

U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog 美国网络安全机构CISA新增五项高危漏洞至已知被利用漏洞目录，涉及Adminer、Cisco IOS、Fortra GoAnywhere MFT、Libraesva ESG和Sudo产品。这些漏洞已被证实被积极利用，CISA要求联邦机构于10月20日前完成修复以应对潜在威胁。... 2025-9-30 09:7:17 | 阅读: 18 | 收藏 | Security Affairs - securityaffairs.com fortra goanywhere mft catalog

Asahi halts ordering, shipping, and customer service after cyberattack 日本最大啤酒商朝日集团因网络攻击暂停在日本的订购、运输和客服服务，目前未发生数据泄露，调查仍在进行中，恢复时间未知。... 2025-9-30 08:24:50 | 阅读: 16 | 收藏 | Security Affairs - securityaffairs.com asahi japan cyberattack ordering shipping

Scattered Spider, ShinyHunters Restructure – New Attacks Underway 三个网络犯罪组织LAPSUS$、ShinyHunters和Scattered Spider继续协调全球性网络攻击和勒索活动，涉及多个行业领域，并造成重大经济损失。... 2025-9-30 07:20:31 | 阅读: 21 | 收藏 | Security Affairs - securityaffairs.com spider scattered jlr resecurity extortion

UK grants £1.5B loan to Jaguar Land Rover after cyberattack 英国政府向捷豹路虎提供15亿英镑贷款担保以应对网络攻击影响，同时引发网络安全专家对政府支持计划可能助长网络犯罪的担忧。... 2025-9-29 20:22:34 | 阅读: 15 | 收藏 | Security Affairs - securityaffairs.com jlr jaguar rover loan cyberattack

Harrods alerts customers to new data breach linked to third-party provider 英国奢侈品百货公司哈罗德通过第三方供应商发生数据泄露，部分客户姓名和联系方式暴露。公司已通知受影响客户，并与网络安全专家合作调查和修复系统。此次事件与此前网络攻击无关，未涉及财务数据。... 2025-9-29 13:56:5 | 阅读: 13 | 收藏 | Security Affairs - securityaffairs.com harrods british notified security

Akira Ransomware bypasses MFA on SonicWall VPNs Akira 勒索软件通过绕过 SonicWall SSL VPN 的 OTP 多因素认证（MFA），利用从 CVE-2024-40766 漏洞获取的凭证或被盗 OTP 种子进行攻击。自 2025 年 7 月以来，该活动迅速影响多个行业，攻击者在短时间内完成横向移动和加密操作。尽管 SonicWall 发布了补丁，但入侵仍在发生。专家建议重置受影响设备的所有 SSL VPN 凭证以应对威胁。... 2025-9-29 10:52:14 | 阅读: 23 | 收藏 | Security Affairs - securityaffairs.com ransomware akira attackers otp 40766

Despite Russian influence, Moldova votes Pro-EU, highlighting future election risks 摩尔多瓦议会选举前遭遇俄网络攻击和混合战行动，副首相称系俄策划以破坏民主稳定。尽管面临干扰，摩总统政党仍以明显优势胜选。欧盟首次动用网络储备力量支持 Moldova 抵抗干预。... 2025-9-29 07:29:20 | 阅读: 14 | 收藏 | Security Affairs - securityaffairs.com moldova election russia minister deputy