Skip to content
Get weekly news collection

Latest Security News Collection

Security news collection - current edition

#CyberAttack #RetailSecurity #Ransomware #DataBreach #UKCybercrime #CoopHack #FinancialImpact #CyberThreats #BusinessContinuity #SecurityAwareness

British retailer Co-op disclosed a cyberattack that significantly impacted its operations, shaving approximately $275 million off its revenue. The breach targeted internal systems, disrupting logistics and customer-facing services. While the company has not revealed the exact nature of the attack, experts suspect ransomware or a coordinated intrusion. The incident highlights vulnerabilities in retail infrastructure and the growing financial toll of cybercrime on consumer-facing businesses.

→ Read more on therecord.media


#ZeroDay #ChromeExploit #GoogleSecurity #AIThreats #RowHammer #CyberVulnerabilities #PatchNow #ThreatIntel #BrowserSecurity #CyberAwareness

Google patched a critical zero-day vulnerability (CVE-2025-10585) in Chrome’s V8 engine, actively exploited in the wild. The flaw allows attackers to execute arbitrary code via type confusion. This marks the sixth Chrome zero-day this year. The report also highlights the rise of AI-powered hacking tools and a new RowHammer attack on DDR5 RAM. The rapid evolution of threats underscores the need for proactive patching and threat intelligence.

→ Read more on thehackernews.com


#CiscoZeroDay #FirewallExploit #RayInitiator #LINEVIPER #UKCyberSecurity #AdvancedThreats #PatchUrgently #NetworkSecurity #CyberAwareness #Infosec

The UK’s National Cyber Security Centre (NCSC) reported that attackers exploited two Cisco firewall zero-day vulnerabilities (CVE-2025-20362 & CVE-2025-20333) to deploy malware strains RayInitiator and LINE VIPER. These advanced threats indicate a shift toward stealthy, persistent intrusions targeting critical infrastructure. Cisco has issued patches, and organisations are urged to update immediately.

→ Read more on securityaffairs.com


#HealthcareBreach #BianLian #RansomwareAttack #PatientData #MedicalPrivacy #CyberCrime #HIPAA #HealthSecurity #DataProtection #CyberThreats

Two medical clinics in North Carolina and Florida are notifying 700,000 patients of data breaches linked to the BianLian ransomware gang. The attacks compromised sensitive health data, including personal identifiers and medical records. Though BianLian is reportedly dormant, its past operations continue to affect victims. The healthcare sector remains a prime target due to its rich data and often outdated security infrastructure.

→ Read more on bankinfosecurity.com


#CapgeminiBreach #DataLeak #SourceCodeTheft #InsiderThreats #CyberEspionage #SupplyChainRisk #CredentialExposure #InfosecNews #HackAlert #CyberCrime

A hacker known as “grep” leaked 20GB of data allegedly stolen from Capgemini, including source code, credentials, private keys, and employee data. The breach was announced on BreachForums and includes sensitive client infrastructure details. Capgemini has yet to confirm the breach publicly. The leak raises concerns about supply chain risks and insider threats in large IT consultancies.

→ Read more on theregister.com


#RhysidaRansomware #HealthcareBreach #LegalSettlement #PatientPrivacy #CyberLitigation #MedicalData #CyberSecurityLaw #DataProtection #InfosecCompliance #RansomwareImpact

Bayhealth Medical Center in Delaware agreed to a preliminary settlement following a class-action lawsuit stemming from a Rhysida ransomware attack that affected nearly 500,000 individuals. The breach exposed medical and personal data. The case underscores the legal and financial consequences of ransomware in the healthcare sector and the importance of robust incident response.

→ Read more on databreachtoday.com


#GoAnywhereExploit #FortraHack #ZeroDayAttack #RemoteCodeExecution #CyberVulnerability #PatchManagement #ThreatDetection #InfosecAlert #CyberAwareness #SecurityFlaw

Hackers exploited a critical flaw in Fortra’s GoAnywhere Managed File Transfer (CVE-2025-10035) a week before public disclosure. The vulnerability allowed remote code execution and was actively used in targeted attacks. WatchTowr Labs confirmed exploitation in the wild. This incident highlights the risks of delayed vulnerability disclosure and the importance of proactive monitoring.

→ Read more on securityaffairs.com


MailchimpBreach #EverestRansomware #DataLeak #CyberExtortion #CRMExport #PhishingRisk #CyberThreats #SecurityDenial #DoubleExtortion #InfosecNews

The Everest ransomware group claims to have breached Mailchimp, leaking a 767MB database with nearly 1 million records. The data reportedly includes internal documents and customer information. However, Mailchimp denies any breach, stating no evidence of data exfiltration. Analysts suggest the leaked data may stem from CRM exports rather than core systems. Everest, known for double-extortion tactics, has previously targeted high-profile entities like NASA and Coca-Cola. The incident raises questions about data provenance and the credibility of ransomware claims.

→ Read more on it-daily.net


#SalesforcePatch #AgentforceAI #PromptInjection #CRMDataLeak #AIThreats #EnterpriseSecurity #DataExfiltration #CyberVulnerability #InfosecAlert #AIProtection

Salesforce patched a critical vulnerability in its Agentforce AI tool, which could have allowed attackers to exploit indirect prompt injection to steal sensitive CRM data. The flaw was discovered by researchers and posed a serious risk to customer leads and personal information. The incident highlights the emerging threat landscape around AI-powered enterprise tools, where prompt manipulation can lead to data exfiltration. Salesforce acted swiftly, but the case underscores the need for robust AI security frameworks.

→ Read more on databreachtoday.com


#RaccoonO365 #PhishingNetwork #Microsoft365Hack #CloudflareTakedown #CredentialTheft #PhaaS #CyberCrime #AIPhishing #MFABypass #InfosecOps

Microsoft and Cloudflare dismantled the RaccoonO365 phishing-as-a-service network, seizing 338 domains used to steal over 5,000 Microsoft 365 credentials across 94 countries. The service, marketed via Telegram, enabled attackers to bypass MFA and impersonate brands like Microsoft and DocuSign. The takedown marks a strategic shift toward large-scale infrastructure disruption. The group’s operator, allegedly based in Nigeria, remains at large. The campaign’s use of AI and CAPTCHA evasion techniques reflects the growing sophistication of phishing operations.

→ Read more on thehackernews.com

Contact us

+49 89 360 5310 | security-awareness@metafinanz.de

The editors are not responsible for the content of each article.