Latest Security News Collection

UK Retail Giant Co-op Suffers Major Cyberattack
Section titled “UK Retail Giant Co-op Suffers Major Cyberattack”#CyberAttack #RetailSecurity #Ransomware #DataBreach #UKCybercrime #CoopHack #FinancialImpact #CyberThreats #BusinessContinuity #SecurityAwareness
British retailer Co-op disclosed a cyberattack that significantly impacted its operations, shaving approximately $275 million off its revenue. The breach targeted internal systems, disrupting logistics and customer-facing services. While the company has not revealed the exact nature of the attack, experts suspect ransomware or a coordinated intrusion. The incident highlights vulnerabilities in retail infrastructure and the growing financial toll of cybercrime on consumer-facing businesses.
→ Read more on therecord.media
#ZeroDay #ChromeExploit #GoogleSecurity #AIThreats #RowHammer #CyberVulnerabilities #PatchNow #ThreatIntel #BrowserSecurity #CyberAwareness
Google patched a critical zero-day vulnerability (CVE-2025-10585) in Chrome’s V8 engine, actively exploited in the wild. The flaw allows attackers to execute arbitrary code via type confusion. This marks the sixth Chrome zero-day this year. The report also highlights the rise of AI-powered hacking tools and a new RowHammer attack on DDR5 RAM. The rapid evolution of threats underscores the need for proactive patching and threat intelligence.
→ Read more on thehackernews.com
#CiscoZeroDay #FirewallExploit #RayInitiator #LINEVIPER #UKCyberSecurity #AdvancedThreats #PatchUrgently #NetworkSecurity #CyberAwareness #Infosec
The UK’s National Cyber Security Centre (NCSC) reported that attackers exploited two Cisco firewall zero-day vulnerabilities (CVE-2025-20362 & CVE-2025-20333) to deploy malware strains RayInitiator and LINE VIPER. These advanced threats indicate a shift toward stealthy, persistent intrusions targeting critical infrastructure. Cisco has issued patches, and organisations are urged to update immediately.
→ Read more on securityaffairs.com
#HealthcareBreach #BianLian #RansomwareAttack #PatientData #MedicalPrivacy #CyberCrime #HIPAA #HealthSecurity #DataProtection #CyberThreats
Two medical clinics in North Carolina and Florida are notifying 700,000 patients of data breaches linked to the BianLian ransomware gang. The attacks compromised sensitive health data, including personal identifiers and medical records. Though BianLian is reportedly dormant, its past operations continue to affect victims. The healthcare sector remains a prime target due to its rich data and often outdated security infrastructure.
→ Read more on bankinfosecurity.com
Capgemini Data Leak Exposes Sensitive Info
Section titled “Capgemini Data Leak Exposes Sensitive Info”#CapgeminiBreach #DataLeak #SourceCodeTheft #InsiderThreats #CyberEspionage #SupplyChainRisk #CredentialExposure #InfosecNews #HackAlert #CyberCrime
A hacker known as “grep” leaked 20GB of data allegedly stolen from Capgemini, including source code, credentials, private keys, and employee data. The breach was announced on BreachForums and includes sensitive client infrastructure details. Capgemini has yet to confirm the breach publicly. The leak raises concerns about supply chain risks and insider threats in large IT consultancies.
→ Read more on theregister.com
Delaware Health System Settles Rhysida Ransomware Lawsuit
Section titled “Delaware Health System Settles Rhysida Ransomware Lawsuit”#RhysidaRansomware #HealthcareBreach #LegalSettlement #PatientPrivacy #CyberLitigation #MedicalData #CyberSecurityLaw #DataProtection #InfosecCompliance #RansomwareImpact
Bayhealth Medical Center in Delaware agreed to a preliminary settlement following a class-action lawsuit stemming from a Rhysida ransomware attack that affected nearly 500,000 individuals. The breach exposed medical and personal data. The case underscores the legal and financial consequences of ransomware in the healthcare sector and the importance of robust incident response.
→ Read more on databreachtoday.com
Fortra GoAnywhere Flaw Exploited Before Disclosure
Section titled “Fortra GoAnywhere Flaw Exploited Before Disclosure”#GoAnywhereExploit #FortraHack #ZeroDayAttack #RemoteCodeExecution #CyberVulnerability #PatchManagement #ThreatDetection #InfosecAlert #CyberAwareness #SecurityFlaw
Hackers exploited a critical flaw in Fortra’s GoAnywhere Managed File Transfer (CVE-2025-10035) a week before public disclosure. The vulnerability allowed remote code execution and was actively used in targeted attacks. WatchTowr Labs confirmed exploitation in the wild. This incident highlights the risks of delayed vulnerability disclosure and the importance of proactive monitoring.
→ Read more on securityaffairs.com
Everest Ransomware Claims Mailchimp Breach
Section titled “Everest Ransomware Claims Mailchimp Breach”MailchimpBreach #EverestRansomware #DataLeak #CyberExtortion #CRMExport #PhishingRisk #CyberThreats #SecurityDenial #DoubleExtortion #InfosecNews
The Everest ransomware group claims to have breached Mailchimp, leaking a 767MB database with nearly 1 million records. The data reportedly includes internal documents and customer information. However, Mailchimp denies any breach, stating no evidence of data exfiltration. Analysts suggest the leaked data may stem from CRM exports rather than core systems. Everest, known for double-extortion tactics, has previously targeted high-profile entities like NASA and Coca-Cola. The incident raises questions about data provenance and the credibility of ransomware claims.
→ Read more on it-daily.net
#SalesforcePatch #AgentforceAI #PromptInjection #CRMDataLeak #AIThreats #EnterpriseSecurity #DataExfiltration #CyberVulnerability #InfosecAlert #AIProtection
Salesforce patched a critical vulnerability in its Agentforce AI tool, which could have allowed attackers to exploit indirect prompt injection to steal sensitive CRM data. The flaw was discovered by researchers and posed a serious risk to customer leads and personal information. The incident highlights the emerging threat landscape around AI-powered enterprise tools, where prompt manipulation can lead to data exfiltration. Salesforce acted swiftly, but the case underscores the need for robust AI security frameworks.
→ Read more on databreachtoday.com
#RaccoonO365 #PhishingNetwork #Microsoft365Hack #CloudflareTakedown #CredentialTheft #PhaaS #CyberCrime #AIPhishing #MFABypass #InfosecOps
Microsoft and Cloudflare dismantled the RaccoonO365 phishing-as-a-service network, seizing 338 domains used to steal over 5,000 Microsoft 365 credentials across 94 countries. The service, marketed via Telegram, enabled attackers to bypass MFA and impersonate brands like Microsoft and DocuSign. The takedown marks a strategic shift toward large-scale infrastructure disruption. The group’s operator, allegedly based in Nigeria, remains at large. The campaign’s use of AI and CAPTCHA evasion techniques reflects the growing sophistication of phishing operations.
→ Read more on thehackernews.com

+49 89 360 5310 | security-awareness@metafinanz.de
The editors are not responsible for the content of each article.