U.S. federal authorities have established a new task force to disrupt Chinese cryptocurrency scam networks that defraud Americans of nearly $10 billion annually. […]
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets
The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign.
The activity, detected in early September 2025 and assessed to be ongoing, has been codenamed SpearSpecter by the Israel National Digital Agency (INDA).
“The
The activity, detected in early September 2025 and assessed to be ongoing, has been codenamed SpearSpecter by the Israel National Digital Agency (INDA).
“The
Checkout.com Discloses Data Breach After Extortion Attempt
The information was stolen from a legacy cloud file storage system, not from its payment processing platform.
The post Checkout.com Discloses Data Breach After Extortion Attempt appeared first on SecurityWeek.
Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack
The media company admitted that cybercriminals attempted to extort a payment after stealing personal information.
The post Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack appeared first on SecurityWeek.
Akira Ransomware Group Made $244 Million in Ransom Proceeds
Akira was seen exploiting SonicWall vulnerabilities and encrypting Nutanix Acropolis Hypervisor (AHV) VM disk files this year.
The post Akira Ransomware Group Made $244 Million in Ransom Proceeds appeared first on SecurityWeek.
Google backpedals on new Android developer registration rules
Google is backpedaling on its decision to introduce new identity verification rules for all developers, stating that it will also introduce accounts for limited app distribution and will allow users to install apps from unverified devs. […]
Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign
A financially motivated threat actor automated the package publishing process in a coordinated tea.xyz token farming campaign.
The post Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign appeared first on SecurityWeek.
Ransomware’s Fragmentation Reaches a Breaking Point While LockBit Returns
Key Takeaways:
85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date.
1,590 victims disclosed across 85 leak sites, showing high, sustained activity despite law-enforcement pressure.
14 new ransomware brands launched this quarter, proving how quickly affiliates reconstitute after takedowns.
LockBit’s reappearance with
Chinese Hackers Use Anthropic’s AI to Launch Automated Cyber Espionage Campaign
State-sponsored threat actors from China used artificial intelligence (AI) technology developed by Anthropic to orchestrate automated cyber attacks as part of a “highly sophisticated espionage campaign” in mid-September 2025.
“The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree – using AI not just as an advisor, but to execute the cyber attacks themselves,” the AI upstart
“The attackers used AI’s ‘agentic’ capabilities to an unprecedented degree – using AI not just as an advisor, but to execute the cyber attacks themselves,” the AI upstart
ASUS warns of critical auth bypass flaw in DSL series routers
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models. […]