December 25, 2025

Kuaishou Cyberattack Disrupts Livestreaming, Triggers Sharp Stock Decline

Chinese short-video and livestreaming platform Kuaishou, a leading competitor to TikTok, experienced a highly coordinated cyberattack on December 22, 2025, around 10 p.m. local time, which significantly disrupted its core livestreaming operations. Organized criminal groups, often referred to as “black and grey industries,” used nearly 17,000 automated bots and AI-driven tools to overwhelm the platform. These bots flooded popular live […]
December 17, 2025

PDVSA Cyberattack Disrupts Administrative Systems, Oil Cargo Deliveries Suspended

Venezuela’s state-owned oil company, Petróleos de Venezuela S.A. (PDVSA), faced a major ransomware cyberattack detected days before December 15, 2025, severely disrupting its centralized administrative systems. Although PDVSA publicly insisted that oil production, refining, and domestic fuel distribution remained operational thanks to isolated security protocols the incident halted all oil cargo deliveries, stranding millions of barrels on tankers bound for […]
November 10, 2025

Critical vulnerability found in 7-Zip archiving tool

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-11001 (CVSS 7.0), was disclosed in the popular open-source 7-Zip archiving tool, affecting all versions before 25.00 released in July 2025. The flaw stems from improper handling of symbolic links in ZIP archives, enabling attackers to craft malicious files that allow directory traversal outside the intended extraction folder. When a user […]
November 9, 2025

Chinese Hackers Used Anthropic’s AI to Automate Cyberattacks

Anthropic, the developer of the Claude AI model, disclosed in mid-November 2025 that it disrupted the first documented large scale cyber-espionage campaign orchestrated primarily by artificial intelligence, attributed with high confidence to a Chinese state sponsored hacking group. Detected in mid-September 2025, the operation dubbed GTG-1002 involved hackers manipulating Anthropic’s Claude Code tool to automate intrusions against approximately 30 high-value […]
October 16, 2025

US Air Force warns of SharePoint data breach

The U.S. Air Force publicly acknowledged a significant data breach involving Microsoft SharePoint, which potentially exposed sensitive personal and health information of service members. According to an official notification circulated by the Air Force Personnel Center, the breach stemmed from misconfigured SharePoint permissions, resulting in the unauthorized access to Personally Identifiable Information (PII) and Protected Health Information (PHI). To mitigate […]
October 5, 2025

Allianz Life reveals almost 1.5m impacted by July data breach

Allianz Life Insurance Company of North America suffered a significant data breach impacting nearly 1.5 million individuals, including customers, financial professionals, and select employees. The breach occurred on July 16, 2025, when a malicious threat actor gained unauthorized access to a third-party, cloud based Customer Relationship Management (CRM) system used by Allianz Life via a social engineering attack, specifically a […]
September 29, 2025

Personal data potentially stolen in Asahi cyber-attack

Asahi Group Holdings, Japan’s largest brewer, was hit by a major ransomware attack, which forced the immediate shutdown of its domestic order placement, shipment, and customer service systems. The attack, attributed to the Russia-linked Qilin ransomware group, encrypted key IT infrastructure and disrupted nearly all digital business operations for Asahi’s beer and beverage products across Japan. As a consequence, the […]
September 15, 2025

Volvo North America confirms staff data stolen following ransomware attack on IT supplier

Volvo Group North America confirmed a significant data breach after its third-party human resources software provider, Miljodata, was struck by ransomware. The incident began on August 20, 2025, when attackers later identified as the Data Carry ransomware group gained access to Miljodata’s cloud-based HR management platform, which services numerous organizations across Sweden and North America. Miljodata discovered suspicious activity three […]
September 4, 2025

NightshadeC2: A New Botnet Is Using “UAC Prompt Bombing” to Bypass Windows Defender

Cybersecurity researchers identified a highly sophisticated botnet known as NightshadeC2, which employs an innovative technique called UAC Prompt Bombing to bypass Windows Defender and evade detection in malware analysis environments. The botnet is primarily distributed through trojanized versions of legitimate software, including VPN clients, system utilities, and file search applications. Social engineering tactics are used to trick users into executing […]
123456789101112131415161718192021222324252627282930313233343536
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.