November 30, 2025

Spyware targeting messaging apps announced by CISA

CISA issued an urgent alert on November 24, 2025, warning of multiple cyber threat actors actively using commercial spyware to target users of popular mobile messaging apps like Signal, WhatsApp, and Telegram. These actors employ sophisticated social engineering and targeting techniques, such as malicious QR codes for device pairing, zero-click exploits that infect devices silently without user interaction, and fake […]
November 24, 2025

Cox Enterprises Oracle E-Business Suite Zero-Day Breach

Cl0p ransomware operators launched a targeted campaign against Cox Enterprises by exploiting a critical zero‑day vulnerability in Oracle E‑Business Suite (Oracle EBS), tracked as CVE‑2025‑61882, which allowed remote, unauthenticated access to one of the company’s most sensitive back‑office platforms. The intrusion window ran roughly between 9 and 14 August 2025 and went undetected until late September, giving attackers ample time […]
November 9, 2025

Chinese Hackers Used Anthropic’s AI to Automate Cyberattacks

Anthropic, the developer of the Claude AI model, disclosed in mid-November 2025 that it disrupted the first documented large scale cyber-espionage campaign orchestrated primarily by artificial intelligence, attributed with high confidence to a Chinese state sponsored hacking group. Detected in mid-September 2025, the operation dubbed GTG-1002 involved hackers manipulating Anthropic’s Claude Code tool to automate intrusions against approximately 30 high-value […]
October 20, 2025

Microsoft pins latest GoAnywhere MFT exploitation campaign on Medusa ransomware group

Microsoft has identified a cybercriminal group tracked as Storm-1175 as responsible for actively exploiting a critical deserialization vulnerability (CVE-2025-10035) in Fortra’s GoAnywhere Managed File Transfer (MFT) software. This vulnerability affects the License Servlet component and allows unauthenticated remote code execution (RCE) by processing attacker-controlled serialized data. The attackers leveraged this zero-day flaw to gain initial access to targeted networks by […]
October 5, 2025

Allianz Life reveals almost 1.5m impacted by July data breach

Allianz Life Insurance Company of North America suffered a significant data breach impacting nearly 1.5 million individuals, including customers, financial professionals, and select employees. The breach occurred on July 16, 2025, when a malicious threat actor gained unauthorized access to a third-party, cloud based Customer Relationship Management (CRM) system used by Allianz Life via a social engineering attack, specifically a […]
October 1, 2025

Homebuyers shrug off cybersecurity risks, even as scammers target property deposits

Many home buyers remain surprisingly unconcerned about cybersecurity risks despite a rise in scammers targeting property deposits. A recent report from InfoTrack shows that around half of Australians have little to no worry about sharing personal information during property transactions, even though the average deposit is now approximately $160,000. This complacency is alarming given the increasing number of cybercriminals exploiting […]
September 29, 2025

Personal data potentially stolen in Asahi cyber-attack

Asahi Group Holdings, Japan’s largest brewer, was hit by a major ransomware attack, which forced the immediate shutdown of its domestic order placement, shipment, and customer service systems. The attack, attributed to the Russia-linked Qilin ransomware group, encrypted key IT infrastructure and disrupted nearly all digital business operations for Asahi’s beer and beverage products across Japan. As a consequence, the […]
September 22, 2025

Collins Aerospace/European airport systems hit by ransomware

A ransomware attack targeting Collins Aerospace’s vMUSE check-in and boarding software in September created widespread disruption at several major European airports, including London Heathrow, Brussels, Berlin Brandenburg, and Dublin. The assault began late Friday and rendered automated check-in kiosks and bag-drop systems inoperable, forcing airline staff to revert to manual paper-based processes. This rapid shift caused severe delays, extensive queues, […]
August 29, 2025

WhatsApp Cloud Ransomware Campaign

WhatsApp faced a significant cybersecurity incident after researchers uncovered a zero-day vulnerability (CVE-2025-55177) affecting its iOS and macOS applications. The flaw was tied to the linked devices feature, which synchronizes data across a user’s phone and secondary devices. Exploiting this weakness, threat actors could inject malicious content from unauthorized URLs, effectively bypassing normal security restrictions. Investigations revealed that the vulnerability […]
1234
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.