Chinese Cyberspies Hacked US Defense Contractors
A Chinese cyberespionage group has compromised at least two US defense contractors and various other organizations in the Americas, Europe, Asia, and Africa, cybersecurity firm Recorded Future reports. Between July 2024 and July 2025, the threat actor, tracked as RedNovember, was seen targeting high-profile organizations globally, across government, defense, aerospace, and other industries. READ MORE...
Volvo Group Employee Data Stolen in Ransomware Attack
Truck, bus and industrial equipment maker Volvo Group North America is notifying current and former employees of a data breach involving third-party supplier Miljödata. A Swedish IT company, Miljödata fell victim to a ransomware attack in August. During the attack, the hackers stole personal information from Adato, a support system for rehabilitation, and Novi, a support system for HR personnel notes. READ MORE...
CISA urges dependency checks following Shai-Hulud compromise
The Cybersecurity and Infrastructure Security Agency urged security teams to monitor their systems following a massive supply chain attack that struck the Node Package Manager ecosystem. The attack, tracked under the name Shai-Hulud, involved a self-replicating worm that compromised more than 500 software packages, according to StepSecurity. After gaining access, a malicious attacker injected malware and scanned the environment for sensitive credentials. READ MORE...
North Korean IT workers use fake profiles to steal crypto
ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and focuses on stealing cryptocurrency. It targets freelance developers working on Windows, Linux, and macOS systems. The group's campaigns use social engineering tricks, including fake job interviews and a method known as ClickFix, to spread malware and steal cryptocurrency. READ MORE...
Russia Targets Moldovan Election in Disinformation Play
A state-backed Russian threat actor is targeting the 2025 Moldovan elections with a far-reaching disinformation campaign, and the threat actor behind it has older ties to Moscow. Threat hunting vendor Silent Push published research on Sept. 23 concerning a threat actor tracked as Storm-1679 (aka Matryoshka). Silent Push's research explains how Russia has been using disinformation to disrupt Moldova's Sept. 28 parliamentary elections and thwart its efforts to join the European Union. READ MORE...
GenAI is exposing sensitive data at scale
Sensitive data is everywhere and growing fast. A new report from Concentric AI highlights how unstructured data, duplicate files, and risky sharing practices are creating serious problems for security teams. The findings show how generative AI tools like Microsoft Copilot are adding complexity, while old problems like oversharing and poor data hygiene continue to create exposure. On average, Copilot accessed nearly 3M sensitive data records per organization during the first half of 2025. READ MORE...
RTX Confirms Airport Services Hit by Ransomware
Aerospace and defense giant RTX (formerly Raytheon Technologies) has officially confirmed that airport services have been disrupted as a result of a ransomware attack. The company said in an SEC filing that it became aware of the cybersecurity incident on September 19. The disclosure does not mention Collins Aerospace, the subsidiary that offers the impacted airport check-in and boarding solutions. READ MORE...
Contain or be contained: The security imperative of controlling autonomous AI
Artificial intelligence is no longer a future concept, it is being integrated into critical infrastructure, enterprise operations and security missions around the world. As we embrace AI's potential and accelerate its innovation, we must also confront a new reality: the speed of cybersecurity conflict now exceeds human capacity. The timescale for effective threat response has compressed from months or days to mere seconds. READ MORE...
As many as 2 million Cisco devices affected by actively exploited 0-day
As many as 2 million Cisco devices are susceptible to an actively exploited zeroday that can remotely crash or execute code on vulnerable systems. Cisco said Wednesday that the vulnerability was present in all supported versions of Cisco IOS and Cisco IOS XE, the operating system that powers a wide variety of the company's networking devices. The vulnerability can be exploited to create a denial-of-service attack or execute code that runs with unfettered root privileges. READ MORE...
Unpatched flaw in OnePlus phones lets rogue apps text messages
A vulnerability in multiple versions of OxygenOS, the Android-based operating system from OnePlus, allows any installed app to access SMS data and metadata without requiring permission or user interaction. OnePlus, a subsidiary of Oppo, is a Shenzhen-based consumer electronics maker known for developing high-end smartphones at competitive pricing. While other major Chinese brands like Huawei and Xiaomi aren't available in the U.S., OnePlus devices are officially available in the country. READ MORE...
- ...in 1911, ground is broken in Boston, MA for Fenway Park.
- ...in 1930, writer and illustrator Shel Silverstein ("The Giving Tree", "Where the Sidewalk Ends") is born in Chicago, IL.
- ...in 1951, actor Mark Hamill, best known as Luke Skywalker in "Star Wars", (as well as the voice of the Joker on "Batman: The Animated Series") is born in Oakland, CA.
- ...in 1956, TAT-1, the first transatlantic telephone cable system is inaugurated, stretching between Scotland and Newfoundland.
