ICYMI: 2025-10-09
Latest Headlines
From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More
SaaS Breaches Start with Tokens - What Security Teams Must Watch
From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme
Apple Took Down These ICE-Tracking Apps. The Developers Aren’t Giving Up
GitHub Copilot Chat Flaw Leaked Data From Private Repositories
Chinese Hackers Breached Law Firm Williams & Connolly via Zero-Day
All SonicWall Cloud Backup Users Had Firewall Configurations Stolen
Discord Says 70,000 Users Had IDs Exposed in Recent Data Breach
New Quishing Attack With Weaponized QR Code Targeting Microsoft Users
Hackers Actively Exploiting WordPress Plugin Vulnerability to Gain Admin Access
Threat Actors Mimic as HR Departments to Steal Your Gmail Login Credentials
Hackers Upgraded ClickFix Attack With Cache Smuggling to Secretly Download Malicious Files
New Polymorphic Python Malware Repeatedly Mutate its Appearance at Every Execution Time
Data-Leak Sites Hit an All-Time High With New Scattered Spider RaaS and LockBit 5.0
Chaos Emerges as Faster, Smarter, and More Dangerous Ransomware
KFC Venezuela Alleged Data Breach – 1 Million Customer Records Exposed
Lightship Security and the OpenSSL Corporation Submit OpenSSL 3.5.4 for FIPS 140-3 Validation
New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube
Microsoft: Hackers target universities in “payroll pirate” attacks
Hackers now use Velociraptor DFIR tool in ransomware attacks
Microsoft Defender mistakenly flags SQL Server as end-of-life
Microsoft: Windows Backup now available for enterprise users
SonicWall: Firewall configs stolen for all cloud backup customers
From infostealer to full RAT: dissecting the PureRAT attack chain
Azure outage blocks access to Microsoft 365 services, admin portals
Hackers claim Discord breach exposed data of 5.5 million users
– MTZ