A recent attempt to bribe BBC News reporter Joe Tidy to assist a cybercriminal in breaching the BBC’s cyber defenses highlights the growing threat all organizations now face from within. Tidy was offered millions of pounds and told he need never work again if he assisted the threat actor. With the permission of his editor, the BBC reporter played along with the cybercriminals without actually assisting them in order to discover more about their methods.
“Lurking in the murky depths of the global marketplace for offensive cyber capabilities sits a particularly dangerous capability—spyware,” warns the Atlantic Council, a Washington, DC-based organization that promotes transatlantic cooperation and global economic prosperity.
The number of US-based entities investing in the spyware market is three times greater than in the next three-highest countries with the most investors, according to a report published by the Atlantic Council on September 10: Mythical Beasts: Diving into the depths of the global spyware market.
Carmaker Jaguar Land Rover (JLR) has shut down its systems after suffering a cyber-attack. The group claiming responsibility for the attack, The Com, also referred to as Scattered Spider, is a loosely affiliated online community of predominantly teenage English-speaking hackers based in the UK and the US.
Over half of cyber-attacks exploiting known vulnerabilities are the work of state-sponsored groups from abroad, mainly from China. According to cybersecurity company Recorded Future’s research arm, Insikt Group, 53 percent of observed exploitation activity in the first half of this year was driven by state-sponsored and suspected state-sponsored actors and conducted for espionage, surveillance, or other geopolitical objectives.
The Chinese government now has a vast storehouse of confidential information belonging to key industries and individuals in the US and UK and many other countries. According to an urgent joint cybersecurity advisory issued by the US National Security Agency (NSA) and other U.S. and foreign organizations, threat actors sponsored by the Chinese government, notably Salt Typhoon, have been consistently targeting telecommunications, government, transportation, lodging, and military infrastructure networks globally.
Cybercriminals are now weaponizing artificial intelligence (AI) to create potentially devastating off-the-shelf ransomware. Researchers at cybersecurity company ESET have discovered what they called “the first known AI-powered ransomware”. The malware, which ESET has named PromptLock, has the ability to exfiltrate, encrypt, and possibly even destroy data, though this last functionality appears not to have been implemented in the malware as yet.
Throughout June and August of this year, a sophisticated off-the-shelf malware campaign targeted over 300 organizations. According to cybersecurity company CrowdStrike, the campaign deployed SHAMOS, a malware variant of Atomic macOS Stealer (AMOS) developed by cybercriminal group COOKIE SPIDER.
The most in-demand skill on cybercrime recruiting sites is English-speaking social engineering. According to cybersecurity company Reliaquest, job posts more than doubling from 2024 to 2025, with recruiters accounting for 87 percent of these postings, indicating strong demand.
A staggering total of $329 billion is at risk globally because of poor cybersecurity applied to operational technology (OT) systems, which control facilities such as manufacturing and energy storage, according to cybersecurity company, Dragos.
The days are long gone when OT systems from online hackers were protected by the airgap, effectively a digital moat where all data was transferred manually. Today OT systems are linked to online IT systems to facilitate communication and increase efficiency. But organisations relying on OT systems are now finding that they must now pay too high a price for these gains.
Asian cybercrime syndicates based in China and Southeast Asia have caused approximately $37 billion in losses in East and Southeast Asia. The UN warns that they are now spreading operations across Africa, South America, the Middle East, Europe, and the Pacific.
Cybersecurity Threats on the Rise in Asia Pacific Cybersecurity incidents in Asia Pacific have increased by 29 percent this year and 134 percent in the last four years, according to Aon’s 2025 Cyber Risk Report. The rise in AI-driven deepfake attacks resulted in a 233 percent increase in incidents involving social engineering and fraud. Kazakhstan […]
Louis Vuitton, owned by French giant LVMH, is the latest retailer to suffer a cyber-breach in a recent flurry of attacks that previously compromised Marks & Spencer, the Co-Op and others. The cybercriminals have accessed Louis Vuitton’s customer data not only in the UK but also in Turkey and Korea. According to Louis Vuitton, the hackers were sitting on its systems for a full month before the intrusion was discovered.
Identity-based attacks are emerging as the major attack vector for businesses of all kinds. According to cybersecurity company eSentire, Identity-driven threats have “skyrocketed”, with a 156 percent surge in identity-based attacks between 2023-2025.
Brazilian IT worker João Roque has been arrested in connection with a $100 million theft through payment system PIX. Roque admitted to police that he had sold his login credentials to hackers who had approached him earlier this year.
Sophos has reported that almost half of companies targeted by ransomware attacks paid to regain access to their data, with the median payment amounting to $1 million. Sophos reports found that 46 percent of companies paid ransoms in 2025, the second highest rate in six years.
The US Federal Bureau of Investigation (FBI) last week issued a warning on X that the cybercriminals responsible for the recent devastating cyber-attacks on the UK retail sector are now targeting the airline sector on both sides of the Atlantic. Hard on the heels of the FBI’s warning came the news that the Qantas airline has suffered a major cyber-attack, affecting more than six million customers and likely resulting in the “significant” theft of personal information. Qantas confirmed the data breach Wednesday morning, alerting customers to a cyber incident affecting a third-party platform used by an airline contact center.
The Swiss financial regulator is urging SwissQuote to improve its cybersecurity measures due to increasing cybercrime risks, emphasizing the importance of strengthening defenses to protect client data and financial assets.
A patient’s death following a cyber-attack on the UK health sector by ransomware group Qilin has now been reported. The death has been confirmed by King’s College Hospital NHS Foundation Trust.
It has been attributed to a long wait for a blood test as a result of a cyber-attack on 3 June last year, which brought pathology services to a temporary standstill. IT company Synnovis, which provides blood test services primarily in southeast London, was the victim of a ransomware attack carried out by Qilin. The hospitals affected were Guy’s and St Thomas’, King’s College, and Lewisham and Greenwich, along with primary care facilities across six London boroughs and two mental health trusts.
As Iran prepares to avenge its recent humiliating ground defeats with concerted cyber-attacks on the US, the Food and Drug Administration (FDA) has issued a stark warning to the medical sector.
“Manufacturing infrastructure can be particularly vulnerable with connected devices, Industrial Internet of Things (IIoT), and smart technologies becoming more ubiquitous. These connected technologies, considered Operational Technologies (OT), have historically been designed to prioritize consistent functionality over cybersecurity. Consequently, it is sometimes difficult to tell what, when, and where communications are happening, which has the potential to increase the risk of a cybersecurity incident,” warns the FDA.
The US Department of Homeland Security warns the public that hacktivists and Iranian government-affiliated actors will likely target US networks, following the air strikes launched on Iranian nuclear sites on June 13, 2025.
Global AI-native cybersecurity solutions company Cybel has announced a partnership with Fintech Australia, aiming to strengthen cyber resilience across Australia’s fast-growing financial sector.
The Cybernews research team discovered a record-breaking breach of over 16 billion passwords worldwide, including Facebook, Google, and Apple credentials. Cybernews states that this is new data and not merely recycled from older breaches, and the data most likely comes from a wide variety of infostealers.
A new cybercriminal group, Qilin, is rapidly establishing dominance in the murky world of ransomware by providing not just ransomware-as-a-service (RaaS) but a full soup-to-nuts cybercrime service .In addition to the malware, Qilin also provides a full suite of legal guidance for criminals together with operational and storage features. According cybersecurity company, Cybereason, Qilin is positioning itself not just as a ransomware group, but as a full cybercrime service.
Lenovo PCCW Solutions is collaborating with leading Chinese cybersecurity firm Qi An Xin Technology to launch the first Security Operation Centre, aiming to address the urgent need for cybersecurity solutions amidst the surge of cyber threats.
Japan Prime Minister Shigeru Ishiba implements a new cybersecurity defense law ahead of national elections to take proactive measures against cyber threats. The legislation allows the government to monitor online communications and requires private companies to report cyberattacks.
Cybercriminals have just added what may be the most dangerous weapon yet to their arsenal of illegal software, a Dark Web version of legitimate artificial intelligence (AI) platforms. Tel Aviv-based network security company, Cato Networks, has uncovered an emerging criminal platform called Nytheon AI that it says is “a fully-fledged illicit AI platform”. While there have been other attempts to offer criminal versions of popular AI models, Nytheon AI is the first truly comprehensive multilingual offering. Threat actors can now use the platform to conduct a variety of attacks including tailored spear-phishing campaigns, deepfake documents, and polymorphic malware capable of constantly mutating its appearance.
Political tensions are prompting nations to re-strategize cybersecurity. Countries that once sought international cooperation and joint strategies are now prioritizing domestic cyber capacities and national interests as a result of geopolitical instabilities.
The UK government has announced its plans to invest in digital and artificial intelligence (AI) in public services, including the NHS, aiming to build strong technology foundations and tackle urgent cybersecurity risks.
Cybersecurity firm Cyera has raised $540 million in a Series E funding round, bringing its total to over $1.3 billion. Cyera’s valuation has surged to $6 billion in six months, reporting a 353 percent year-over-year growth.
Honeywell has debuted a series of AI-powered tools that intend to boost industrial autonomy, introducing a suite of AI cybersecurity solutions designed to ramp up Operation Technology defenses against the ever-evolving cyberthreat landscape.
The recent UK retail cyberattacks that impacted Marks & Spencer and the Co-Op supermarket chain are only the tip of a very large iceberg that now threatens organizations on both sides of the Atlantic.
Although media reports have attributed the attacks to a group named “Scattered Spider,” the actual threat is far bigger. For a start, there is no criminal group that actually calls itself “Scattered Spider”, which is just a made-up name attributed by cybersecurity researchers. These attacks and many others in the US and the UK are now known to be the work of a vast sprawling network of hackers, some as young as 14, spread across the US and the UK. They call themselves “the Community”, or “the Com” for short, and are essentially a vast teenage subculture of criminal hackers.
An attempt to impersonate White House Chief of Staff Susie Wiles is currently being investigated by US federal agencies. The incident highlights the ongoing dangers posed by key individuals using their personal phones to store the phone numbers of important contacts, now that voice cloning enables cybercriminals to mimic anyone’s voice with ease.
In today’s daily round up – Qualcomm has patched three zero-day vulnerabilities which were actively exploited in targeted attacks against Android devices, Dedge Security has raised €4 million in seed funding to bolster its platform, and PTSD Resolution has teamed up with the Chartered Institute of Information Security to provide trauma therapy services to cybersecurity professionals.
In today’s daily roundup – Deepfake Phishing Targets Trump’s Chief of Staff, ConnectWise Breached by Suspected Nation-State Actor, and Unbound Security Raises $4M Seed Funding.
Many organizations’ ongoing enthusiasm for incorporating artificial intelligence (AI) is leaving them open to sophisticated and carefully planned cyber-attacks. Cybersecurity company Mandiant, a Google subsidiary, has issued an urgent warning for companies to be wary of downloading AI tools from unvetted websites.
A new Russian threat actor, Void Blizzard, also known as Laundry Bear, is gathering intelligence from Western states on an industrial scale unseen since the end of the Cold War. According to Microsoft Threat Intelligence, Void Blizzard primarily targets NATO member states, particularly those supporting Ukraine, and Ukraine.
The US healthcare sector is now reeling from a seemingly never-ending series of cyberattacks. The problem is becoming so dire that there is growing concern that it may even spark a genuine healthcare crisis. The recent ransomware attack on Kettering Health, for example, which operates 14 hospitals and over 120 medical facilities in Ohio, is merely the latest volley in a remorseless wave of cyberattacks on the cash-rich sector.
Artificial Intelligence (AI) is learning to think like a human. But the critical question now being asked in IT circles is: “What kind of human?”
Claude, Opus 4, a groundbreaking new AI system released by AI developers Anthropic on Tuesday, is attempting to blackmail its creator by exposing an alleged extramarital affair. This follows on from other AI systems programmed to interact with humans effectively, lying by making up fake information, a phenomenon known by developers as “hallucinating”.
‘Smishing’ – cybercrime involving sending deceptive SMS text messages – has just been taken to a new and dangerous level by China’s crime syndicates. Cybersecurity company, Resecurity, has discovered a devastating new smishing kit known as “Panda Shop,” which comes complete with interactive manuals on how to use it.
admin
Editorial Team
