-
A threat actor has allegedly breached KFC Venezuela, offering a database containing the personal and order information of over one million customers for sale on a dark web forum. The data, advertised on October 8, 2025, includes a vast amount of sensitive customer details, posing a significant risk of fraud and identity theft to those […] The post KFC Venezuela Alleged Data Breach – 1 Million Customer Records Exposed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Cisco Talos have confirmed that ransomware operators are actively exploiting Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in their attacks. This marks the first definitive link between a legitimate security tool and a ransomware incident. The campaign, which deployed three separate ransomware strains, is attributed with moderate confidence to […] The post Hackers Exploit DFIR Tool ‘Velociraptor’ in Ransomware Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco Talos has confirmed that ransomware operators are now leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool, to gain stealthy, persistent access and deploy multiple ransomware variants against enterprise envi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity community has witnessed the rapid emergence of a novel phishing toolkit that automates the creation of “ClickFix” attack pages, enabling threat actors with minimal technical expertise to deploy sophisticated social engineering lures. Dubbed the IUAM ClickFix Generator, this phishing kit consolidates all necessary configuration options—page title, domain, verification prompts and clipboard instructions—into a […] The post New Phishing Kit Automates Generation of ClickFix Attack Bypassing Security Measures appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SonicWall has confirmed that an unauthorized party accessed and stole the entire repository of customer firewall configuration backup files from its cloud service. The confirmation comes after the completion of an investigation with the cybersecurity firm Mandiant, which determined that all customers who used the cloud backup feature are affected by the breach. The investigation […] The post SonicWall Confirms That Hackers Stole All Customers Firewall Configuration Backup Files appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent weeks, a sophisticated malware campaign has emerged that leverages conversational chatbots as covert entry points into enterprise systems. Initially observed in mid-September 2025, the threat actors targeted organizations running customer-facing chat applications built on large language models. By exploiting weaknesses in natural language processing and indirect data ingestion, attackers were able to pivot […] The post AI Chatbot Leveraged as a Critical Backdoor to Access Sensitive Data and Infrastructure appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated quishing campaign leveraging weaponized QR codes has been uncovered, specifically targeting Microsoft users with seemingly innocuous document review requests. By exploiting advanced evasion techniques—splitting the QR code into two sepa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity landscape has been shaken by the emergence of Trinity of Chaos, a sophisticated ransomware collective that has launched a data leak site containing sensitive information from 39 major corporations. This formidable alliance, presumably comprising members from the notorious Lapsus$, Scattered Spider, and ShinyHunters groups, represents a significant evolution in cybercriminal organization and operational […] The post New Hacker Alliance Trinity of Chaos Leaked 39 Companies Data Including Google, CISCO and Others appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VirusTotal, the collaborative malware analysis platform, has announced a major update to simplify access and reward contributors. The changes aim to make the platform easier to use for individual researchers while ensuring engine partners receive prior…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A proof-of-concept exploit has been published for a critical flaw in the secure boot process of the Nothing Phone (2a) and CMF Phone 1. This exploit can break the chain of trust and allow full code execution at the highest privilege level, posing a sev…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
