Author: Staff Writer

Top Highlights Data Breach Confirmation: Co-op confirmed that a cyberattack in April led to the theft of personal data belonging to 6.5 million members, although financial information was not compromised. Attack Strategy: The breach involved a social engineering attack that allowed hackers to reset an employee’s password, leading to unauthorized access to the network and the extraction of critical data, including password hashes. Perpetrators Identified: The attack is linked to the threat group Scattered Spider, associated with prior attacks on other organizations, including Marks & Spencer and MGM Resorts. Arrests Made: The UK’s National Crime Agency arrested four individuals connected…

Top Highlights Data Breaches Confirmed: Louis Vuitton has confirmed that customer data breaches in the UK, South Korea, and Turkey are linked to a security incident associated with the ShinyHunters extortion group. Nature of the Breach: The breach involved unauthorized access to customer personal data, but no payment information was compromised; the company is cooperating with relevant authorities and cybersecurity experts. Similar Incidents: This breach follows similar incidents affecting other luxury brands, such as Tiffany & Co. and House of Dior, suggesting a pattern that may be linked to the same cyberattack. Ongoing Risk: Despite recent arrests of some ShinyHunters…

PHNOM PENH, Cambodia (AP) — Cambodia on Wednesday said that an order by Prime Minister Hun Manet for government bodies to crackdown on criminal cybercrime operations being run in the country had resulted in the arrest of more than 1,000 suspects so far this week.Hun Manet issued the order authorising state action for “maintaining and protecting security, public order, and social safety.” “The government has observed that online scams are currently causing threats and insecurity in the world and the region. In Cambodia, foreign criminal groups have also infiltrated to engage in online scams,” Hun Manet’s statement, dated Tuesday, said.The…

Summary Points Guilty Plea and Arrest: Cameron John Wagenius, a 21-year-old former U.S. Army soldier, pleaded guilty to hacking and extorting at least ten telecommunications companies, leading to his arrest in December 2024. Cybercriminal Activities: Between 2023 and 2024, Wagenius operated under multiple aliases, engaged in SIM-swapping, and utilized hacking tools like SSH Brute to steal login credentials and extort firms, threatening to leak over 358GB of data. Indictments and Charges: Wagenius was indicted on charges including wire fraud conspiracy and aggravated identity theft, and he faces up to 27 years in prison after admitting guilt to these crimes and…

Cloud integrations promise easier access to tools, shared sessions, and unified workflows. But as a newly discovered vulnerability in Oracle Cloud Infrastructure (OCI) Code Editor shows, they can also quietly expose critical security gaps.Researchers at Tenable identified the now-remediated critical remote code execution (RCE) flaw while analyzing how Code Editor interacts with its Cloud Shell command-line environment.Tightly IntegratedCode Editor is an integrated development environment in OCI that lets developers write, edit, and manage code directly in their cloud environment without leaving the browser. It eliminates the need for them to download, install, and configure local development tools. Code Editor is…

Summary Points Evolved Malware-as-a-Service: Matanbuchus, a sophisticated malware loader, has evolved to version 3.0, now featuring advanced stealth techniques, enhanced obfuscation, and support for various payloads such as Cobalt Strike and ransomware. Targeted Delivery Methods: Unlike traditional spread methods, Matanbuchus is often deployed via social engineering tactics, tricking victims into executing malicious scripts during seemingly legitimate interactions, such as impersonating IT support through Microsoft Teams. High Cost and Functionality: Matanbuchus 3.0 is available for rental at $10,000 to $15,000, incorporating complex capabilities like in-memory execution, command execution via PowerShell, and persistence through scheduled tasks, posing significant risks to enterprises. Advanced…

Top Highlights Financial Impact: United Natural Foods, Inc. (UNFI) projects a $350-$400 million reduction in fiscal 2025 net sales due to a June 2025 cyberattack, alongside an estimated net income loss of $50-$60 million. Insurance Offsets Losses: The company anticipates that insurance proceeds will significantly mitigate losses from the cyber incident, which is not expected to impact operations or finances significantly beyond Q4 of fiscal 2025. Operational Disruption: The cyberattack detected on June 5 forced UNFI to take certain IT systems offline, disrupting its ability to fulfill and distribute customer orders. Overall Business Profile: UNFI, a major grocery distributor in…

Quick Takeaways Critical Vulnerability: Security researchers have identified a significant vulnerability (CVE-2025-47812) in Wing FTP Server that allows remote root-level code execution, potentially compromising entire systems. Active Exploitation: The flaw has been actively exploited since at least July 1, with around 2,000 computers running Wing FTP at risk, primarily in the U.S., China, and Germany. Urgent Response: Wing FTP has warned approximately 10,000 customers, including large companies, and provided guidance for mitigating the vulnerability through upgrades. Severe Potential Impact: Attackers exploiting this vulnerability can gain access to sensitive data, modify files, and potentially instigate ransomware attacks, resulting in significant security…

Quick Takeaways Operation Eastwood: An international law enforcement effort successfully disrupted the infrastructure of the pro-Russian cybercrime group NoName057(16), which orchestrated denial-of-service attacks against Ukraine and its allies, including organizations linked to a NATO summit. Global Impact: Over 100 computer systems worldwide were taken offline, with simultaneous actions taken by authorities from multiple countries—including the US, France, and Germany—resulting in several arrests and the issuance of warrants for key leaders of the group in Russia. Targeted Attacks: The group initially focused on Ukrainian targets but expanded to attack institutions in Sweden, Germany, and Switzerland, including significant events like a Ukrainian…

Fast Facts Targeted Appliances: Threat actor UNC6148 has been exploiting end-of-life SonicWall Secure Mobile Access 100 appliances since October 2024, despite them being fully patched. Malware Deployment: The threat actor has deployed a novel backdoor called "Overstep," allowing persistent access and manipulation of the devices’ boot processes for credential theft. Zero-Day Vulnerability: Researchers suspect a zero-day, remote-code-execution vulnerability may have facilitated the malware’s deployment, indicating a high level of technical expertise by the hacker. Evolving Threat Landscape: SonicWall is accelerating the end-of-support date for the SMA 100 appliances and plans to release detailed mitigation guidance amidst concerns over data theft,…