Bridgestone Cyberattack Disrupts North American Manufacturing
A cyberattack on Bridgestone (a giant in the tire manufacturing business) has shaken operations across North America, disrupting tire production at major facilities. While the company claims the incident was contained and limited, local officials and industry observers suggest the disruption may be far wider. The attack underscores the growing threat to industrial supply chains as hackers increasingly target manufacturing
Workiva Data Breach Exposes Contact Data After Salesforce Attack
The Workiva data breach adds to a growing list of companies caught in the ongoing wave of Salesforce-related attacks. The SaaS provider confirmed that attackers exploited a Salesforce-connected application, leading to the exposure of customer contact details. Although Workiva’s platform itself remains uncompromised, the incident raises concerns about the growing reliance on third-party integrations and the phishing risks that follow.
Grok AI Exploit Spreads Malicious Links on X
Cybercriminals have uncovered a dangerous loophole in Grok AI, the chatbot integrated into X. By embedding harmful links inside video ad metadata, attackers trick the system into revealing them. This Grok AI exploit spreads malicious links to millions of users and raises major concerns about the safety of AI-powered assistants. How the Exploit Works The attack begins with a promoted
TamperedChef Infostealer Hides in Fake PDF Editing App
The TamperedChef infostealer has emerged as a serious threat, hiding inside a fraudulent PDF editor promoted through Google Ads. This deceptive campaign tricked users into downloading an app that appeared legitimate, only to later activate malicious features. With delayed activation and credential theft, the campaign shows how cybercriminals continue to evolve their tactics. Malvertising and the Fake PDF Tool Attackers
Storm-0501 Ransomware Shifts to Cloud Attacks
Storm-0501 ransomware has entered a new phase. Security researchers report that the group has moved from on-premise intrusions to cloud-based attacks. By exploiting Azure environments, Storm-0501 has found ways to exfiltrate data, destroy backups, and pressure victims into ransom payments. This marks a major shift in how ransomware groups adapt to cloud reliance. How Storm-0501 Operates The ransomware group does
Hook Android Trojan Ransomware Attacks Spread via GitHub
The Hook Android Trojan ransomware attacks mark the latest stage in the malware’s evolution. Once known mainly as a banking trojan, Hook has now gained powerful ransomware-style features, giving cybercriminals new tools to exploit Android users. What Makes the New Hook Variant Dangerous The latest version, often called Hook v3, shows how mobile malware continues to expand its reach: Ransomware-style
Silk Typhoon Hackers Use Fake Portals in Espionage Campaigns
Silk Typhoon hackers hijack captive portals in diplomat attacks, exposing how far advanced persistent threats will go to steal intelligence. The group, also tracked as Mustang Panda, UNC6384, and TEMP.Hex, is a known Chinese state-sponsored operation. Their latest campaign reveals new tactics designed to bypass defenses and target high-value diplomatic missions. Hijacking Captive Portals Captive portals usually appear when users
Murky Panda Hackers Exploit Cloud Trust to Breach Customers
Murky Panda Hackers, a Chinese state-linked group, have escalated their espionage campaign by targeting cloud providers. Security researchers report that the attackers exploit cloud trust relationships to infiltrate downstream customer environments. This tactic grants them privileged access to sensitive data across multiple organizations. How the Attacks Work The group compromised SaaS providers by stealing application registration secrets in Microsoft Entra
Warlock Ransomware Hits Colt, Auctions Stolen Data
Warlock Ransomware has carried out a major attack on Colt Technology Services, one of the UK’s largest telecom providers. The attackers claim to have stolen and auctioned company files, and Colt has now confirmed the breach. Sensitive data linked to customers is among the stolen material, raising concerns about privacy and trust. This incident is alarming for several reasons: Scale
Chrome VPN Extension Spyware Captures Every Site Visit
A verified Chrome VPN extension with more than 100,000 installs has been exposed as dangerous spyware. Researchers revealed that FreeVPN.One secretly captured screenshots of every website users visited, including sensitive content like private messages, social media chats, photos, and financial information. The stolen screenshots were quietly uploaded to servers controlled by the developers, along with data that identified each user.
