Japanese publishing giant Nikkei announced earlier today that its Slack messaging platform had been compromised, exposing the personal information of over 17,000 employees and business partners.
Category: cybercrime/malcode – Page 6
Data breach at major Swedish software supplier impacts 1.5 million
The Swedish Authority for Privacy Protection (IMY) is investigating a cyberattack on IT systems supplier Miljödata that exposed data belonging to 1.5 million people.
Miljödata is an IT systems supplier for roughly 80% of Sweden’s municipalities. The company disclosed the incident on August 25, saying that the attackers stole data and demanded 1.5 Bitcoin to not leak it.
The attack caused operational disruptions that affected citizens in multiple regions in the country, including Halland, Gotland, Skellefteå, Kalmar, Karlstad, and Mönsterås.
The Impact Of Tech On Geopolitics: Why Business Needs To Rethink Risk
#risk #tech #business #geopolitical
Geopolitical tensions and kinetic conflicts can impact both physical security and supply chain stability, as well as overall economic stability. Evolving and often contradictory regulatory environments can create compliance challenges across different jurisdictions. Operating on the home turf of potentially hostile nation-states can increase insider risk, as employees may choose or be compelled to misuse their privileged access to appropriate and exfiltrate sensitive information from the organization. There are also risks that remain agnostic of jurisdiction, such as cyber threats, whether perpetrated by criminals, state-backed actors, or even hacktivists.
Microsoft: SesameOp malware abuses OpenAI Assistants API in attacks
Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel.
The company’s Detection and Response Team (DART) discovered the new malware, named SesameOp, during an investigation into a July 2025 cyberattack, which revealed that the malware allowed attackers to gain persistent access to the compromised environment.
Deploying this malware also enabled the threat actors to remotely manage backdoored devices for several months by leveraging legitimate cloud services, rather than relying on dedicated malicious infrastructure that could alert victims to an attack and be taken down during subsequent incident response.
Cyber-Securing the Connected Worlds of the Internet of Things, Smart Cities, and Space
In this latest edition of Security & Tech Insights newsletter, the topic of vulnerabilities of digital connectivity are analyzed in special regards to IoT, Smart Cities, and Space. Also included are articles reviewing Cybersecurity Awareness and Preparedness, and new threats to contend with from AI-enabled Ransomware. Thanks for reading and sharing! Chuck Brooks.
#cybersecurity #internetofthings #smartcities #space #ai #ransomware | on LinkedIn.
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats
The activity targeted diplomatic organizations in Hungary, Belgium, Italy, and the Netherlands, as well as government agencies in Serbia, Arctic Wolf said in a technical report published Thursday.
“The attack chain begins with spear-phishing emails containing an embedded URL that is the first of several stages that lead to the delivery of malicious LNK files themed around European Commission meetings, NATO-related workshops, and multilateral diplomatic coordination events,” the cybersecurity company said.
The files are designed to exploit ZDI-CAN-25373 to trigger a multi-stage attack chain that culminates in the deployment of the PlugX malware using DLL side-loading. PlugX is a remote access trojan that’s also referred to as Destroy RAT, Kaba, Korplug, SOGU, and TIGERPLUG.
CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation.
“By restricting administrative access, implementing multi-factor authentication, enforcing strict transport security configurations, and adopting zero trust (ZT) security model principles, organizations can significantly bolster their defenses against potential cyber attacks,” CISA said.
The agencies said malicious activity aimed at Microsoft Exchange Server continues to take place, with unprotected and misconfigured instances facing the brunt of the attacks. Organizations are advised to decommission end-of-life on-premises or hybrid Exchange servers after transitioning to Microsoft 365.