Black Arrow Cyber Threat Intelligence Briefing 12 September 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
This week’s review highlights the growing personal and organisational consequences of cyber attacks. Qantas cut executive bonuses after a major breach, reflecting increased leadership accountability. CISOs report pressure to conceal incidents, despite legal obligations. Boards are urged to adopt risk-based approaches that prioritise critical exposures.
Threats increasingly target individuals, with executives impersonated using AI and insider breaches causing costly damage. Phishing and ransomware attacks are becoming more sophisticated, using AI, mimicking multi-factor authentication and automating extortion.
These developments reinforce the need for stronger governance, clear accountability and a culture of security awareness. Contact us for guidance on how to achieve this in your organisation.
Top Cyber Stories of the Last Week
Qantas Penalises Executives for July Cyber Attack
Qantas has penalised its executive team by reducing annual bonuses by 15% after a July cyber attack exposed data belonging to 5.7 million people. The airline, which reported a profit of $1.5 billion, confirmed the breach did not involve credit card or passport data but did affect customer details such as names, emails and frequent flyer numbers, with some records also including addresses or dates of birth. The company has updated its risk management framework in response, stressing lessons learned and shared accountability among senior leaders. A forensic investigation into the incident remains ongoing.
https://therecord.media/qantas-airline-reduces-bonuses-executives-data-breach
Three Critical Facts About Cyber Risk Management
Organisations are being urged to shift from reactive cyber security to proactive risk management, as breaches continue to rise and cause severe business impact. A recent study highlighted three critical practices. First, firms must view their digital footprint the way attackers do, since exposure goes beyond what is listed in internal systems. Second, with limited resources, not every vulnerability can be fixed, so leaders must focus on the risks that matter most by weighing likelihood against impact. Finally, adopting proactive measures, supported by automation and AI, allows organisations to anticipate threats and reduce response times significantly.
https://www.trendmicro.com/en_us/research/25/i/cyber-risk-management-facts.html
Pressure on CISOs to Stay Silent About Security Incidents Growing
A recent survey has revealed that 69% of Chief Information Security Officers (CISOs) have been pressured by their employers to keep security incidents quiet, compared with 42% two years ago. This rise reflects growing tensions between regulatory obligations and corporate concerns about reputation. Experts note that attackers now often steal data quietly rather than disrupt operations, making breaches less visible but still serious. Regulators, including those enforcing GDPR and DORA, require timely disclosure, yet many CISOs report pressure to downplay or conceal incidents. Failure to disclose risks heavy penalties, loss of trust, and personal liability for senior leaders.
Why Security Teams Are Turning to the Dark Web to Protect Executives
A recent study found that nearly three quarters of US executives have been directly targeted by cyber criminals, with attacks against leaders continuing to rise. The dark web has become a marketplace where stolen credentials and personal details of corporate leaders are traded, enabling criminals to infiltrate company networks, commit fraud, or even endanger executives’ physical safety. Experts warn that once this information is leaked it cannot be removed, making prevention and monitoring critical. Organisations are being urged to strengthen access controls, improve executive cyber awareness, and integrate physical and cyber security measures into their protection plans.
You Should Be Aware of These Latest Social Engineering Trends
Social engineering attacks are becoming increasingly sophisticated as criminals exploit human behaviour rather than technical flaws. A recent case saw an asset management firm lose one million euros after an executive was deceived by AI-cloned voices and a fake contract. Tactics now include overwhelming victims with thousands of emails, impersonating IT helpdesks, and using legitimate tools like Microsoft Teams and Quick Assist to gain access. These methods highlight that people remain the weakest link in security. Firms are advised to strengthen access controls, limit external communications, and invest in employee awareness to reduce exposure.
Insider Breaches Are a Bigger Security Threat than Ever Before. Here’s How Your Business Can Stay Safe
New research shows insider threats, whether from careless mistakes or disgruntled employees, are now seen as a risk comparable to external cyber attacks. Nearly two thirds of organisations reported data breaches linked to insiders in the past two years, with average costs of $2.7 million. Almost half ranked data leakage from insiders as their top concern, yet only 27% use tools such as Data Loss Prevention to help manage this risk. Experts stress that while such tools are useful, businesses need layered defences and stronger oversight of how sensitive files are accessed, shared, and stored.
Are Cybercriminals Hacking Your Systems or Just Logging in?
Verizon reports that stolen passwords and login details were used in nearly a third of all data breaches last year, with more than 3.2 billion credentials stolen globally, a 33% rise on the previous year. Criminals are bypassing security controls by logging in as legitimate users, often using stolen passwords, session tokens or multi factor authentication codes. This approach has already fuelled major cyber attacks such as those against Change Healthcare and Snowflake. Organisations are urged to strengthen password protection, adopt zero trust principles, train staff against scams, and monitor for suspicious activity.
https://www.welivesecurity.com/en/business-security/cybercriminals-hacking-systems-logging-in/
New Automated Extortion Software Is So Devious You Won't Believe It
Researchers have warned of a new form of malware, known as Stealerium, that takes sextortion scams to a new level. The tool can capture login details, financial data and private messages, but more alarmingly it can detect when users access adult material, take a screenshot and activate the webcam to photograph them. Criminals are distributing it through fake emails posing as charities or banks, and it has already been seen in tens of thousands of cases. Victims are often in sectors such as hospitality, education and finance, making individuals rather than companies the main targets.
https://futurism.com/automated-extortion-software-devious
Phishing Kit Unveils New Level of Sophistication
Researchers have uncovered a new phishing campaign using the Salty2FA kit, which highlights how cyber crime operations are becoming increasingly professional. The campaign uses trusted platforms, company-branded login pages and advanced tools to bypass security controls, making attacks harder to spot and investigate. Targeted sectors include healthcare, finance, energy and technology. Crucially, the attackers even mimic multi factor authentication, reducing the effectiveness of traditional safeguards. This shows that phishing has evolved beyond basic scams, requiring organisations to update defences and strengthen staff awareness to guard against increasingly convincing cyber attacks.
https://www.infosecurity-magazine.com/news/salty2fa-phishing-kit/
New Malware Campaigns Highlight Rising AI and Phishing Risks
Researchers have uncovered new phishing campaigns that show how attackers are combining advanced malware with social engineering to bypass security. One campaign uses fake business emails to deliver MostereRAT, a tool that can take full control of a victim’s computer, disable built-in protections, and install remote access software. Another campaign uses fake download sites and “fix” prompts to trick users into installing data stealing software. In parallel, attackers are experimenting with ways to manipulate AI-powered tools, using hidden instructions to insert malicious steps into automated summaries, highlighting the growing overlap between AI risks and cyber crime.
https://thehackernews.com/2025/09/from-mostererat-to-clickfix-new-malware.html
Ransomware Kits Built with AI Are Behind a 70% Surge in Attacks
A new report warns that ransomware attacks rose by 70% in the first half of 2025, fuelled by criminals using artificial intelligence to scale operations. Attackers are packaging phishing emails, extortion notes and other pressure tactics into ready-made kits that can be sold and reused, making attacks easier to launch. While cryptocurrency remains the preferred payment method, total ransom payments fell by 35% in 2024 due to stronger law enforcement action and sanctions. The findings highlight how AI is shifting ransomware from purely technical exploits to broader campaigns targeting human behaviour.
https://crypto.news/ransomware-kits-built-with-ai-are-behind-a-70-surge-in-attacks/
Ransomware Losses Climb as AI Pushes Phishing to New Heights
Resilience’s 2025 midyear report highlights a sharp rise in ransomware and phishing attacks, both increasingly driven by artificial intelligence. Vendor-related risks have declined from 22% to 15% of losses, but remain costly when they occur. Ransomware insurance claims rose by 17% year on year, with criminals moving to triple extortion, adding threats of data leaks and service disruption to increase pressure. Phishing has become the most common entry point, now responsible for 42% of claims and nearly 9 in 10 of total losses. AI has made these attacks more convincing, with synthetic voice and other tools boosting success rates.
https://www.securityweek.com/ransomware-losses-climb-as-ai-pushes-phishing-to-new-heights/
Governance, Risk and Compliance
Pressure on CISOs to stay silent about security incidents growing | CSO Online
Why security teams are turning to the dark web to protect executives - Digital Journal
71% of CISOs hit with third-party security incident this year | CSO Online
6 hot cybersecurity trends | CSO Online
Lack of visibility creates "cascade" of security risk, says Kiteworks | IT Pro
Three Critical Facts About Cyber Risk Management | Trend Micro (US)
CISOs, stop chasing vulnerabilities and start managing human risk - Help Net Security
Mitigating supply chain vulnerabilities | TechRadar
What’s Your Cybersecurity Maturity? | Trend Micro (US)
CISOs Master Persuasion to Secure Cybersecurity Funding with Data and AI
How Leading CISOs are Getting Budget Approval
Creating a cyber-first culture through strategic governance | TechRadar
Threats
Ransomware, Extortion and Destructive Attacks
Remote Access Abuse Biggest Pre-Ransomware Indicator - Infosecurity Magazine
Report: Ransomware Attacks Costlier as Threat Actors Become More Systemic
Ransomware kits built with AI are behind a 70% surge in attacks
Ransomware, vendor outages, and AI attacks are hitting harder in 2025 - Help Net Security
New Automated Extortion Software Is So Devious You Won't Believe It
Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed | Trend Micro (US)
Akira ransomware crims abusing trifecta of SonicWall flaws • The Register
The crazy, true story behind the first AI-powered ransomware • The Register
Ransomware attacks fewer but costlier - report | Insurance Business America
Most pandemic-era ransomware raids conducted by two gangs - iTnews
Ransomware Victims
Jaguar Land Rover in 'truly horrible position' following cyber attack - CoventryLive
Concerns over impact of JLR cyber attack - BBC News
LunaLock Ransomware threatens victims by feeding stolen data to AI models
DZ Bank’s subsidiary says hackers lied about stolen data | Cybernews
Jaguar Land Rover Admits Data Breach Caused by Recent Cyberattack - SecurityWeek
Tata Motors shares in focus after JLR faces cybersecurity breach - The Economic Times
JLR Got Hacked So Bad They’re Still Registering Cars With Pen And Paper | Carscoops
Car part supplier's fears over Jaguar Land Rover cyber-attack - BBC News
M&S tech chief leaves months after cyber attack cost it £300m | Money News | Sky News
Ransomware attack at blood center: Org tells users their data's been stolen | Malwarebytes
Lovesac warns customers their data was breached after suspected RansomHub attack six months ago
100,000 Impacted by Cornwell Quality Tools Data Breach - SecurityWeek
Panama Ministry of Economy discloses breach claimed by INC ransomware
Phishing & Email Based Attacks
Salty2FA Phishing Kit Unveils New Level of Sophistication - Infosecurity Magazine
Emerging Phishing Threats: MostereRAT, ClickFix, and State-Sponsored Risks
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
Critical 0-Click Vulnerability Enables Attackers to Takeover Email Access Using Punycode
You Didn't Get Phished — You Onboarded the Attacker
iCloud Calendar abused to send phishing emails from Apple’s servers
AI-Powered Phishing Attack Targets Microsoft 365 Accounts, Experts Warn | Ubergizmo
Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign
Business Email Compromise (BEC)/Email Account Compromise (EAC)
Jeremy Clarkson reveals hackers stole £27,000 from his Cotswolds pub | The Standard
Other Social Engineering
You Didn't Get Phished — You Onboarded the Attacker
Ransomware, vendor outages, and AI attacks are hitting harder in 2025 - Help Net Security
New Automated Extortion Software Is So Devious You Won't Believe It
Exclusive: How North Korean hackers are using fake job offers to steal cryptocurrency | Reuters
You should be aware of these latest social engineering trends | CSO Online
Salesloft Drift Cyberattack Ups Social Engineering Attack Concerns
What is SIM-swapping fraud and what are the signs? - BBC News
Fake employers from North Korea hack hundreds | Cybernews
Beware the QR code: How a new scam is costing consumers £10,000 per day | The Independent
Fraud, Scams and Financial Crime
Exclusive: How North Korean hackers are using fake job offers to steal cryptocurrency | Reuters
Fake employers from North Korea hack hundreds | Cybernews
US sanctions companies and individuals behind Southeast Asian scam centers | Crime News | Al Jazeera
Working with partners to tackle cyber crime and fraud - GOV.UK
Artificial Intelligence
Ransomware, vendor outages, and AI attacks are hitting harder in 2025 - Help Net Security
Ransomware kits built with AI are behind a 70% surge in attacks
LunaLock Ransomware threatens victims by feeding stolen data to AI models
Employees keep feeding AI tools secrets they can't take back - Help Net Security
How AI Puts Company Data at Risk | Kiplinger
AI agents are here, now comes the hard part for CISOs - Help Net Security
CISOs brace for a new kind of AI chaos - Help Net Security
AI-Powered Phishing Attack Targets Microsoft 365 Accounts, Experts Warn | Ubergizmo
AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack
Securing AI Models Against Adversarial Attacks in Financial Applications - Security Boulevard
Stealthy attack serves poisoned web pages only to AI agents - Help Net Security
Threat Actor Accidentally Exposes AI-Powered Operations - Infosecurity Magazine
Identity management was hard, AI made it harder - Help Net Security
Deepfakes are rewriting the rules of geopolitics - Help Net Security
AI is everywhere, but scaling it is another story - Help Net Security
The crazy, true story behind the first AI-powered ransomware • The Register
Anthropic Bans Chinese Entities from Claude AI Over Security Risks
2FA/MFA
Salty2FA Phishing Kit Unveils New Level of Sophistication - Infosecurity Magazine
6 ways to identify fake 2FA prompts and protect your accounts
Azure mandatory multifactor authentication: Phase 2 starting in October 2025 | Microsoft Azure Blog
Malware
macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi - Infosecurity Magazine
Secretive MaaS Group Spreads Novel 'CastleRAT'
Malicious npm Packages Steal Ethereum Keys in Typosquatting Attack
Atomic Stealer Disguised as Cracked Software Attacking macOS Users
'MostereRAT' Blends In, Blocks Security Tools
AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto
Hackers left empty-handed after massive NPM supply-chain attack
Vidar Infostealer Back With a Vengeance
Fileless Malware Deploys Advanced RAT via Legitimate Tools - Infosecurity Magazine
AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack
20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack
Russian Threat Group Targets Microsoft Outlook With Malware | Security Magazine
Chinese APT Actor Compromises Military Firm with Novel Fileless Malware - Infosecurity Magazine
Bots/Botnets
Exposed Docker APIs Likely Exploited to Build Botnet - SecurityWeek
Mobile
New Android RAT uses Near Field Communication to automatically steal money from devices | TechRadar
What is SIM-swapping fraud and what are the signs? - BBC News
New RatOn Android Malware Targets Banking Apps and Crypto Wallets via NFC Attacks
Apple Warns Of Series Mercenary Spyware Attacks Targeting Users Devices
Is WhatsApp Still Safe? Security Experts Weigh In After Zero-Day - ClearanceJobs
Ex-WhatsApp security boss sues Meta, alleging it ignored privacy flaws - The Washington Post
Is your phone actually listening in on you? The answer is complicated
Russia targets WhatsApp and pushes new 'super-app' as internet blackouts grow - BBC News
Traveling soon? 5 simple ways I thwart phone thieves - and you can too | ZDNET
Apple’s new Memory Integrity Enforcement system deals a huge blow to spyware developers | CyberScoop
Denial of Service/DoS/DDoS
Internet of Things – IoT
How Has IoT Security Changed Over the Past 5 Years?
70% of smart home devices vulnerable to cyberattacks: Cyber Security Council
Connected cars are racing ahead, but security is stuck in neutral - Help Net Security
7 Vulnerable IoT Devices: Hacking Risks and Security Tips
Data Breaches/Leaks
Qantas penalizes executives for July cyberattack | The Record from Recorded Future News
61% of US Companies Hit by Insider Data Breaches - Infosecurity Magazine
Salesloft Drift Cyberattack Ups Social Engineering Attack Concerns
More Cybersecurity Firms Hit by Salesforce-Salesloft Drift Breach - SecurityWeek
Salesloft GitHub Account Compromised Months Before Salesforce Attack - SecurityWeek
Financial services firm Wealthsimple discloses data breach
Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack
Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack - SecurityWeek
Qualys Confirms Data Breach - Hackers Accessed Salesforce Data in Supply Chain Attack
Tenable Confirms Data Breach - Hackers Accessed Customers Contact Details
France: Three Regional Healthcare Agencies Targeted by Cyber-Attacks - Infosecurity Magazine
VC giant Insight Partners notifies staff and limited partners after data breach | TechCrunch
Pentagon left livestream keys exposed, hijack risk included • The Register
Call audio from gym members, employees in open database • The Register
Everything we know about the Plex data breach so far | IT Pro
Irish League of Credit Unions is 'enhancing cybersecurity' after attack
100,000 Impacted by Cornwell Quality Tools Data Breach - SecurityWeek
Panama Ministry of Economy discloses breach claimed by INC ransomware
Plex tells users to reset passwords after new data breach
PSNI 'cannot afford' to pay staff compensation over data breach - BBC News
Organised Crime & Criminal Actors
US sanctions companies and individuals behind Southeast Asian scam centers | Crime News | Al Jazeera
Threat Actor Accidentally Exposes AI-Powered Operations - Infosecurity Magazine
Kosovo hacker pleads guilty to running BlackDB cybercrime marketplace
Bulletproof Host Stark Industries Evades EU Sanctions – Krebs on Security
Huntress's attacker surveillance splits infosec community • The Register
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Exclusive: How North Korean hackers are using fake job offers to steal cryptocurrency | Reuters
New Android RAT uses Near Field Communication to automatically steal money from devices | TechRadar
New RatOn Android Malware Targets Banking Apps and Crypto Wallets via NFC Attacks
Malicious npm Packages Steal Ethereum Keys in Typosquatting Attack
Hackers left empty-handed after massive NPM supply-chain attack
Insider Risk and Insider Threats
Exclusive: How North Korean hackers are using fake job offers to steal cryptocurrency | Reuters
61% of US Companies Hit by Insider Data Breaches - Infosecurity Magazine
You Didn't Get Phished — You Onboarded the Attacker
Fake employers from North Korea hack hundreds | Cybernews
CISOs, stop chasing vulnerabilities and start managing human risk - Help Net Security
Students Pose Inside Threat to Education Sector
Supply Chain and Third Parties
71% of CISOs hit with third-party security incident this year | CSO Online
Hackers left empty-handed after massive NPM supply-chain attack
Mitigating supply chain vulnerabilities | TechRadar
Supply Chain Challenges and Solutions Outlined in Capgemini Report
Salesloft Breached via GitHub Account Compromise
Salesloft GitHub Account Compromised Months Before Salesforce Attack - SecurityWeek
Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack
Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack - SecurityWeek
Qualys Confirms Data Breach - Hackers Accessed Salesforce Data in Supply Chain Attack
Tenable Confirms Data Breach - Hackers Accessed Customers Contact Details
20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack
Cloud/SaaS
Microsoft now enforces MFA on Azure Portal sign-ins for all tenants
Azure mandatory multifactor authentication: Phase 2 starting in October 2025 | Microsoft Azure Blog
AI-Powered Phishing Attack Targets Microsoft 365 Accounts, Experts Warn | Ubergizmo
Microsoft's China cloud condundrum - Tech Monitor
Outages
Ransomware, vendor outages, and AI attacks are hitting harder in 2025 - Help Net Security
Microsoft fixes Exchange Online outage affecting users worldwide
Identity and Access Management
Are cybercriminals hacking your systems – or just logging in?
Identity management was hard, AI made it harder - Help Net Security
Encryption
Nearly 500 researchers urge EU to rethink controversial CSAM scanning proposal - Help Net Security
The New Math of Quantum Cryptography | WIRED
Brussels faces privacy crossroads over encryption backdoors • The Register
Passwords, Credential Stuffing & Brute Force Attacks
Are cybercriminals hacking your systems – or just logging in?
Beware of Malicious Facebook Ads With Meta Verified Steals User Account Details
Everything we know about the Plex data breach so far | IT Pro
Plex tells users to reset passwords after new data breach
Social Media
Beware of Malicious Facebook Ads With Meta Verified Steals User Account Details
Malvertising
Beware of Malicious Facebook Ads With Meta Verified Steals User Account Details
Regulations, Fines and Legislation
UK toughens Online Safety Act with ban on self-harm content • The Register
False Claims Act Expands to Cybersecurity Settlements
The Expanding Scope of FCA-Cybersecurity Liability | Sheppard Mullin Richter & Hampton LLP - JDSupra
CISA pushes final cyber incident reporting rule to May 2026 | CyberScoop
Experts poke holes in UK online safety regs • The Register
Brussels faces privacy crossroads over encryption backdoors • The Register
US politicians ponder Wimwig cyber intel sharing law | Computer Weekly
Banks warn of risks as critical cyber law nears expiration | American Banker
UK delays introducing new cybersecurity legislation, again | The Record from Recorded Future News
Trump Cuts Imperil Private Sector Cybersecurity Cooperation
Nearly 500 researchers urge EU to rethink controversial CSAM scanning proposal - Help Net Security
Patchy cyber workforce efforts face uncertain future under Trump
US government lacks clarity into its infosec workforce • The Register
CISA work not ‘degraded’ by Trump administration cuts, top agency official says | CyberScoop
Your Internet Access Is at Risk. We’re Speaking Up - Internet Society
The Newly Named Department Of War Goes To War On Cyber With 48 CFR Rule
Models, Frameworks and Standards
The Expanding Scope of FCA-Cybersecurity Liability | Sheppard Mullin Richter & Hampton LLP - JDSupra
CISA pushes final cyber incident reporting rule to May 2026 | CyberScoop
Careers, Working in Cyber and Information Security
CSO hiring on the rise: How to land a top security exec role | CSO Online
Law Enforcement Action and Take Downs
Kosovo hacker pleads guilty to running BlackDB cybercrime marketplace
Misinformation, Disinformation and Propaganda
Deepfakes are rewriting the rules of geopolitics - Help Net Security
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Chinese APT Actor Compromises Military Firm with Novel Fileless Malwar - Infosecurity Magazine
China went to 'EggStreme' lengths to attack Philippines • The Register
China
Elections watchdog admits 'painful lessons learned' after Chinese hack - BBC News
AI-powered penetration tool downloaded 10K times • The Register
Chinese APT Actor Compromises Military Firm with Novel Fileless Malwar - Infosecurity Magazine
Microsoft's China cloud condundrum - Tech Monitor
Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: Report - SecurityWeek
45 New Domains Linked to Salt Typhoon, UNC4841
'We have to act' on China, says Trump cybersecurity adviser | The National
American Security Systems are Compromised by China | RealClearDefense
China’s ‘Typhoons’ changing the way FBI hunts sophisticated threats | CyberScoop
China went to 'EggStreme' lengths to attack Philippines • The Register
Anthropic Bans Chinese Entities from Claude AI Over Security Risks
Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure
NASA bars Chinese citizens from its facilities, networks • The Register
US tech firms ‘enabled China’s surveillance state’
Russia
Russian Offensive Cyber Operations: Analyzing Putin’s Foreign Policy Actions | Security Magazine
Russian Threat Group Targets Microsoft Outlook With Malware | Security Magazine
Russia targets WhatsApp and pushes new 'super-app' as internet blackouts grow - BBC News
Bulgaria U-turns on claim Moscow jammed GPS of von der Leyen's plane | Euronews
North Korea
Exclusive: How North Korean hackers are using fake job offers to steal cryptocurrency | Reuters
You Didn't Get Phished — You Onboarded the Attacker
Fake employers from North Korea hack hundreds | Cybernews
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
The US is now the largest investor in commercial spyware - Ars Technica
Tools and Controls
Critical 0-Click Vulnerability Enables Attackers to Takeover Email Access Using Punycode
Remote Access Abuse Biggest Pre-Ransomware Indicator - Infosecurity Magazine
Why security teams are turning to the dark web to protect executives - Digital Journal
Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack
Cyber resilience matters as much as cyber defence - NCSC.GOV.UK
CISOs, stop chasing vulnerabilities and start managing human risk - Help Net Security
'Gentlemen' Ransomware Abuses Vulnerable Driver
Three Critical Facts About Cyber Risk Management | Trend Micro (US)
A CISO’s guide to monitoring the dark web | CSO Online
CISO's guide to security vendor consolidation | TechTarget
Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges
AI-powered penetration tool downloaded 10K times • The Register
Identity management was hard, AI made it harder - Help Net Security
How attackers weaponize communications networks - Help Net Security
Reports Published in the Last Week
Other News
Working with partners to tackle cyber crime and fraud - GOV.UK
MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel
Firmware is the weak link in your PC's security. Here's how to stay safe | PCWorld
PayPal hacked? Here's how to regain control | PCWorld
Surge in networks scans targeting Cisco ASA devices raise concerns
Staff want compensation after summer cyber-attack
Attackers test the limits of railway cybersecurity - Help Net Security
Attackers are coming for drug formulas and patient data - Help Net Security
Vulnerability Management
Windows 10 losing security support in October – 6 ways to solve the problem - Which?
The Critical Failure in Vulnerability Management
Microsoft gives Windows 10 its penultimate update - but saves the best for Windows 11 | ZDNET
Vulnerabilities
Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws
Critical 0-Click Vulnerability Enables Attackers to Takeover Email Access Using Punycode
Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack
Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges
Akira ransomware crims abusing trifecta of SonicWall flaws • The Register
Critical SAP S/4HANA vulnerability now exploited in attacks
Top CMS Sitecore patches critical zero-day flaw being hit by hackers | TechRadar
Adobe Patches Critical ColdFusion and Commerce Vulnerabilities - SecurityWeek
Fortinet, Ivanti, Nvidia Release Security Updates - SecurityWeek
Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday - Help Net Security
Cisco Patches High-Severity IOS XR Vulnerabilities - SecurityWeek
Windows 10 losing security support in October – 6 ways to solve the problem - Which?
'Gentlemen' Ransomware Abuses Vulnerable Driver
SAP Patches Critical NetWeaver (CVSS Up to 10.0) and High-Severity S/4HANA Flaws
Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday - Help Net Security
Microsoft: Anti-spam bug blocks links in Exchange Online, Teams
Microsoft gives Windows 10 its penultimate update - but saves the best for Windows 11 | ZDNET
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.