Australian Clinical Labs ordered to pay penalties in relation to Medlab Pathology data breach
The Federal Court yesterday ordered that Australian Clinical Labs (ACL) pay $5.8 million in civil penalties in relation to a data breach by its Medlab…
Month: October 2025
Hackers claim Discord breach exposed data of 5.5 million users
Discord says they will not be paying threat actors who claim to have stolen the data of 5.5 million unique users from the company’s Zendesk…
Crimson Collective Leverages AWS Services to Exfiltrate Sensitive Data
A new threat group calling itself Crimson Collective has emerged as a significant cybersecurity concern, targeting Amazon Web Services (AWS) cloud environments with sophisticated data…
FreePBX SQL Injection Vulnerability Exploited to Modify The Database
A critical SQL injection vulnerability in FreePBX has emerged as a significant threat to VoIP infrastructure worldwide, enabling attackers to manipulate database contents and achieve…
Optus used wrong email address to inform gov of Triple Zero outage
Optus sent the first notifications of its Triple Zero outage to a recently-retired and unmonitored government email address, where they went unnoticed for over 24…
Qilin ransomware claimed responsibility for the Asahi attack
Qilin ransomware claimed responsibility for the attack on the beer giant Asahi Pierluigi Paganini October 08, 2025 Qilin ransomware claimed responsibility for the recent attack…
Hackers Actively Compromising Databases Using Legitimate Commands
A sophisticated new breed of ransomware attacks is leveraging legitimate database commands to compromise organizations worldwide, bypassing traditional security measures through “malware-less” operations. Unlike conventional…
Zero trust is the key to effective security in a cloud-ready, firewall-free world
Twentieth century security approaches are no longer fit for purpose. With applications and data distributed more widely than ever and users operating from different locations,…
Scattered Lapsus$ Hunters Launched a New Leak Site to Release Data Stolen from Salesforce Instances
The notorious cybercriminal collective known as Scattered Lapsus$ Hunters has escalated their extortion campaign by launching a dedicated leak site to threaten organizations with the…
High Court upholds retrospective legal fix for AN0M surveillance sting
The High Court of Australia has backed a retrospective law covering the validity of evidence collected using a compromised encrypted app named AN0M. A large…
Crimson Collective hackers target AWS cloud instances for data theft
The ‘Crimson Collective’ threat group has been targeting AWS (Amazon Web Services) cloud environments for the past weeks, to steal data and extort companies. The hackers…
Mustang Panda Using New DLL Side-Loading Technique to Deliver Malware
In recent weeks, cybersecurity analysts have observed a resurgence of the Mustang Panda threat actor deploying a novel DLL side-loading approach to deliver malicious payloads.…