Cybersecurity News | Daily Recap [09 Oct 2025]

Daily Recap, A wave of breaches and extortion efforts hit third-party platforms, Telstra, SonicWall, and major organizations, alongside notable malware and phishing campaigns, while AI security funding and policy updates shape the threat landscape. The incidents span data leaks, zero-days, and credential abuse, with activity from groups like Qilin and Crimson Collective, and evolving attack techniques such as PureRAT chains and WordPress-driven ClickFix phishing.
#DiscordBreach #Telstra #SonicWall #QilinRansomware #CrimsonCollective #TwoNet #WordPress #AI Vulnerability

Breaches & Extortion

Third-party support platform intrusions reportedly exposed between 70,000 and up to 5.5 million Discord users’ data including government IDs, billing info and support communications – Discord Breach, Discord Claims
Telstra denies an internal breach while threat actors continue to claim possession of over 19 million PII records scraped from public sources and issue ransom threats – Telstra Claims
SonicWall confirmed unauthorized access that resulted in theft of firewall configuration backups for all cloud backup customers, urging credential resets and monitoring – SonicWall Breach
Ransomware gang Qilin claimed an attack on Japan’s Asahi, leaking stolen data and causing operational disruption amid ties to broader state-linked threats – Qilin Ransomware
Suspected nation-state actors exploited a zero-day to breach a major US law firm’s attorney email accounts in a campaign tied to China-linked espionage targeting legal sector data – Law Firm Breach
Crimson Collective is actively targeting AWS environments—compromising IAM accounts and escalating privileges to exfiltrate data from cloud repos and extort victims – Crimson Collective
Widespread phishing emails falsely accusing students of exclusions targeted Western Sydney University, causing distress and prompting police and university investigations – WSU Scam

Microsoft & Cloud Outages

An Azure Front Door incident disrupted Microsoft 365 services and admin portals with Microsoft restoring roughly 98% of impacted services while investigations continue – Azure Outage
Widespread Microsoft 365 outage impacted Teams, Exchange Online and MFA/authentication workflows, with status updates posted to the Service Health Dashboard – Microsoft 365 Outage
To combat mailbox overflow and preserve email flow, Exchange Online will enable threshold-based auto-archiving by default, moving items once usage hits 90% of mailbox quota – Exchange Auto-Archive

Malware, Phishing & Exploits

Analysis shows a complex attack chain where an infostealer evolves into a full PureRAT RAT using Python loaders, process hollowing and in-memory payloads to harvest credentials and maintain persistence – PureRAT Chain
Researchers uncovered a new FileFix social-engineering campaign that uses cache smuggling to covertly download malicious ZIPs and trick users with faux Fortinet VPN compliance checks to run hidden PowerShell – FileFix Attack
Threat actors are injecting malicious JavaScript into WordPress sites to power next-gen ClickFix phishing campaigns that perform remote payload loading and cache evasion to deliver malware and redirects – ClickFix Phishing
Hacktivist group TwoNet shifted from DDoS to targeting critical infrastructure, including hitting a decoy water treatment honeypot, highlighting evolving OT-focused hacktivism – Hacktivist Attacks

AI & Security Innovation

Realm.Security raised $15 million in Series A to scale its AI-powered security data pipeline for faster, cheaper investigations – Realm Funding
Experts debate whether AI-SPM will become the standard security layer to monitor and mitigate LLM risks like prompt injection, data exposure and shadow AI in enterprise deployments – AI-SPM
DataTribe’s Cyber Innovation Day highlighted startups with an AI-heavy focus in cybersecurity, underscoring AI’s central role in next-gen defenses – AI at DataTribe
Google launched a dedicated AI Vulnerability Reward Program offering up to $30,000 for bugs in AI products like Gemini to formalize AI security reporting – Google AIVRP
DeepMind unveiled CodeMender, an autonomous AI agent that finds and patches software vulnerabilities to accelerate fixes across projects and reduce risk exposure – CodeMender

Policy & Privacy

California enacted a law requiring browsers to implement a universal, user-friendly opt-out mechanism for third-party data selling, strengthening consumer privacy controls nationwide – California Opt-Out

Events & Training

The virtual Zero Trust & Identity Strategies Summit focuses on ZTNA, identity management and secure authentication best practices for modern Zero Trust deployments – Zero Trust Summit
A live webinar “Step Into the Password Graveyard” reviews real breach cases and modernizes password policies using tools like Specops to reduce credential attack risk – Password Webinar
The Cyber Express will serve as official media partner for c0c0n 2025, India’s 17th cybersecurity conference featuring hands-on training, law enforcement collaboration and innovation villages – c0c0n Partnership

Cybersecurity News | Daily Recap – hendryadrian.com

SHARE THIS STORY

WhatsApp X (Twitter)Telegram Bluesky Facebook LinkedIn Threads Email Print