CRM Breach May Be Tied to Ongoing Scattered Spider and ShinyHunters Campaign Mathew J. Schwartz (euroinfosec) • August 18, 2025     Image: Shutterstock Human resources and finance software giant Workday said hackers breached its customer relationship management software and stole customer data. See Also: What Manufacturing Leaders Are Learning About Cloud Security – from...Read More

SEOUL, Aug. 18 (Yonhap) — A money lending unit under Welcome Financial Group has recently been hit by a ransomware attack in the latest in a series of cyberattacks against South Korean companies, officials said Monday. Welrix I&F is currently checking for possible leaks of customer data after detecting the cyberattack early this month. An...Read More

“Colt are being extorted by Warlock ransomware group, they have been for over a week, Colt are trying to cover it up,” Beaumont wrote on Mastodon on Friday, Aug 15. “Entry likely via sharehelp.colt.net via CVE-2025-53770 as they were interacting with it.” Beaumont added that the group has stolen a few hundred gigabytes of customer...Read More

“Firing the CISO might seem like a necessary reset for CIOs or boards, but it’s not always a strategic move. If the incident response plan was followed, the detection tools worked, and recovery was within SLAs, then replacing the CISO often sends the wrong message internally,” Avakian maintains. “It shows that the security role is...Read More

Colt Technology Services pulls services offline, confirms this was due to a cyberattack A ransomware group called WarLock claimed responsibility Independent researchers believe the attackers struck the company’s SharePoint servers Colt Technology Services has suffered a cyberattack which forced it to pull parts of its IT network offline for several days, thought to be a...Read More

Manufacturing remains prime ransomware target in Q2 as new groups, state-aligned actors reshape industrial threat landscape  Industrial Cyber Source link .........................Read More

Korean firms YES24, SGI, Welcome Finance endure ransomware attacks and data breaches – CHOSUNBIZ  Chosun Biz Source link .........................Read More

Researchers at software supply chain security outfit Safety think they’ve found malware that targets Russian cryptocurrency developers, and perhaps therefore Russia’s state-linked ransomware crews Safety’s head of research Paul McCarty last week revealed his discovery of npm packages that he wrote “targeted the Solana cryptocurrency ecosystem and pretend to ‘scan’ for Solana SDK components.” The...Read More

Huntress analysts have tracked a fresh ransomware incident involving KawaLocker, also known as KAWA4096. The variant is new, but the method is familiar. Attackers gained access, disabled defenses, and moved to encrypt files. Ransomware families surface often. A year ago, Huntress reported on ReadText34. Just last month, a never-before-seen strain called Crux appeared. KawaLocker joins...Read More

The cybersecurity landscape faces a new sophisticated threat as the Crypto24 ransomware group demonstrates an alarming evolution in attack methodology, seamlessly blending legitimate administrative tools with custom-developed malware to execute precision strikes against high-value targets. This emerging ransomware operation has successfully compromised organizations across Asia, Europe, and the United States, with a particular focus on...Read More