Global Malvertising Campaign Exploits Trusted Software Installers
A major malvertising operation known as TamperedChef is tricking users worldwide into installing malware disguised as legitimate software installers. According to Acronis Threat Research Unit (TRU), attackers are deploying fake versions of common tools to establish persistent access and deliver a JavaScript-based backdoor for remote control. The campaign remains active, supported by search engine manipulation, fake ads, and abused digital certificates—all intended to boost credibility and evade security detection.
Cloudflare Outage Disrupts Major Websites Worldwide
A global Cloudflare outage briefly impacted access to major websites and online services on Tuesday, causing intermittent failures across platforms including OpenAI, Spotify, X (formerly Twitter), and numerous telecom and media sites. Users reported that pages either would not load or lacked key content, and even Downdetector—which tracks service disruptions—became temporarily unavailable. Cloudflare acknowledged the issue and began gradually restoring service approximately three hours after the problem began.
Chinese Threat Actors Harness AI to Launch Autonomous Cyber Attacks
In mid-September 2025, state-sponsored cyber actors from China exploited Anthropic’s AI technology, specifically Claude Code, to orchestrate automated attacks on roughly 30 high-value global targets, including tech firms, financial institutions, chemical manufacturers, and government agencies.
Practical Steps to Helping Your Business Avoid or Survive a Ransomware Attack
Running a business today can be likened to trying to navigate a digital minefield. You know there are dangers all around, but knowing where they are and how to avoid them is rarely an easy task.
Cl0p Ransomware Group Claims Oracle E-Business Suite Attacks Impacting Nearly 30 Organizations
Cybercriminals have allegedly targeted almost 30 organizations in a coordinated campaign exploiting Oracle’s E-Business Suite (EBS) enterprise resource planning software. The operation, which began in late September, involved extortion emails sent to senior executives and is believed to be the work of the financially motivated threat group known as FIN11.
New ChatGPT Vulnerabilities Expose Risks of Prompt Injection Attacks
Cybersecurity researchers at Tenable have uncovered seven vulnerabilities in OpenAI’s ChatGPT, specifically affecting its GPT-4o and GPT-5 models. These flaws could allow attackers to steal personal data from users’ memories and chat histories without their knowledge. OpenAI has since patched several of the issues, which were found to make the chatbot susceptible to indirect prompt injection attacks—a manipulation technique that tricks large language models into executing hidden or malicious commands.
European Authorities Dismantle €600 Million Crypto Fraud Network
A major international investigation led by Eurojust, the European Union’s judicial cooperation agency, has resulted in the arrest of nine individuals accused of running a large-scale cryptocurrency investment scam. The operation, supported by prosecutors from France, Belgium, Spain, Germany, and Cyprus, targeted a network allegedly behind a series of fake crypto investment websites.
Kaspersky Uncovers ‘Dante’ Spyware in Global Espionage Campaign
Kaspersky researchers have exposed Operation ForumTroll, a cyber-espionage campaign using “Dante,” a new spyware tool developed by Memento Labs, the rebranded successor of the infamous Hacking Team.
