InfoSecBulletin Cybersecurity for mankind
The ever-increasing influence of Chinese threat actors in the cyber landscape is causing significant concern. As per the latest revelations, a Chinese state-linked group successfully stole data from a U.S. federal agency and targeted several European nations too. Today, we also have a Delaware county facing temporary outages due to a cyberattack from a few days back. In other news, with all these scams going around, you might think that there are lots of scammers associated with the business. However, that’s not the case. To know more about this and other highlights, read along.
The CISA and FBI issued a warning together that the Storm-0558 threat group, which is associated with China, accessed and stole unclassified Exchange Online Outlook data from an undisclosed U.S. source FCEB agency.
Microsoft Confirms 900+ XSS Vulns Found in IT Services
Daily Security Update Dated : 15.09.2025
IBM QRadar SIEM Vuln Let Attackers Perform Unauthorized Actions
Major Australian Banks using Army of AI Bots to Scam Scammers
F5 to acquire CalypsoAI for $180M for Advanced AI Security Capabilities
AI Pentesting Tool ‘Villager’ Merges Kali Linux with DeepSeek AI for Automated Attacks
CVE-2025-21043
Samsung Patched Critical Zero-Day Flaw Exploited in Android Attacks
Albania appoints world’s first AI minister, “Diella” to Tackle Corruption
L7 DDoS Botnet Hijacked 5.76M Devices for Large Attacks
Palo Alto Networks User-ID Credential Agent Vuln Exposes password In Cleartext
Kent County in Delaware is experiencing a cyberattack that has disrupted municipal services, leading to a temporary offline status of internet-based services and phone numbers.
ALSO READ:
The Cl0p ransomware group put the data of 62 clients of Ernst & Young, including Air Canada and United Parcel Service Canada Ltd., on their leak sites. The group had exploited the MOVEit vulnerability and leaked 3TB of information belonging to the accounting firm.
Ransomware attacks have seen a significant increase in 2023, with cybercriminals extorting nearly $175.8 million more than the previous year, revealed Chainalysis.
Barracuda Networks and Columbia University studied 300,000 extortion emails and discovered that fewer than 100 scammers worldwide are behind them.
USB-delivered malware campaigns have seen a threefold increase in malware attacks in the first half of 2023, with two notable campaigns delivering Sogu and Snowydrive malware to various industries worldwide – reported Mandiant.
The hacker group Nobelium, supported by the Russian government, used fake BMW car listings to deceive Ukrainian diplomats into clicking on harmful links that install malware. The campaign has targeted at least 22 of the 80 foreign missions in Kyiv.
ZooTampa, a popular U.S. zoo, experienced a cyberattack resulting in the theft of employee and vendor information, with an affiliate of the Royal ransomware gang claiming responsibility.
Vietnamese threat actors are actively targeting Facebook business accounts using fake Ads Manager software and malicious Chrome extensions, resulting in over 800 victims worldwide losing more than $180,000 in compromised ad budgets.
In a recent finding, FortiGuard Labs uncovered a malicious operation that capitalizes on a pair of well-known vulnerabilities, including Follina, to implant the perilous LokiBot trojan on targeted devices. The campaign first came to light in May.
