InfoSecBulletin Cybersecurity for mankind
BlackCat hacks Motel One Group and steals 24.5 million files of data. Someone on the dark web claims to have FBI credentials, but it’s unclear if they’re real. Medusa targets two companies and demands large ransoms. Here are the top 5 news highlights from the past day.
* Motel One Group was attacked by BlackCat ransomware. They stole 6 TB of data, which included 150 customer credit card records. The attackers claim to have taken 24.5 million files.
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
* SeigedSec is reportedly selling the FBI’s Law Enforcement Enterprise Portal (LEEP) account credentials. It’s unknown how many credentials are being sold or if they are real.
* The LockBit ransomware group attacked Fauquier County Public Schools in Virginia and demanded ransom payment by October 19.
* The FBI has warned the energy industry that Chinese and Russian attackers are expected to target critical energy infrastructure more frequently because of changes in global energy supply.
* Netscout reported a significant increase in DDoS attacks in the first half of 2023. There were around 7.9 million attacks, representing a 31% surge compared to the previous year. They also noticed a resurgence in DNS water-torture attacks, with a rise of 353%.
