Hackers breached Discord through a third-party customer service provider, stealing government ID photos from approximately 70,000 users who submitted them for age verification appeals. The attackers reportedly grabbed 1.5 terabytes of data and are demanding ransom money from Discord.

The stolen information includes names, usernames, email addresses, messages to customer support, and limited billing details like the last four digits of credit cards. However, passwords and full payment information weren't compromised.

Discord immediately cut off the vendor's access and contacted law enforcement. The company is notifying affected users via email from noreply@discord.com. Some frustrated users report Discord never processed their age appeals before the breach occurred.

Source: CNET

SonicWall confirmed Wednesday that attackers successfully breached its cloud backup service through a brute-force attack, accessing firewall configuration files from every customer who used the platform. The company initially downplayed the breach's scope, claiming less than 5% of customers were affected, but later admitted all cloud backup users were compromised.

The stolen data includes firewall rules, encrypted passwords, and network configurations—essentially a roadmap for future attacks. Security experts criticized SonicWall for lacking basic protections like rate limiting on public APIs.

This marks another blow for SonicWall customers, who've faced years of actively exploited vulnerabilities, including recent Akira ransomware campaigns. The company has notified affected customers and released detection tools.

Source: CyberScoop

A Vietnam-based cyber group called BatShadow is targeting job seekers and digital marketing professionals with malicious emails containing "Vampire Bot" malware. The sophisticated surveillance tool, written in Go, continuously captures screenshots and steals sensitive data from infected computers.

The attack works through zip files containing fake PDFs and hidden malicious executables. When victims open these files, PowerShell scripts quietly install the malware while displaying a decoy document. Vampire Bot then harvests system information, maintains persistence by hiding in core folders, and sends encrypted data to command servers.

Researchers at Aryaka Threat Research Labs say the campaign exploits job seekers' willingness to open career-related emails, making them prime targets for cybercriminals seeking extended system access.

Source: Dark Reading

Discord suffered a data breach on September 20 when hackers compromised a third-party customer service provider to extort money from the gaming platform. The attack exposed personal information from users who contacted customer support, including usernames, emails, billing details, IP addresses, and government ID documents like passports and driver's licenses.

The stolen IDs belonged to users who had appealed age verification decisions in the UK and Australia, where Discord uses facial recognition technology. While Discord says it normally deletes these images after verification, some were stored for manual review appeals.

Discord has notified affected users, revoked the provider's access, and contacted law enforcement. The breach comes as Australia prepares to implement a social media ban for under-16s in December.

Source: The Guardian

Europol's executive director Catherine de Bolle told 500 global experts that cybercriminals are exploiting encryption and emerging technologies faster than authorities can respond. At the agency's annual Cybercrime Conference, officials emphasized that lawful data access has become the decisive factor in fighting cyber threats.

European Commissioner Magnus Brunner stressed that "cybercrime knows no borders" as drones threaten critical infrastructure and criminals exploit new technologies. The conference highlighted successful operations including Operation Eastwood, which disrupted pro-Russian hacktivists, and Operation Ratatouille, leading to arrests of major cybercrime platform administrators.

Delegates discussed balancing privacy with security needs and updating regulatory frameworks to match evolving technology.

Source: Industrial Cyber

A 17-year-old and 22-year-old have been arrested in connection with a cyber attack on Kido nursery chain that compromised data of around 8,000 children. The suspects, taken into custody in Bishop's Stortford on Tuesday, face charges of computer misuse and blackmail.

Hackers allegedly used children's photos and names to demand ransom money from the London-based nursery chain. The breach exposed personal contact details of children, parents, and carers two weeks ago.

A group called Radiant initially claimed responsibility and threatened to release more profiles, but later appeared to delete the data following public backlash. Met Police specialist investigators continue working to bring those responsible to justice.

Source: Sky News

BK Technologies, a Florida company that makes wireless communication equipment for police and government agencies, discovered hackers broke into its systems on September 20. The attackers stole employee data, including information on current and former workers, before being kicked out.

The breach caused minor disruptions to non-critical systems, but didn't affect daily operations. BK Technologies told the SEC it doesn't expect the cyberattack to hurt its finances, especially since insurance covers most incident costs.

It's unclear if this was a ransomware attack, as no hacker groups have claimed responsibility yet.

Source: SecurityWeek

Unknown attackers posing as Libya's Navy Office of Protocol targeted Brazil's military using a malicious calendar file to exploit a zero-day vulnerability in Zimbra's email system. The rare attack method bypassed traditional defenses through a weaponized ICS file containing JavaScript that exploited CVE-2025-27915, an XSS vulnerability.

Once executed, the malware stole credentials, emails, contacts, and authentication data while redirecting messages to attacker-controlled servers. The sophisticated payload included multiple obfuscation layers and could bypass multi-factor authentication protections.

Zimbra patched the vulnerability in June with version 10.1.9 after the attack occurred. StrikeReady researchers noted this direct exploitation of collaboration tools via email attachments is extremely rare, suggesting involvement of highly skilled threat actors.

Source: Dark Reading

Jaguar Land Rover's production lines have sat idle for over a month after a devastating cyber attack in late August, costing an estimated £50 million per week. The attack hit during peak demand season, forcing thousands of suppliers into financial crisis.

This isn't isolated. Major retailers like Marks & Spencer and Co-op have faced attacks costing £300 million and £120 million respectively this year. A government survey found 612,000 UK businesses were targeted by hackers.

Experts blame the surge on teenage hackers renting ransomware from Russian criminals, targeting companies with vulnerable "just-in-time" supply chains. The UK's "laissez-faire" approach to cyber security over 15 years is now backfiring, with critical infrastructure increasingly at risk.

Source: BBC

A new 88-page Booz Allen Hamilton report warns that China has developed a sophisticated cyber strategy using AI, supply chain infiltration, and edge device exploitation to gradually erode U.S. strategic advantages globally. The report identifies four key force multipliers Beijing uses: trusted-relationship compromise, edge device exploitation, AI acceleration, and attribution contestation.

China's cyber operations target three strategic arenas: constraining U.S. power in East Asia, fracturing alliance coordination in Europe and Five Eyes countries, and embedding leverage across developing nations. The strategy exploits vendor relationships and PRC-manufactured networking hardware to maintain persistent access to critical infrastructure.

Booz Allen emphasizes this isn't just isolated cyber intrusions but a coordinated national effort to reshape global competition. The report recommends urgent action including zero-trust architecture implementation, vendor access reform, and proactive strategic engagement to counter China's growing cyber dominance before these advantages become permanent.

Source: Industrial Cyber