Credit bureau TransUnion suffered a major data breach on July 28 that exposed sensitive information of 4.4 million customers. The breach compromised names, Social Security numbers, and birthdates through unauthorized access to a third-party application storing customer data.

State filings reveal conflicting details about what information was accessed, but the most serious filing from Texas confirms Social Security numbers were exposed. Since the breach occurred months ago, experts warn the stolen data may already be circulating on the dark web.

TransUnion is offering affected customers 24 months of free credit monitoring and notifying those impacted. Consumer rights firm Wolf Haldenstein advises people to watch for unusual credit report activity and consider freezing their credit.

Source: CNET

Cybercriminals executed a sophisticated supply chain attack called "s1ngularity" targeting the Nx JavaScript build system, which has over 4 million weekly downloads. On August 26, hackers exploited a workflow vulnerability to steal GitHub and NPM tokens, publishing eight malicious versions of Nx packages between 6:32-8:37 PM EDT.

The malware systematically harvested sensitive data from infected systems, including SSH keys, API tokens, and cryptocurrency wallet information. In a groundbreaking twist, attackers weaponized AI tools like Claude and Gemini to assist with reconnaissance and data theft—marking the first known case of AI being turned against developers in supply chain attacks.

Security firms discovered over 2,300 stolen secrets uploaded to more than 1,000 GitHub repositories. Half of these credentials remained valid when discovered, highlighting the urgent need for immediate revocation of compromised tokens.

Source: Security Week

A new phishing campaign called "ZipLine" is turning traditional tactics upside down by making victims initiate contact first. Attackers submit fake partnership inquiries through company contact forms, then spend weeks building trust through professional emails before striking with malicious zip files containing the "MixShell" implant.

The scammers use abandoned domains from 2015-2019 with legitimate business histories to bypass security filters. Their fake websites all use identical templates featuring the same stock photo of White House butlers as company founders.

Industrial manufacturers are prime targets, though the campaign spans biotech, pharma, and semiconductor companies. Check Point Software warns this sophisticated approach requires extensive preparation but exploits human trust through legitimate business channels.

Source: Dark Reading

A sophisticated ransomware attack hit Nevada's government systems Sunday, forcing all state offices to close and potentially compromising personal information. Gov. Joe Lombardo initially said no data was stolen, but officials revealed Wednesday that hackers may have accessed personal records during the breach.

The cyberattack immobilized essential services statewide. DMV offices remain closed, leaving residents unable to complete appointments. Law enforcement lost access to state records, and Nevada State Police dispatch lines went down temporarily, though 911 services stayed operational.

State officials are carefully rebuilding systems to ensure hackers are completely removed before reconnecting networks. The attack highlights growing threats to smaller government agencies nationwide.

Source: CBS News

The Chinese state-sponsored Salt Typhoon hacking group has expanded far beyond telecommunications, now targeting government, transportation, lodging, and military networks across 80+ countries. The FBI revealed Wednesday that over 200 American organizations have been compromised, vastly exceeding the nine telecom companies previously identified.

This campaign, dubbed the most serious telecom breach in US history, may have started years ago and famously targeted US presidential candidates. Cybersecurity agencies from 12 countries issued joint technical guidance to help organizations defend against the attacks.

The hackers exploit router vulnerabilities to maintain persistent access across critical infrastructure. Beyond stealing communications data, targeting hospitality and transportation sectors allows them to build comprehensive surveillance profiles of individuals' movements and contacts.

Source: CyberScoop

Citrix is dealing with another security crisis as attackers actively exploit a zero-day vulnerability in its NetScaler products. The critical flaw, CVE-2025-7775, scores 9.2 out of 10 on the severity scale and allows remote attackers to hijack systems or crash them without needing credentials.

The vulnerability affects NetScaler ADC and Gateway devices used by organizations for secure remote access. Two additional flaws were also disclosed, bringing the total to three new security holes. What's particularly concerning is that nearly 20% of NetScaler devices run on unsupported, end-of-life versions that can't be patched.

This marks yet another blow for Citrix, whose NetScaler products have become a favorite target for cybercriminals. The US government currently lists 10 NetScaler vulnerabilities in its catalog of actively exploited flaws, with six discovered in just the past two years.

Source: Dark Reading

AT&T has reached a massive $177 million settlement for two major data breaches that exposed millions of customers' personal information. The 2019 breach affected 73 million people, exposing Social Security numbers and birth dates. A separate 2024 hack accessed phone records of 109 million customers through cloud provider Snowflake.

Customers can now file claims through November 18, 2025. Those who can prove documented losses may receive up to $5,000 for the 2019 breach and $2,500 for the 2024 incident. People affected by both breaches can claim compensation from each settlement. Even without proof of loss, eligible customers will receive cash payments based on which breach affected them.

Source: CNET

Healthcare Services Group, a major provider of housekeeping and food services to healthcare facilities, suffered a significant data breach affecting 624,000 individuals. The Pennsylvania-based company discovered unauthorized access to its systems containing sensitive personal information including names, Social Security numbers, and medical data.

The breach occurred earlier this year, though the company has not disclosed specific details about how attackers gained access or the exact timeline of the incident. Healthcare Services Group has notified affected individuals and is providing credit monitoring services.

This breach adds to the growing list of healthcare-related cyberattacks in 2025, highlighting ongoing vulnerabilities in the sector's digital infrastructure.

Source: Security Week

Cybersecurity researchers at Trail of Bits discovered a sneaky new way to trick AI systems through image scaling attacks. Attackers can hide malicious instructions in high-resolution images that become visible only when AI tools automatically downscale them for processing.

The attack works because the hidden prompt is invisible in the original image but appears clearly in the smaller version that gets fed to the AI model. Trail of Bits demonstrated this by hiding instructions to steal calendar data.

Several major platforms are vulnerable, including Google's Gemini, Vertex AI Studio, and Google Assistant. The researchers released an open-source tool called Anamorpher to help other security experts test for these vulnerabilities.

Source: Security Week

Australia is facing an unprecedented cyber crisis, with one attack hitting every second and over 1,100 data breaches reported in 2024—a 25% jump from 2023. The country now sees 732 breaches per 100 people, far exceeding the global average of 285.

AI-powered attacks are driving much of this surge. More than 50% of Australian businesses experienced cyberattacks in 2024, with 36% being AI-generated—higher rates than the US and UK. Cybercriminals are using AI for sophisticated phishing campaigns, with over 30 million attempts recorded, and even deploying voice-cloning technology for social engineering.

Supply chain vulnerabilities compound the problem, with 38% of breaches stemming from cybersecurity incidents. Healthcare and critical infrastructure remain prime targets through compromised third-party vendors.

Source: Cyble