Ticker feed

Discord suffered a data breach on September 20 when hackers compromised a third-party customer service provider to extort money from the gaming platform. The attack exposed personal information from users who contacted customer support, including usernames, emails, billing details, IP addresses, and government ID documents like passports and driver's licenses.

The stolen IDs belonged to users who had appealed age verification decisions in the UK and Australia, where Discord uses facial recognition technology. While Discord says it normally deletes these images after verification, some were stored for manual review appeals.

Discord has notified affected users, revoked the provider's access, and contacted law enforcement. The breach comes as Australia prepares to implement a social media ban for under-16s in December.

Source: The Guardian

Europol's executive director Catherine de Bolle told 500 global experts that cybercriminals are exploiting encryption and emerging technologies faster than authorities can respond. At the agency's annual Cybercrime Conference, officials emphasized that lawful data access has become the decisive factor in fighting cyber threats.

European Commissioner Magnus Brunner stressed that "cybercrime knows no borders" as drones threaten critical infrastructure and criminals exploit new technologies. The conference highlighted successful operations including Operation Eastwood, which disrupted pro-Russian hacktivists, and Operation Ratatouille, leading to arrests of major cybercrime platform administrators.

Delegates discussed balancing privacy with security needs and updating regulatory frameworks to match evolving technology.

Source: Industrial Cyber

A 17-year-old and 22-year-old have been arrested in connection with a cyber attack on Kido nursery chain that compromised data of around 8,000 children. The suspects, taken into custody in Bishop's Stortford on Tuesday, face charges of computer misuse and blackmail.

Hackers allegedly used children's photos and names to demand ransom money from the London-based nursery chain. The breach exposed personal contact details of children, parents, and carers two weeks ago.

A group called Radiant initially claimed responsibility and threatened to release more profiles, but later appeared to delete the data following public backlash. Met Police specialist investigators continue working to bring those responsible to justice.

Source: Sky News

BK Technologies, a Florida company that makes wireless communication equipment for police and government agencies, discovered hackers broke into its systems on September 20. The attackers stole employee data, including information on current and former workers, before being kicked out.

The breach caused minor disruptions to non-critical systems, but didn't affect daily operations. BK Technologies told the SEC it doesn't expect the cyberattack to hurt its finances, especially since insurance covers most incident costs.

It's unclear if this was a ransomware attack, as no hacker groups have claimed responsibility yet.

Source: SecurityWeek

Unknown attackers posing as Libya's Navy Office of Protocol targeted Brazil's military using a malicious calendar file to exploit a zero-day vulnerability in Zimbra's email system. The rare attack method bypassed traditional defenses through a weaponized ICS file containing JavaScript that exploited CVE-2025-27915, an XSS vulnerability.

Once executed, the malware stole credentials, emails, contacts, and authentication data while redirecting messages to attacker-controlled servers. The sophisticated payload included multiple obfuscation layers and could bypass multi-factor authentication protections.

Zimbra patched the vulnerability in June with version 10.1.9 after the attack occurred. StrikeReady researchers noted this direct exploitation of collaboration tools via email attachments is extremely rare, suggesting involvement of highly skilled threat actors.

Source: Dark Reading

Jaguar Land Rover's production lines have sat idle for over a month after a devastating cyber attack in late August, costing an estimated £50 million per week. The attack hit during peak demand season, forcing thousands of suppliers into financial crisis.

This isn't isolated. Major retailers like Marks & Spencer and Co-op have faced attacks costing £300 million and £120 million respectively this year. A government survey found 612,000 UK businesses were targeted by hackers.

Experts blame the surge on teenage hackers renting ransomware from Russian criminals, targeting companies with vulnerable "just-in-time" supply chains. The UK's "laissez-faire" approach to cyber security over 15 years is now backfiring, with critical infrastructure increasingly at risk.

Source: BBC

A new 88-page Booz Allen Hamilton report warns that China has developed a sophisticated cyber strategy using AI, supply chain infiltration, and edge device exploitation to gradually erode U.S. strategic advantages globally. The report identifies four key force multipliers Beijing uses: trusted-relationship compromise, edge device exploitation, AI acceleration, and attribution contestation.

China's cyber operations target three strategic arenas: constraining U.S. power in East Asia, fracturing alliance coordination in Europe and Five Eyes countries, and embedding leverage across developing nations. The strategy exploits vendor relationships and PRC-manufactured networking hardware to maintain persistent access to critical infrastructure.

Booz Allen emphasizes this isn't just isolated cyber intrusions but a coordinated national effort to reshape global competition. The report recommends urgent action including zero-trust architecture implementation, vendor access reform, and proactive strategic engagement to counter China's growing cyber dominance before these advantages become permanent.

Source: Industrial Cyber

A critical security flaw (CVE-2025-27237) in Zabbix Agent and Agent 2 for Windows lets attackers with local access escalate privileges through DLL injection attacks. The vulnerability, scored 7.3 (High), affects versions 6.0.0-6.0.40, 7.0.0-7.0.17, 7.2.0-7.2.11, and 7.4.0-7.4.1.

The issue stems from improper handling of OpenSSL configuration files, where low-privileged users can modify the config path to inject malicious DLLs. When the agent restarts, it loads the malicious code with elevated system privileges.

Zabbix has released patches (versions 6.0.41, 7.0.18, 7.2.12, and 7.4.2) that fix the access controls. System administrators should update immediately, as no workarounds exist for this widespread enterprise monitoring solution vulnerability.

Source: Cyber Security News

UK schools are facing a cyber security crisis, with 60% of secondary schools suffering attacks or breaches in the past year, according to new government data. The numbers are even worse for colleges (80%) and universities (90%), compared to just 40% of private businesses.

Phishing emails targeting passwords are the most common attack method. Recent ransomware hits include West Lothian council's education network and several universities like Newcastle and Manchester. Experts say schools aren't deliberately targeted but get "caught up in the dragnet" of opportunistic cybercrime.

Funding pressures leave state schools particularly vulnerable, while universities face risks from thousands of students who may lack cyber awareness. The government is considering banning ransomware payments for public institutions.

Source: The Guardian

Security researchers at LayerX discovered a dangerous vulnerability called "CometJacking" that weaponizes Perplexity's AI-powered Comet browser against users. The attack works through a single malicious URL that tricks the browser's AI assistant into stealing personal data from connected services like Gmail and Google Calendar.

Unlike traditional browser attacks, CometJacking exploits the trust relationship between users and their AI assistants. When someone clicks the malicious link, hidden commands in the URL instruct the AI to access user memory and encode stolen data using base64 before sending it to attacker-controlled servers.

Researchers successfully demonstrated email theft and calendar harvesting during testing. LayerX reported the vulnerability to Perplexity in August 2025, but the company initially dismissed it as having "no security impact."

Source: Cybersecurity News