The NSB reports a significant increase in Chinese cyberattacks on Taiwan's critical infrastructure in 2025, with attacks averaging 2.63 million daily attempts, especially targeting energy and emergency sectors, employing tactics like vulnerability exploitation, DDoS, social engineering, and supply chain attacks, involving major hacker groups and international cooperation to enhance cybersecurity defenses.
The article highlights various high-profile security failures caused by weak passwords, including a Louvre CCTV breach, a US pipeline ransomware attack, nuclear launch code vulnerabilities, a UK business collapse due to hacking, and scandals involving phone hacking and political data breaches, emphasizing the importance of strong, unique passwords and layered security measures.
Advancements in AI are enabling hackers to launch faster, smarter, and more personalized cyberattacks, posing significant threats to critical infrastructure, financial services, and organizations worldwide. While malicious actors are leveraging AI for malicious purposes, cybersecurity professionals are also using AI to enhance defenses, automate threat detection, and respond more effectively, creating a high-stakes race between attackers and defenders.
Microsoft reports a significant increase in the use of AI by Russia, China, Iran, and North Korea to conduct cyberattacks and spread disinformation against the US, with over 200 instances of AI-generated fake content identified in July alone, highlighting the urgent need for improved cybersecurity defenses.
Cybersecurity experts warn that criminal hackers are rapidly exploiting generative AI tools to enhance their cyberattacks, raising concerns about the ability to defend against these evolving threats.
Russia-linked attackers exploited a high-severity WinRAR vulnerability (CVE-2025-8088) before it was patched, using targeted spearphishing campaigns against European and Canadian companies. The vulnerability involves a path-traversal flaw that was exploited via malicious archives containing ADSes, leading to malware deployment and backdoors like Mythic, SnipBot, and RustyClaw. Multiple threat groups, including RomCom and Paper Werewolf, have used this zero-day in targeted attacks, highlighting the importance of timely updates and vigilance.
A group of young cybercriminals called Scattered Spider is increasingly active in launching sophisticated cyberattacks across various sectors, including retail, insurance, and airlines, primarily using social engineering and ransomware tactics. Despite law enforcement efforts, the group remains resilient and poses a significant threat to critical infrastructure, operating within a broader marketplace of cybercriminal services.
US critical infrastructure sectors are on high alert for potential Iranian cyberattacks amid escalating tensions between Iran and Israel, with concerns that US military actions could prompt Iran to target US networks. While federal agencies like CISA have historically increased defenses during geopolitical crises, current federal support appears limited, prompting infrastructure operators and ISACs to independently bolster their cybersecurity measures. The situation remains dynamic, with ongoing monitoring and heightened vigilance across sectors.
Cyber attackers are employing sophisticated methods like zero-day attacks using corrupted files, fileless malware via PowerShell scripts, and phishing hosted on Azure Blob Storage. ANY.RUN's Interactive Sandbox is highlighted as a tool for detecting these threats, offering a cloud-based environment for malware analysis. The sandbox can identify malicious activities in real-time, providing a comprehensive view of the execution chain and network activities.
Romania's political landscape is in turmoil as a court decision on potentially annulling the recent election is postponed until Monday, with a new election possibly occurring in December. Concerns have arisen over the influence of far-right candidate Călin Georgescu, who allegedly used TikTok to sway voters, prompting regulators to investigate. Additionally, Romanian security chiefs have confirmed cyberattacks during the election, with suspicions of Russian involvement, further complicating the political situation.
Romania's Constitutional Court has ordered a recount of votes from the first round of the presidential election after far-right candidate Calin Georgescu unexpectedly won with 22.9% of the vote. Georgescu, who opposes NATO and supports Putin, will face centrist Elena Lasconi in a runoff. The recount decision follows allegations of cyberattacks and claims that TikTok favored Georgescu's campaign. Both candidates have criticized the court's decision, with Lasconi emphasizing the need to protect democracy.
Cybersecurity experts warn of a rise in sophisticated two-step phishing attacks using Microsoft Visio files and SVG attachments to evade detection and steal credentials. These attacks exploit user trust by embedding malicious URLs in familiar file formats and instructing victims to perform actions like holding down the Ctrl key to bypass security systems. As cyber fraud evolves, especially during International Fraud Week, businesses are urged to enhance their defenses with robust email security and two-factor authentication to mitigate risks.
Cybersecurity experts warn of a rise in sophisticated two-step phishing attacks using Microsoft Visio files to evade detection. These attacks involve sending emails from breached accounts with seemingly harmless attachments that, when interacted with, lead to credential-stealing sites. Additionally, attackers are using scalable vector graphics (SVG) files to deploy phishing attacks, exploiting their ability to execute JavaScript. Users are advised to be cautious with unfamiliar file formats and ensure robust email security measures, including two-factor authentication.
Security researchers from Perception Point have identified a new two-step phishing attack method using Microsoft Visio (.vsdx) files to evade detection and steal credentials. These attacks exploit the familiarity of Visio files in workplaces, embedding malicious URLs that lead victims to fake Microsoft 365 login pages. The attack involves instructing users to hold down the Ctrl key to access these URLs, bypassing automated security systems. Enhanced email security and two-factor authentication are recommended to mitigate these threats.
In the recent EU elections, Geert Wilders' far-right party made significant gains in the Netherlands but was narrowly defeated. Meanwhile, Dutch party websites faced cyberattacks from a pro-Russian hacker group as the elections commenced. Additionally, Russia detained a French citizen on espionage charges following the arrest of a Russian-Ukrainian citizen in France for planning a terror attack. The elections mark the beginning of the European Parliament vote, with the far-right expected to perform well.
