Fortra is urging GoAnywhere Managed File Transfer (MFT) users to immediately upgrade to version 7.8.4 or v7.6.3 after disclosing a deserialization flaw (CVE-2025-10035) that could enable command injection through a forged license response. Security firm watchTowr raised concerns that the company may have delayed acknowledging active exploitation, noting evidence of attacks as early as September 10, eight days before Fortra issued its September 18 advisory.

Swift has conducted experiments using privacy-enhancing technologies (PETs) to allow financial institutions to securely share fraud intelligence across borders. In one scenario, PETs enabled participants to verify suspicious account information in real time, potentially accelerating the detection of complex international financial crime networks and preventing fraudulent transactions before they occur.

Bridgestone, the world’s largest tire manufacturer, confirmed it is investigating a cyberattack that has disrupted operations at some of its North American facilities. The company reported that its rapid response helped contain the incident early, preventing customer data theft or deep network infiltration. Initial reports identified disruptions at Bridgestone Americas (BSA) facilities in Aiken County, South Carolina, and Joliette, Quebec, sparking concerns about potential supply chain impacts.

Luxury retailer Harrods has confirmed that cybercriminals accessed customer data through a third-party IT provider, affecting as many as 430,000 records. The company revealed the breach in an email to customers on September 26, 2025, stressing that no payment details or account passwords were exposed. Harrods acknowledged contact from the attackers but stated it would not engage, indicating a ransom demand may have been made.

A once-dormant macOS backdoor, known as ChillyHell, is showing signs of renewed activity. First linked to threat actor UNC4487 and discovered in 2023 by Mandiant, the malware was recently detected again by Jamf Threat Labs. A new Intel-based sample appeared on VirusTotal in May 2025 with a rare “zero” detection score, raising alarms about its ability to bypass traditional defenses.

At least 18 widely-used JavaScript code packages, collectively downloaded over two billion times per week, were briefly compromised after a developer was phished. The phishing email tricked the maintainer into submitting a one-time two-factor authentication token on a fake NPM login page, giving attackers access to his account. The malicious code was narrowly focused on intercepting cryptocurrency transactions, redirecting funds to attacker-controlled wallets without visible signs to users. Security experts warn that a similar attack with a more harmful payload could easily trigger a large-scale malware outbreak.

Built on modern, microservices-based architecture, FraudAxis is a hybrid solution that combines rule-based analysis with adaptive machine learning models, enabling banks, processors, and PSPs to shift from reactive to proactive fraud management. By analysing customer behaviour, anomalies, and risk patterns in real time, the platform reduces false positives, accelerates fraud detection, and safeguards customer trust - without slowing down operations or disrupting user experience.

Wealthsimple has confirmed a data breach that exposed sensitive customer details, including contact information, government-issued IDs, account numbers, IP addresses, Social Insurance Numbers, and dates of birth. The incident impacted fewer than one percent of the company’s three million clients.

Hackers have exploited a vulnerability in the Salesloft Drift application to steal OAuth tokens and access Salesforce data, leading to the exposure of sensitive customer information across several major companies.

Point Wild’s Lat61 Threat Intelligence Team, led by Onkar R. Sonawane, has uncovered a new piece of malware dubbed Raven Stealer. Appearing simple at first glance, the threat is being distributed on underground forums and bundled with pirated software, allowing it to reach victims who download illicit or unvetted applications.

Threat hunters have uncovered 45 domains linked to China-backed groups Salt Typhoon and UNC4841, some dating as far back as May 2020.

Cloudflare has successfully defended against the largest distributed denial-of-service (DDoS) attack ever recorded, a 35-second flood that peaked at 11.5 terabits per second.