Cybersecurity researchers at ReliaQuest have uncovered a year-long cyber espionage campaign attributed to Flax Typhoon—a Chinese state-sponsored hacking group also known as Ethereal Panda and RedJuliett.

Fortra is urging GoAnywhere Managed File Transfer (MFT) users to immediately upgrade to version 7.8.4 or v7.6.3 after disclosing a deserialization flaw (CVE-2025-10035) that could enable command injection through a forged license response. Security firm watchTowr raised concerns that the company may have delayed acknowledging active exploitation, noting evidence of attacks as early as September 10, eight days before Fortra issued its September 18 advisory.

Swift has conducted experiments using privacy-enhancing technologies (PETs) to allow financial institutions to securely share fraud intelligence across borders. In one scenario, PETs enabled participants to verify suspicious account information in real time, potentially accelerating the detection of complex international financial crime networks and preventing fraudulent transactions before they occur.

Visa has revealed that its Scam Disruption Practice has intercepted more than $1 billion in fraud attempts since launching just a year ago, including $260 million in Europe. Working alongside clients and law enforcement agencies worldwide, the initiative has already dismantled over 25,000 scam merchants, marking a major step in the company’s ongoing fight against digital fraud.

Luxury retailer Harrods has confirmed that cybercriminals accessed customer data through a third-party IT provider, affecting as many as 430,000 records. The company revealed the breach in an email to customers on September 26, 2025, stressing that no payment details or account passwords were exposed. Harrods acknowledged contact from the attackers but stated it would not engage, indicating a ransom demand may have been made.

A once-dormant macOS backdoor, known as ChillyHell, is showing signs of renewed activity. First linked to threat actor UNC4487 and discovered in 2023 by Mandiant, the malware was recently detected again by Jamf Threat Labs. A new Intel-based sample appeared on VirusTotal in May 2025 with a rare “zero” detection score, raising alarms about its ability to bypass traditional defenses.

A recent Mastercard report highlights a rising global concern about cybersecurity, with 76% of consumers saying they’re more worried today than two years ago. In fact, 70% believe it’s harder to protect their personal data online than it is to secure their own homes.

Built on modern, microservices-based architecture, FraudAxis is a hybrid solution that combines rule-based analysis with adaptive machine learning models, enabling banks, processors, and PSPs to shift from reactive to proactive fraud management. By analysing customer behaviour, anomalies, and risk patterns in real time, the platform reduces false positives, accelerates fraud detection, and safeguards customer trust - without slowing down operations or disrupting user experience.

Wealthsimple has confirmed a data breach that exposed sensitive customer details, including contact information, government-issued IDs, account numbers, IP addresses, Social Insurance Numbers, and dates of birth. The incident impacted fewer than one percent of the company’s three million clients.

The Medusa ransomware group has claimed responsibility for a cyberattack on Comcast Corporation, alleging it exfiltrated 834 gigabytes of data from the media and technology giant. On its dark web site, the group set a $1.2 million ransom, demanding payment either to prevent the data from being leaked or to allow outside buyers to access it. To support its claims, Medusa published about 20 screenshots of internal files and a directory containing over 167,000 entries, including actuarial reports, insurance modelling scripts, and SQL databases.

Point Wild’s Lat61 Threat Intelligence Team, led by Onkar R. Sonawane, has uncovered a new piece of malware dubbed Raven Stealer. Appearing simple at first glance, the threat is being distributed on underground forums and bundled with pirated software, allowing it to reach victims who download illicit or unvetted applications.

Threat hunters have uncovered 45 domains linked to China-backed groups Salt Typhoon and UNC4841, some dating as far back as May 2020.