Swift has conducted experiments using privacy-enhancing technologies (PETs) to allow financial institutions to securely share fraud intelligence across borders. In one scenario, PETs enabled participants to verify suspicious account information in real time, potentially accelerating the detection of complex international financial crime networks and preventing fraudulent transactions before they occur.

A once-dormant macOS backdoor, known as ChillyHell, is showing signs of renewed activity. First linked to threat actor UNC4487 and discovered in 2023 by Mandiant, the malware was recently detected again by Jamf Threat Labs. A new Intel-based sample appeared on VirusTotal in May 2025 with a rare “zero” detection score, raising alarms about its ability to bypass traditional defenses.

Wealthsimple has confirmed a data breach that exposed sensitive customer details, including contact information, government-issued IDs, account numbers, IP addresses, Social Insurance Numbers, and dates of birth. The incident impacted fewer than one percent of the company’s three million clients.

Threat hunters have uncovered 45 domains linked to China-backed groups Salt Typhoon and UNC4841, some dating as far back as May 2020.

Bridgestone, the world’s largest tire manufacturer, confirmed it is investigating a cyberattack that has disrupted operations at some of its North American facilities. The company reported that its rapid response helped contain the incident early, preventing customer data theft or deep network infiltration. Initial reports identified disruptions at Bridgestone Americas (BSA) facilities in Aiken County, South Carolina, and Joliette, Quebec, sparking concerns about potential supply chain impacts.

At least 18 widely-used JavaScript code packages, collectively downloaded over two billion times per week, were briefly compromised after a developer was phished. The phishing email tricked the maintainer into submitting a one-time two-factor authentication token on a fake NPM login page, giving attackers access to his account. The malicious code was narrowly focused on intercepting cryptocurrency transactions, redirecting funds to attacker-controlled wallets without visible signs to users. Security experts warn that a similar attack with a more harmful payload could easily trigger a large-scale malware outbreak.

Hackers have exploited a vulnerability in the Salesloft Drift application to steal OAuth tokens and access Salesforce data, leading to the exposure of sensitive customer information across several major companies.