Attackers Exploit Internal OAuth Apps to Maintain Stealthy Cloud Access
Cybercriminals are increasingly abusing internal OAuth-based applications to gain long-term access to enterprise cloud environments, according to new research from Proofpoint. These malicious applications can remain undetected for extended periods, allowing attackers to retain access to high-privileged accounts even after password resets or multi-factor authentication (MFA) enforcement. Because OAuth tokens authorize access without requiring credentials, they offer a covert way for attackers to persist inside compromised systems.
Invoicely Data Leak Exposes Nearly 180,000 Sensitive Business and Personal Records
A massive data exposure linked to the invoicing and billing platform Invoicely left nearly 180,000 private files accessible online without password protection or encryption.
Chinese-Linked Hackers Exploit ArcGIS System as Covert Backdoor for Over a Year
Cybersecurity researchers at ReliaQuest have uncovered a year-long cyber espionage campaign attributed to Flax Typhoon—a Chinese state-sponsored hacking group also known as Ethereal Panda and RedJuliett.
Visa Blocks Over $1 Billion in Global Scam Attempts Through AI-Powered Fraud Detection
Visa has revealed that its Scam Disruption Practice has intercepted more than $1 billion in fraud attempts since launching just a year ago, including $260 million in Europe. Working alongside clients and law enforcement agencies worldwide, the initiative has already dismantled over 25,000 scam merchants, marking a major step in the company’s ongoing fight against digital fraud.
The Growing Cybersecurity Concern and the Stigma of Online Scams
A recent Mastercard report highlights a rising global concern about cybersecurity, with 76% of consumers saying they’re more worried today than two years ago. In fact, 70% believe it’s harder to protect their personal data online than it is to secure their own homes.
Medusa Ransomware Group Claims Comcast Breach, Demands $1.2M
The Medusa ransomware group has claimed responsibility for a cyberattack on Comcast Corporation, alleging it exfiltrated 834 gigabytes of data from the media and technology giant. On its dark web site, the group set a $1.2 million ransom, demanding payment either to prevent the data from being leaked or to allow outside buyers to access it. To support its claims, Medusa published about 20 screenshots of internal files and a directory containing over 167,000 entries, including actuarial reports, insurance modelling scripts, and SQL databases.
GoAnywhere Flaw Exploited Ahead of Fortra Advisory, Researchers Warn
Fortra is urging GoAnywhere Managed File Transfer (MFT) users to immediately upgrade to version 7.8.4 or v7.6.3 after disclosing a deserialization flaw (CVE-2025-10035) that could enable command injection through a forged license response. Security firm watchTowr raised concerns that the company may have delayed acknowledging active exploitation, noting evidence of attacks as early as September 10, eight days before Fortra issued its September 18 advisory.
Harrods Confirms Data Breach Impacting 430,000 Customers After Third-Party Hack
Luxury retailer Harrods has confirmed that cybercriminals accessed customer data through a third-party IT provider, affecting as many as 430,000 records. The company revealed the breach in an email to customers on September 26, 2025, stressing that no payment details or account passwords were exposed. Harrods acknowledged contact from the attackers but stated it would not engage, indicating a ransom demand may have been made.
