Latest news as of 9/19/2025, 11:48:31 PM
The Hacker News
An advanced persistent threat (APT) group from China has been attributed to the compromise of a Philippines-based military company using a previously undocumented fileless malware framework called EggStreme. "This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads," Bitdefender
The Register
Systems offline as specialists continue to comb through wreckage Jaguar Land Rover (JLR) says "some data" was affected after the luxury car maker suffered a digital break-in early last week.…
Dark Reading
With multiple persistence mechanisms, the modular malware can brute-force passwords, drop payloads, and communicate over different protocols.
Bleeping Computer
Scattered Spider didn't need a zero-day to breach Clorox. They just phoned the help desk—convincing agents to reset passwords & MFA without proper checks. The result: $380M in damages. Learn from Specops Software why caller verification and audit trails are critical. [...]
Bleeping Computer
Jaguar Land Rover (JLR) confirmed today that attackers also stole "some data" during a recent cyberattack that forced it to shut down systems and instruct staff not to report to work. [...]
The Hacker News
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems. According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures. CHILLYHELL is the name assigned to a malware
Dark Reading
As Kubernetes becomes the foundation of enterprise infrastructure, the underlying operating system must evolve alongside it.
Bleeping Computer
Microsoft has resolved severe lag and stuttering issues with streaming software affecting Windows 10 and Windows 11 systems after installing the August 2025 security updates. [...]
Bleeping Computer
Microsoft has fixed a known issue caused by the August 2025 security updates, which triggers unexpected User Account Control (UAC) prompts and app installation problems for non-admin users on all Windows versions. [...]
The Register
Prosecutors claim Ukrainian ran LockerGoga, MegaCortex, and Nefilim ops – $11M bounty on his head A Ukrainian national faces serious federal charges and an $11 million bounty after allegedly orchestrating ransomware operations that caused an estimated $18 billion in damages across hundreds of organizations worldwide.…