Security Affairs.

September 10, 2025

"KillSec Ransomware is attacking healthcare institutions in Brazil."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 10 September 2025, 1500 UTC.

Content and Source via email subscription from https://feedly.com.

https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check subscription link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

3 TTPs

•

by Pierluigi Paganini / 6h

KillSec Ransomware claimed responsibility for a cyberattack on MedicSolution, a software solutions provider for the healthcare industry in Brazil. The KillSec Ransomware group has threatened to leak sensitive data unless negotiations are initiated promptly. According to threat intelligence reporting by Resecurity , the root cause of the incident – data exfiltration from insecure AWS S3 bucket. Co

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

Czech Republic warns of Chinese espionage

•

21by Pierluigi Paganini / 2d

Czech cybersecurity agency NUKIB warns of Chinese cyber threats to critical infrastructure, citing the cyberespionage group APT31 and risky devices. The Czech Republic’s National Cyber and Information Security Agency (NUKIB) warns of growing risks from Chinese-linked technologies in critical sectors like energy, healthcare, transport, and government. The agency warns of risks from Chinese-made de

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

Maduro praises Huawei phone security

•

by Pierluigi Paganini / 2d

Venezuela’s President Maduro shows Huawei Mate X6 gift from China’s President Xi Jinping, hailing it as “unhackable” by U.S. spies. Last week, Venezuelan President Nicolás Maduro showcased a Huawei Mate X6 smartphone, reportedly gifted by China’s President Xi Jinping, claiming that US cyber spies cannot hack it. Venezuelan President Maduro said that his device is “the best phone in the world” “Im

Yesterday

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

3 TTPs

•

by Pierluigi Paganini / 7h

•

PatchTuesday

Microsoft Patch Tuesday security updates for September 2025 fixed 80 vulnerabilities, including two publicly disclosed zero-day flaws. Microsoft Patch Tuesday security updates for September 2025 addressed 80 vulnerabilities in Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, Hyper-V, SQL Server, Defender Firewall Service, and Xbox (yup – Xbox!)

SAP September 2025 Patch Day fixed 4 critical flaws

4 TTPs

•

by Pierluigi Paganini / 18h

SAP issues 21 new and 4 updated security notes, fixing critical NetWeaver flaws enabling RCE and privilege escalation. SAP this week issued 21 new and four updated security notes as part of the company’s September Patch Day, including four notes that address critical vulnerabilities in NetWeaver. Onapsis Research Labs supported SAP in patching two critical flaws in NetWeaver AS Java. Note #363450

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

4 TTPs

•

by Pierluigi Paganini / 20h

•

Critical NPM hack threatens crypto funds

Multiple popular npm packages were compromised in a supply chain attack after a maintainer fell for a phishing email targeting 2FA credentials. A supply chain attack compromised multiple popular npm packages with 2B weekly downloads after a maintainer fell for a phishing email mimicking npm, targeting 2FA credentials. Threat actors targeted Josh Junon’s ( Qix ) to steal his npm credentials and 2F

Sep 8, 2025

LunaLock Ransomware threatens victims by feeding stolen data to AI models

3 TTPs

•

by Pierluigi Paganini / 1d

•

LunaLock threatens Artists&Clients users

LunaLock, a new ransomware gang, introduced a unique cyber extortion technique, threatening to turn stolen art into AI training data. A new ransomware group, named LunaLock, appeared in the threat landscape with a unique cyber extortion technique, threatening to turn stolen art into AI training data. Recently, the LunaLock group targeted the website Artists&Clients and stole digital art. The grou

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

Salesloft Drift breach impacts companies

•

by Pierluigi Paganini / 1d

Hackers breached Salesloft’s GitHub in March, stole tokens, and used them in a mass attack on several major tech customers. Salesloft revealed that the threat actor UNC6395 breached its GitHub account in March, stealing authentication tokens that were later used in a large-scale attack against several major tech customers. Salesforce data theft attacks impacted major customers like Google , Zscal

Canadian investment platform Wealthsimple disclosed a data breach

3 TTPs

•

by Pierluigi Paganini / 2d

Wealthsimple reported a data breach affecting some customers due to a supply chain attack via a third-party software package. that impacted some customers. The company discovered the security breach on August 30, which stemmed from a supply chain attack via a trusted third-party software package. “On August 30th, Wealthsimple detected a data security incident. All accounts remain secure, and no

Hawaii Cybersecurity Journal