Background check, drug testing provider DISA suffers data breach
Source: Help Net Security
DISA Global Solutions, a Texas-based company that provides employment screening services (including drug and alcohol testing and background checks) for over 55,000 organizations, has suffered a cyber incident that led to a data breach, which resulted in the potential compromise of personal and financial information of over 3.3 million individuals.
Black Basta Leaks Reveal Targeting, Planning, Escalation
Source: Data Breach Today
A leak of 200,000 internal Black Basta chat messages provides an overview of how a modern ransomware group organizes itself to take down victims and uses a variety of tactics that should be, in theory, easy to repel.
Massive botnet hits Microsoft 365 accounts
Source: Help Net Security
A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. Security researchers at SecurityScorecard are examining possible connections to China-affiliated threat actors, citing evidence of infrastructure linked to CDS Global Cloud and UCLOUD HK, which have operational ties to China.
Chinese APT Uses VPN Bug to Exploit Worldwide OT Orgs
Source: Dark Reading
Chinese cybercriminals have penetrated sensitive manufacturing companies worldwide through a virtual private network (VPN) bug. In an exclusive interview with Dark Reading at CPX 2025, Check Point researchers provided new information about a monthslong espionage campaign aimed at prized intellectual property (IP).
Over 49,000 misconfigured building access systems exposed online
Source: Bleeping Computer
Researchers discovered 49,000 misconfigured and exposed Access Management Systems (AMS) across multiple industries and countries, which could compromise privacy and physical security in critical sectors.