Gcore’s network withstood a record DDoS assault, highlighting escalating short-burst attacks and growing threats to gaming infrastructure.

Cybercriminals are exploiting weak email authentication settings in Zendesk, using the platform's customer support systems to bombard targets with thousands of spam and harassing messages that appear to come from legitimate companies like The Washington Post, Discord, and NordVPN. KrebsOnSecurity reports: Zendesk is an automated help desk service designed to make it simple for people to contact companies for customer support issues. Earlier this week, KrebsOnSecurity started receiving thousands of ticket creation notification messages through Zendesk in rapid succession, each bearing the name of different Zendesk customers, such as CapCom, CompTIA, Discord, GMAC, NordVPN, The Washington Post, and Tinder. The abusive missives sent via Zendesk's platform can include any subject line chosen by the abusers. In my case, the messages variously warned about a supposed law enforcement investigation involving KrebsOnSecurity.com, or else contained personal insults. Moreover, the automated messages that are sent out from this type of abuse all come from customer domain names -- not from Zendesk. [...] In all of the cases above, the messaging abuse would not have been possible if Zendesk customers validated support request email addresses prior to sending responses. Failing to do so may make it easier for Zendesk clients to handle customer support requests, but it also allows ne'er-do-wells to sully the sender's brand in service of disruptive and malicious email floods. "We recognize that our systems were leveraged against you in a distributed, many-against-one manner," said Carolyn Camoens, communications director at Zendesk. "We are actively investigating additional preventive measures. We are also advising customers experiencing this type of activity to follow our general security best practices and configure an authenticated ticket creation workflow."

Read more of this story at Slashdot.

A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliver infostealing malware like AMOS (Atomic macOS Stealer) and Odyssey. [...]

The Chinese were apparently spying on Russians for almost half a year.

State-sponsored actors are using Ethereum and BNB to host malware and steal people's money.

More than 14,000 websites were seen distributing malware with the help of blockchain technology.

The ransomware entered 'phase 3' in February 2025 becoming a full-blown malicious business platform.

Set for January 2026 at Automotive World in Tokyo, the contest will have six categories, including Tesla, infotainment systems, EV chargers, and automotive OSes.

The post Over $3 Million in Prizes Offered at Pwn2Own Automotive 2026 appeared first on SecurityWeek.

Look for more information in the Monday newsletter, but already we can see some reports of issues that impact businesses. The first one impacts something called “localhost” where a device sets up a pretend website. IIS websites might fail to load. Note that I don’t see any evidence that a new update has been released, so […]

ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate product that could expose sensitive communications to interception and modification. [...]

Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-Business Suite application after the Clop extortion gang listed American Airlines on its data leak site. [...]

European law enforcement in an operation codenamed 'SIMCARTEL' has dismantled an illegal SIM-box service that enabled more than 3,200 fraud cases and caused at least 4.5 million euros in losses. [...]

Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. [...]

VMware certification isn't just about passing exams — it's about mastering systems, proving expertise, and your career. Gain hands-on labs, discounts, and mentorship with VMUG Advantage to reach your next goal faster. [...]

Internet security nonprofit Shadowserver Foundation has found more than 266,000 F5 BIG-IP instances exposed online after the security breach disclosed by cybersecurity company F5 this week. [...]

European law enforcement dismantled and seized an expansive cybercrime operation used to facilitate phishing attacks via mobile networks for fraud, including account intrusions, credential and financial data theft, Europol said Friday.

Investigators from Austria, Estonia and Latvia linked the cybercrime networks to more than 3,200 fraud cases, which also involved investment scams and fake emergencies for financial gain. Financial losses amounted to about $5.3 million in Austria and $490,000 in Latvia, authorities said.

The operation dubbed “SIMCARTEL” netted seven arrests and the seizure of 1,200 SIM box devices, which contained 40,000 active SIM cards that were used to conduct various cybercrimes over telecom networks. Officials described the infrastructure as highly sophisticated, adding that the online service it supported provided telephone numbers for criminal activities to people in more than 80 countries.

“It allowed perpetrators to set up fake accounts for social media and communications platforms, which were subsequently used in cybercrimes while obscuring the perpetrators’ true identity and location,” Europol said in a news release.

The law enforcement operation largely occurred Oct. 10 in Latvia, spanning 26 searches that also resulted in the seizure of hundreds of thousands of additional SIM cards, five servers and two websites. Officials also seized four luxury vehicles and froze a combined $833,000 in suspects’ bank and cryptocurrency accounts. 

Europol said the full scale of the cybercrime network is still under investigation, but they’ve already traced the operation to more than 49 million accounts that were created and provided by the suspects. 

The services provided by the cybercriminal organization were also allegedly used to commit extortion, migrant smuggling and various scams involving second-hand marketplaces, fake investments, shops and websites. 

The coordinated takedown underscored the global prevalence of SIM farms, which allow cybercriminals to conduct and sell services for scams and various criminal activities via mobile network infrastructure. The Secret Service last month disrupted a network of electronic devices in the New York City area that included more than 300 servers and 100,000 SIM cards spread across multiple sites in the region. 

Unit 221B on Thursday warned that SIM boxes and SIM farms are growing rapidly, placing any phone user, bank, network carrier or retailer at risk. Ben Coon, Unit 221B’s chief intelligence officer, has identified at least 200 SIM boxes operating across dozens of locations across the United States, the company said on LinkedIn.

Europol published a video of the Latvian police takedown: ​​https://youtu.be/Z-ImysXws-0

The post Europol dismantles cybercrime network linked to $5.8M in financial losses appeared first on CyberScoop.

University of Missouri researchers developed an AI method that detects hardware trojans in chips with 97% accuracy, raising reliability concerns.

Capita ‘failed in its duty to protect’ customer data, the ICO found.

Chief Adviser to the former Prime Minister Boris Johnson made some wild accusations recently, prompting swift replies.

Hundreds of unique passwords were found on the dark web, and many were reused across services.