Here is the most recent Cybersecurity news for the past week:
🕵️‍♂️ Singapore Telecoms Targeted by China-Linked Hackers
Singaporean authorities have revealed a major espionage campaign where China-linked threat actors targeted local telecommunications providers. The attackers aimed to intercept sensitive data and communications, marking a significant escalation in state-sponsored cyber activity in the region.
https://therecord.media/singapore-china-linked-hackers-telecom-spying
🆔 Senegal National ID Department Hit by Ransomware
The National Identity Card Department of Senegal has confirmed a breach following claims by a ransomware group that it had exfiltrated sensitive citizen data. The government is currently investigating the extent of the compromise, which reportedly includes personal identification records and biometric data.
https://therecord.media/senegal-confirms-breach-national-id-card-department
🛢️ Romania Oil Pipeline Operator Confirms Cyberattack
CONPET, Romania’s national oil transport operator, was targeted by a cyberattack that disrupted its internal systems. While the company stated that the transport of crude oil remains unaffected, a hacking group has claimed to have stolen proprietary data and is threatening to release it.
https://therecord.media/romania-oil-pipeline-operator-cyberattack
📧 Substack Warns Customers of Data Breach
Newsletter platform Substack has issued a security warning to users after a threat actor claimed to be selling a database containing customer emails and subscription details on the dark web. The company is investigating the validity of the claims but has advised users to be vigilant against phishing attempts.
https://therecord.media/substack-warns-customers-data-breach
📱 New “ZeroDayRAT” Spyware Targets Mobile Devices
Security researchers have identified a new, sophisticated spyware kit dubbed “ZeroDayRAT” that is being sold on cybercrime forums. The malware is capable of achieving total compromise of both iOS and Android devices, allowing attackers to harvest messages, location data, and credentials without user interaction.
