Another week, another parade of cyber shenanigans that make you wonder if the internet needs a timeout. From ransomware gangs sliding into BBC reporters’ DMs with job offers (seriously), to AI tools making phishing easier than ordering takeout, it’s been quite the ride.

We’ve got everything from government shutdowns creating security gaps you could drive a truck through, to hackers apologizing for posting kids’ photos (because even cybercriminals have PR nightmares). Plus, Meta wants to monetize your AI chats, because why not add targeted ads to your robot conversations?

Check out this week’s full breakdown for all the digital drama you didn’t know you needed. Stay safe out there—and maybe double-check those app updates.

Major Cyberattacks & Incidents

This week saw several high-profile breaches and extortion attempts targeting major organizations across multiple sectors.

• 🚨 Medusa ransomware group claims theft of 834 GB from Comcast, demanding $1.2M ransom while sharing proof of the breach. (Published on 9/28/2025, Hackread). Read More

• 🏬 UK retail giant Harrods discloses breach through third-party supplier, exposing 430,000 customer records with sensitive e-commerce data. (Published on 9/29/2025, BleepingComputer). Read More

• 📺 Medusa ransomware gang attempted to recruit BBC correspondent as insider threat, offering significant payment to assist in breaching the media giant. (Published on 9/29/2025, BleepingComputer). Read More

• ⚖️ RemoteCOM surveillance provider suffers massive breach exposing 14,000 personal files and police contacts from SCOUT spyware software, revealing court data. (Published on 9/30/2025, Hackread). Read More

• 👶 Cybercriminals targeting Kido nurseries posted children’s photos online with ransom demands, later apologizing and claiming data deletion after public backlash. (Published on 10/3/2025, Malwarebytes). Read More

• 💼 High-volume extortion campaign possibly linked to FIN11 and Cl0p targets Oracle E-Business executives with unproven data theft claims under investigation. (Published on 10/3/2025, Hackread). Read More

Cybersecurity Tools & Techniques

New toolkits emerged this week that make sophisticated attacks accessible to less-skilled threat actors.

• 📄 MatrixPDF toolkit converts ordinary PDFs into interactive phishing lures that bypass email security to steal credentials or distribute malware. (Published on 9/30/2025, BleepingComputer). Read More

• 🤖 SpamGPT and MatrixPDF represent plug-and-play AI-powered cybercrime toolkits making mass phishing and PDF malware accessible to anyone. (Published on 10/1/2025, Hackread). Read More

Malware & Vulnerabilities

Critical security flaws and malware campaigns dominated the week’s vulnerability landscape.

• 🍎 Apple patches vulnerabilities in iOS and macOS preventing malicious font attacks that could cause denial-of-service or memory corruption. (Published on 9/30/2025, SecurityWeek). Read More

• 🔴 Red Hat OpenShift AI service reveals severe flaw allowing attackers to escalate privileges and take full control of hybrid cloud infrastructure. (Published on 10/1/2025, The Hacker News). Read More

• ⚠️ Red Hat updates OpenShift AI after discovering CVSS 9.9 vulnerability enabling full cluster compromise and control of all hosted applications. (Published on 10/2/2025, CSO Online). Read More

• 📱 ProSpy and ToSpy spyware campaigns lure Android users with fake Signal and ToTok messenger upgrades to steal sensitive data. (Published on 10/2/2025, BleepingComputer). Read More

• 🔓 Intel SGX security broken by WireTap attack using passive interposer to control enclaves and extract DCAP attestation keys. (Published on 10/2/2025, SecurityWeek). Read More

• 🌐 DrayTek routers patched for unauthenticated remote code execution flaw exploitable via crafted HTTP/S requests to web interface. (Published on 10/3/2025, SecurityWeek). Read More

• 💬 SORVEPOTEL malware spreads rapidly through WhatsApp targeting Brazilian users, engineered for speed and propagation across Windows systems. (Published on 10/3/2025, The Hacker News). Read More

• 🛡️ Microsoft Defender bug incorrectly flags devices’ BIOS firmware as outdated, prompting unnecessary update alerts under investigation. (Published on 10/2/2025, BleepingComputer). Read More

• 👴 Cybercriminals target older Facebook users through fake community and travel groups pushing malicious Android apps. (Published on 10/2/2025, Malwarebytes). Read More

AI & Policy

Artificial intelligence security and policy developments highlight growing concerns around AI-enabled threats and data privacy.

• 🧠 Microsoft identifies phishing campaign using LLM-generated code to obfuscate payloads within SVG files, evading email security defenses. (Published on 9/29/2025, The Hacker News). Read More

• 🔍 Google patches Gemini AI vulnerabilities involving poisoned logs and search results that could trick assistant into aiding data theft. (Published on 9/30/2025, SecurityWeek). Read More

• 👻 Shadow AI risks escalate with agentic AI introduction; Entro Security extends platform to help enterprises combat growing issue. (Published on 9/30/2025, Dark Reading). Read More

• 💰 Meta announces plans to use data from AI product interactions to sell targeted ads on Facebook and Instagram. (Published on 10/1/2025, TechCrunch). Read More

• 📱 Apple removes ICEBlock and similar ICE agent tracking apps from App Store following Trump administration pressure. (Published on 10/3/2025, TechCrunch). Read More

Espionage & Data Extraction

Nation-state actors continue sophisticated campaigns targeting sensitive organizational data.

• 🐉 Chinese APT group Phantom Taurus identified targeting organizations with Net-Star malware, sharing infrastructure with other Chinese APTs. (Published on 10/1/2025, SecurityWeek). Read More

DDoS, Outages & Infrastructure

Infrastructure security concerns intensified amid government disruptions and targeted attacks on vulnerable populations.

• 🏛️ US government shutdown deepens cyber risks with reduced workforce at CISA and other agencies, creating vulnerabilities for threat actors. (Published on 9/30/2025, CSO Online). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!