Google will upgrade its revenge porn defenses with help from a UK nonprofit
Google is partnering with a UK nonprofit to fight non-consensual intimate imagery (NCII). (You may know it better as revenge porn.) Over the coming months, the company will begin using StopNCII’s hashes. These user-uploaded digital fingerprints can block individuals’ unwanted intimate content from appearing in search results. StopNCII has a pretty neat system to combat revenge porn. Say you have some images you most definitely don’t want surfacing online. Select the picture on your device, and StopNCII will create a digital fingerprint of the file. That hash will be uploaded to the service. The photo itself never leaves your device. The organization then shares the hash (again, not the spicy pic) with participating platforms.
China-Aligned TA415 Hackers Uses Google Sheets and Google Calendar for C2 Communications
The Chinese state-sponsored threat actor TA415 has evolved its tactics, techniques, and procedures by leveraging legitimate cloud services like Google Sheets and Google Calendar for command and control communications in recent campaigns targeting U.S. government, think tank, and academic organizations. Throughout July and August 2025, this sophisticated group conducted spearphishing operations using U.S.-China economic-themed lures, masquerading as prominent figures including the current Chair of the Select Committee on Strategic Competition between the United States and the Chinese Communist Party.
SonicWall warns customers to reset credentials after breach
SonicWall warned customers today to reset credentials after their firewall configuration backup files were exposed in a security breach that impacted MySonicWall accounts. After detecting the incident, SonicWall has cut off the attackers’ access to its systems and has been collaborating with cybersecurity and law enforcement agencies to investigate the attack’s impact. “As part of our commitment to transparency, we are notifying you of an incident that exposed firewall configuration backup files stored in certain MySonicWall accounts,” the cybersecurity company said on Wednesday. “Access to the exposed firewall configuration files contain information that could make exploitation of firewalls significantly easier for threat actors.”
New Bill Aims to Block Both Online Adult Content and VPNs
If you live in Michigan, you might not be able to legally use a VPN soon if a new bill is passed into law. On Sept. 11, Michigan Republican representatives proposed far-reaching legislation banning adult internet content. The bill, called the Anticorruption of Public Morals Act and advanced by six Republican representatives, would ban a wide variety of adult content online, ranging from ASMR and adult manga to AI content and any depiction of transgender people. It also seeks to ban all use of VPNs, foreign or US-produced.
ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks
The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. For the past year, the threat actors have been targeting Salesforce customers in data theft attacks using social engineering and malicious OAuth applications to breach Salesforce instances and download data. The stolen data is then used to extort companies into paying a ransom to prevent the data from being publicly leaked. These attacks have been claimed by threat actors stating they are part of the ShinyHunters, Scattered Spider, and Lapsus$ extortion groups, now calling themselves “Scattered Lapsus$ Hunters.” Google tracks this activity as UNC6040 and UNC6395.
Panda-monium: China-backed cyber crew spoof Congressman to dig for dirt on US trade talks
Chinese state-aligned online attackers are back at it, targeting US trade policy wonks as Washington and Beijing spar over economic ties. Proofpoint said this week that it had spotted a Chinese state-backed crew TA415 – also known as APT41, Wicked Panda or Brass Typhoon – using carefully crafted phishing emails to compromise US government agencies, think tanks, and academic organisations. The lures were themed around US-China economic and trade policy, and in some cases spoofed the identity of Republican Congressman John Robert Moolenaar, who chairs the House Select Committee on the Chinese Communist Party.
