Cyber Briefing: 2025.10.03

Android spyware fakes apps, Chrome fixes 21 flaws, FB scams seniors, hospital leak, Renault-Dacia breach, Oracle apps hit, nursery data deleted, GA Tech fined, IoT routers fuel smishing.

Oct 03, 2025

👉 What are the latest cybersecurity alerts, incidents, and news?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get Help

🚨 Cyber Alerts

1. Android Spyware Poses As Signal And Totok

Two new spyware campaigns called ProSpy and ToSpy tricked Android users into downloading malicious files disguised as fake Signal and ToTok app updates or plugins. The attackers created fake websites that mimicked the official platforms to distribute the spyware and steal sensitive data.

2. Chrome Update Fixes 21 Security Flaws

A critical security update, Chrome 141.0.7390.54/55, is rolling out to Windows, Mac, and Linux, fixing 21 vulnerabilities, including two high-severity ones. Users should update immediately to protect their browsing experience.

3. Facebook Scams Target Seniors With Malware

An infostealer and banking Trojan are being spread through fraudulent Facebook groups that target “active seniors.” The attackers use social engineering to trick victims into downloading malicious Android apps, which steal personal data and financial information.

For more alerts, click here!

Subscribe Now

💥 Cyber Incidents

4. Hospital Cyberattack Leaks Patient Data

Following a cyberattack on the Assaf Harofeh Medical Center, emails from September 25 were leaked, exposing some medical information. However, there’s no evidence the hospital’s main patient data system was compromised, and its core operations were not disrupted.

5. UK Renault Dacia Customer Data Stolen

A third-party data processor for Renault and Dacia’s UK operations was hit by a cyberattack, resulting in the theft of personal customer information but no financial data. The breach affected some UK owners and customers of the car brands.

6. Hackers Target Oracle Apps For Extortion

A ransomware group is demanding millions of dollars from major companies after claiming to have stolen data from their Oracle applications, according to cybersecurity experts. The hackers, possibly affiliated with the notorious Cl0p group, reportedly exploited a vulnerability in the software to breach the systems.

For more incidents, click here!

Click to Report

📢 Cyber News

7. Hackers Claim Deletion Of Nursery Data

After public outrage, hackers who tried to extort a nursery chain by posting stolen photos and data of children on the dark web have removed the information and claimed to have deleted it all. The criminals, who had also contacted parents with threatening phone calls, now say they are sorry for their actions, although experts are skeptical that their change of heart is sincere.

8. Georgia Tech Pays 875,000 In Cyber Fraud

The government is holding defense contractors accountable for failing to meet cybersecurity standards. The Georgia Tech Research Corporation recently paid an $875,000 settlement for alleged cybersecurity failures in its Department of Defense contracts, which included submitting a false assessment score.

9. IoT Routers Used In Targeted In SMS Phishing

Unsecured cellular routers, commonly used in industrial settings, have been exploited by scammers since at least 2023 to send large-scale text message phishing attacks, according to a recent report. Researchers have found that hackers are hijacking unsecured cellular routers in industrial settings, like those used for traffic lights, to launch widespread “smishing” campaigns that trick victims into giving up their credentials.

For more news click here

Check Events

📈Cyber Stocks

As the week ended on Friday, 3rd October, cybersecurity stocks delivered a mixed close. Gains in Zscaler, Palo Alto Networks, Okta, and Fortinet reflected strong earnings sentiment, AI-driven innovation, and rising geopolitical cyber threats, while CrowdStrike dipped slightly on profit-taking after earlier strength. Overall, the sector ended the week resilient, reinforcing its role as a defensive growth play in an uncertain global environment.

Stock Highlights

CrowdStrike closed at $496.80, down 0.65%, with modest profit-taking offsetting optimism around its expanding AI-powered Falcon platform.
Zscaler ended at $307.58, up 1.0%, fueled by robust cloud adoption and positive investor response to its earnings beat.
Palo Alto Networks finished at $209.30, up 1.2%, supported by institutional buying and confidence in its CyberArk integration strategy.
Okta settled at $94.92, up 3.5%, as enthusiasm for its AI-driven identity solutions and government contract wins overshadowed competitive risks.
Fortinet closed at $86.29, up 1.3%, benefiting from heightened geopolitical tensions and growing demand for advanced network security.

💡 Cyber Tip

Facebook Scams Target Seniors With Malware

Cybercriminals are creating fake Facebook groups aimed at seniors, promoting activities like travel or community events. Once users join, they are tricked into downloading malicious Android apps with names such as Senior Group or Lively Years. These apps deliver banking Trojans and spyware that steal credentials, credit card details, and even allow attackers to remotely control the victim’s device.

✅ What you should do

Avoid downloading apps from links shared in Facebook groups or private messages
Stick to the official Google Play Store and verified developers
Be suspicious of new groups with AI-generated or generic posts
Never pay sign-up fees or share personal data with unverified apps or sites
Use mobile security tools to detect and block malicious apps

🔒 Why this matters

These scams target some of the most vulnerable users, using trusted platforms like Facebook to spread malware worldwide. Once installed, the malicious apps can drain bank accounts, steal private information, and give attackers complete control of a device.