Japanese media giant Nikkei Inc. has disclosed a data breach affecting over 17,000 individuals after attackers infiltrated its Slack workspace using credentials stolen via infostealer malware on an employee’s personal computer, exposing names, emails, and chat histories.
U.S. prosecutors have charged three cybersecurity professionals for their alleged role in BlackCat ransomware attacks. The accused, formerly of Sygnia and DigitalMint, allegedly exploited insider access to extort clients, exposing a serious insider threat and need for stronger industry oversight.
The Australian Signals Directorate (ASD) has issued a critical alert regarding the BADCANDY malware, which is actively exploiting a Cisco vulnerability to compromise hundreds of devices across Australia. The non-persistent web shell allows attackers to reinfect unpatched systems repeatedly.
Japanese media giant Nikkei Inc. has disclosed a data breach affecting over 17,000 individuals after attackers infiltrated its Slack workspace using credentials stolen via infostealer malware on an employee’s personal computer, exposing names, emails, and chat histories.
Cyber News Centre’s cyber update for 6th November 2025: Japanese media giant Nikkei Inc. has disclosed a major data breach that exposed the personal information of more than 17,000 individuals after attackers infiltrated the company’s internal Slack workspace.
The breach stemmed from infostealer malware infecting an employee’s personal computer, which captured authentication tokens and allowed unauthorised access to company communications.
The Update: Nikkei confirmed the breach originated from an infected personal device used by an employee to access Slack. The malware stole login credentials, which were then used by attackers to enter the company’s internal Slack environment. The compromised data includes names, email addresses, and chat histories of 17,368 users, encompassing both employees and business partners. The company stated that no journalistic materials or confidential reporting data were accessed.
Upon discovery, Nikkei enforced password resets and reported the incident voluntarily to Japan’s Personal Information Protection Commission. Although not legally required to report under Japanese privacy law, the company said transparency was critical due to the incident’s scale and significance.
Why It Matters: This breach underscores the growing cybersecurity risks tied to collaboration platforms like Slack, particularly when employees use personal devices for work. Infostealer malware has become one of the most common cyber threats globally, frequently harvesting credentials later sold on dark web markets.
The Australian Cyber Security Centre (ACSC) has repeatedly warned that personal devices often lack the enforced protections of corporate-managed hardware, making them high-risk entry points. The Nikkei incident highlights the urgent need for organisations to implement multi-factor authentication, tighten bring-your-own-device (BYOD) policies, and maintain continuous employee awareness around credential hygiene.
As remote work continues to blur personal and corporate boundaries, this attack serves as a timely reminder that one compromised endpoint can jeopardise the integrity of entire communication ecosystems.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
The Australian Signals Directorate (ASD) has issued a critical alert regarding the BADCANDY malware, which is actively exploiting a Cisco vulnerability to compromise hundreds of devices across Australia. The non-persistent web shell allows attackers to reinfect unpatched systems repeatedly.
183 million credentials, including confirmed Gmail login details, has been added to the Have I Been Pwned database. The data, sourced from infostealer malware logs, highlights the persistent threat of credential-stealing software and the critical need for multi-factor authentication and passkeys.
US pharmacy benefit manager MedImpact Healthcare Systems has confirmed a ransomware attack by the prolific Qilin gang. The group claims to have exfiltrated 160GB of data, including financial operation details and claims reports, raising significant concerns for the healthcare sector.
Microsoft has issued an out-of-band security update for a critical Remote Code Execution vulnerability, CVE-2025-59287, in its Windows Server Update Service. The flaw, which has a CVSS score of 9.8, is under active exploitation by threat actors, prompting a high-priority alert from CISA.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
