Japan Brewery Hacked, Brazil Whatsapp Malware, Teens Target Nursery
As everyone is slowly gearing up for the festive season, it is important to understand that letting your guard down completely can be quite risky. Whether you indulge in online shopping or book that much-awaited vacation, make sure you stay vigilant enough to steer clear of any cyberattack.
This week, we will start our bulletin with the recent ransomware attack on Japan’s Asahi brewery. Next, we will talk about a malware attack on Brazilian WhatsApp users. Lastly, we will wind up the bulletin with the news of two teens who managed to target a nursery chain.
Everyone believes that a cyberattack won’t affect them until it does. The recent attacks are actually a staggering reminder of how close these cybercrooks can get. So, awareness and cyber preparedness are the only ways to keep these threat actors away.
Let’s not waste any more time and get started!

Japan’s brewery struggles with beer production after being targeted by a ransomware gang!
Asahi, a popular Japanese brewery, was targeted by a ransomware gang last week. Because of the cyberattack on September 29, Asahi Group Holdings shut down all its operations immediately. It also isolated impacted systems. As a result, suddenly, beer enthusiasts experienced an abrupt shortage in the supply of their favorite beer.
The Japanese brewery and food giant had to halt all its orders and shipments, too. It also took a precautionary move and suspended call center activities.
The Qilin ransomware-as-a-service group has claimed responsibility for the attack on Asahi. They have also published a screenshot of some of the internal documents of Asahi. One of the most active ransomware gangs in 2025, Qilin has managed to carry out 105 confirmed and 473 non-confirmed threat attacks.
Proper investigation is being carried out as Asahi is giving its 200% to restore all its operations and bring the manufacturing process back on track.

Experts believe that the manufacturing sector is becoming an increasingly popular target among ransomware gangs. They believe that inadequate investment in cybersecurity systems is further fueling the problem.
In the last 6 years, around 850 ransomware groups have targeted manufacturers, leading to an average of $1.9 million worth of loss on a per-day basis.
The attack highlights the need for stronger cybersecurity and robust email authentication with DMARC, DKIM, and SPF.
Brazilian WhatsApp users targeted by self-propagating malware!
In Brazil, cybercriminals are targeting businesses through WhatsApp’s desktop sessions. It is an aggressive campaign designed with the sole purpose of gaining access to sensitive information in cryptocurrency exchanges and financial institutions.

The campaign is known by the name of Water Saci. Basically, it abuses WhatsApp sessions to automatically affect all the contacts and groups in touch with that session. They do so by using a malicious zip file. The campaign involves sending a fake message to WhatsApp users, asking them to download a zip file and open it on their desktop.
Water Saci so far has targeted mainly government and public services. Other sectors, such as construction, technology, education, and manufacturing, are also facing the brunt of Water Saci.
In order to stay safe and secure data, experts have suggested disabling auto-downloading of documents and media. Spreading awareness among employees and educating them about the campaign is also a smart move and can be of great help to avoid any such cyber mishap.

Teens arrested as they targeted a nursery chain!
A recent cyberattack incident on nurseries across London was giving tough times to the cybersecurity experts and concerned authorities. Now the police have arrested two 17-year-olds.
As per the Metropolitan Police, the teen duo had been misusing a computer and were also involved in blackmail. They have allegedly stolen highly sensitive data of a popular nursery chain. The data includes names, addresses, and photographs of over 8000 children. London police have arrested them and will keep them in custody for further questioning.
Such cyberincidents are a bleak reminder of the fact that no one is safe, not even your toddler who is going to their nursery classes. Parents and caregivers have been immensely stressed after this cyber mishap.

The most concerning part is that the teen hackers stooped really low and started posting pictures of the kids on the dark web on September 25 onwards. The cybercrooks got in touch with the parents directly and asked them to pressure Kido’s to pay the ransom. The pictures of 20 children were published on the dark web before police nabbed the cybercrooks.
Just before the arrest, the teens blurred the images of the kids and later removed all the data from the dark web, claiming that all the data had already been deleted.
Kido’s, on the other hand, have worked closely with the police and other relevant authorities, offering complete cooperation throughout the investigation process.