August, 2025
August 30, 2025 – Phishing
Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms Full Text
Abstract
A new phishing campaign is targeting industrial manufacturing and supply chain organizations, primarily in the US. The campaign is designed to bypass traditional email security defenses and deliver a custom in-memory backdoor named MixShell.Help Net Security
August 30, 2025 – Criminals
Ransomware gang takedowns causing explosion of new, smaller groups Full Text
Abstract
Between July 2024 and June 2025, Malwarebytes tracked 41 new ransomware groups, with over 60 active groups operating simultaneously for the first time. On average, each ransomware group has attacked around five targets per month.The Record
August 30, 2025 – Attack
Claude AI chatbot abused to launch “cybercrime spree” Full Text
Abstract
Attackers abused the Claude AI chatbot to automate and execute sophisticated extortion operations. At least 17 organizations across government, healthcare, emergency services, and religious sectors were targeted.Malware Bytes
August 30, 2025 – Breach
Google warns that mass data theft hitting Salesloft AI agent has grown bigger Full Text
Abstract
A significant security incident involving the Salesloft Drift AI chat agent has led to the compromise of OAuth tokens, resulting in unauthorized access to Google Workspace email accounts.Ars Technica
August 29, 2025 – Phishing
Malicious Screen Connect Campaign Abuses AI-Themed Lures for Xworm Delivery Full Text
Abstract
A recent investigation uncovered a deceptive malware campaign leveraging fake AI-themed content to distribute a malicious ScreenConnect installer. This installer is pre-configured to deliver the Xworm malware.Trust Wave
August 29, 2025 – Phishing
ScamAgent shows how AI could power the next wave of scam calls Full Text
Abstract
A new AI-driven framework named ScamAgent demonstrates how LLMs can be weaponized to conduct highly convincing scam calls. This system leverages multi-turn conversations and text-to-speech (TTS) synthesis to bypass traditional AI safety guardrails.Help Net Security
August 29, 2025 – Vulnerabilities
Google Big Sleep AI Tool Finds Critical Chrome Vulnerability Full Text
Abstract
Google has patched a critical vulnerability (CVE-2025-9478) in the Chrome browser. The flaw, a use-after-free issue in the ANGLE graphics library, could allow attackers to execute malicious code via crafted web content.Hack Read
August 29, 2025 – Breach
TransUnion says hackers stole 4.4 million customers’ personal information Full Text
Abstract
A significant data breach has impacted TransUnion, one of the largest credit reporting agencies in the United States, compromising the personal information of over 4.4 million individuals.Tech Crunch
August 28, 2025 – Attack
ShadowSilk Campaign Targets Central Asian Governments Full Text
Abstract
A series of cyberattacks against government organizations in Central Asia and the Asia-Pacific has been linked to a threat cluster known as ShadowSilk, according to new research by Group-IB.Infosecurity Magazine
August 28, 2025 – Attack
Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier Full Text
Abstract
A suspected ransomware attack on Miljödata, a Swedish software provider used for managing sick leave and similar HR reports, is believed to have impacted around 200 of the country’s municipal governments.The Record
August 28, 2025 – Vulnerabilities
300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 Full Text
Abstract
Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex issued a fix earlier this month, Censys warned.Help Net Security
August 28, 2025 – Attack
Allied spy agencies blame three Chinese tech companies for Salt Typhoon attacks Full Text
Abstract
The activity identified by the intelligence services partially overlaps with campaigns reported by the cybersecurity industry and tracked as Salt Typhoon, RedMike, OPERATOR PANDA, UNC5807 and Ghost Emperor among others, stated the document.The Record
August 28, 2025 – Breach
Ransomware group says it hacked West Chester Township, Ohio Full Text
Abstract
West Chester Township officials on August 12 announced they had isolated and contained a cybersecurity breach. PEAR claimed responsibility for the attack on August 15, 2025, saying it stole 2 TB of data.ComapriTech
August 28, 2025 – Vulnerabilities
FreePBX servers hacked via zero-day, emergency fix released Full Text
Abstract
In an advisory posted to the FreePBX forums, the Sangoma FreePBX Security Team warned that since August 21, hackers have been exploiting a zero-day vulnerability in exposed FreePBX administrator control panels.Bleeping Computer
August 27, 2025 – Vulnerabilities
HPE security advisory (AV25-544) Full Text
Abstract
Hewlett Packard Enterprise (HPE) has issued Security Advisory AV25-544 on August 26, 2025, addressing multiple vulnerabilities in HPE Compute Scale-up Server 3200 systems. These vulnerabilities affect systems running versions prior to v1.60.88.Government of Canada
August 27, 2025 – Ransomware
Researchers flag code that uses AI systems to carry out ransomware attacks Full Text
Abstract
Researchers have identified PromptLock, the first known AI-powered ransomware, written in Golang. This malware leverages prompt injection attacks on large language models (LLMs) to execute ransomware functions.Cyber Scoop
August 27, 2025 – Attack
Velociraptor incident response tool abused for remote access Full Text
Abstract
Threat actors have been observed abusing the legitimate Velociraptor digital forensics and incident response (DFIR) tool to establish remote access and execute further malicious payloads.Sophos
August 27, 2025 – Attack
Data Is the New Diamond: Heists in the Digital Age Full Text
Abstract
A financially motivated data extortion campaign, active since at least December 2024, is targeting high-end retailers and luxury commerce sectors. The campaign involves threat actors compromising Salesforce environments using social engineering .Palo Alto Networks
August 26, 2025 – Policy and Law
Chinese Developer Jailed for Deploying Malicious Code at US Company Full Text
Abstract
A former software developer has been sentenced to four years in prison for deploying malicious code within the network of his US-based employer, causing widespread disruption and financial losses.Infosecurity Magazine
August 26, 2025 – Breach
National Public Data Relaunches Despite 2.9 Billion SSNs Breach Full Text
Abstract
The breach exposed approximately 2.9 billion records, including highly sensitive personal information such as Social Security numbers (SSNs), names, addresses, phone numbers, and familial relationships.Hack Read
August 26, 2025 – Breach
Blistering Wyden letter seeks review of federal court cybersecurity, citing ‘incompetence,’ ‘negligence’ Full Text
Abstract
The breach, attributed to alleged Russian hackers, exploited vulnerabilities that had remained unpatched for five years, with unauthorized access dating back to at least July. The breach compromised highly sensitive information.Cyber Scoop
August 26, 2025 – Breach
Farmers Insurance says 1 million customers affected by cyberattack on third-party vendor Full Text
Abstract
A significant data breach has impacted over 1 million customers of Farmers Insurance and its subsidiaries, stemming from a cyberattack on an undisclosed third-party vendor. The breach resulted in the exposure of sensitive personal information.The Record
August 26, 2025 – Breach
Auchan retailer data breach impacts hundreds of thousands of customers Full Text
Abstract
French multinational retailer Auchan has disclosed a significant data breach affecting several hundred thousand customers. The breach specifically impacted loyalty accounts, exposing personal data tied to these programs.Bleeping Computer
August 26, 2025 – Breach
New Jersey social services org notifies 42K people of data breach that leaked SSNs, medical and financial info Full Text
Abstract
Legacy Treatment Services, a New Jersey-based nonprofit healthcare provider, disclosed a ransomware attack affecting 41,826 individuals. The breach, attributed to the Interlock group, exposed extensive personal, financial, and medical data.CompariTech
August 26, 2025 – Vulnerabilities
AI browsers could leave users penniless: A prompt injection warning Full Text
Abstract
The rise of AI-powered and agentic browsers introduces a new class of cybersecurity threats—prompt injection attacks. These attacks exploit the language-processing capabilities of LLMs embedded in browsers.Malware Bytes
August 26, 2025 – Attack
New AI attack hides data-theft prompts in downscaled images Full Text
Abstract
An AI-based attack technique enables data theft by embedding malicious prompts within images. These prompts are revealed only after the images are downscaled by AI systems, allowing attackers to inject commands into LLMs without user awareness.Bleeping Computer
August 26, 2025 – Attack
Surge in coordinated scans targets Microsoft RDP auth servers Full Text
Abstract
A surge in coordinated scanning activity has been detected targeting Microsoft RDP Web Access and RDP Web Client authentication portals. This activity involves nearly 1,971 unique IP addresses.Bleeping Computer
August 25, 2025 – Phishing
ScreenConnect admins targeted with spoofed login alerts Full Text
Abstract
A low-volume spear-phishing campaign is targeting ScreenConnect Super Admins—users with full administrative control over their organization's deployment. The attackers aim to harvest login credentials MFA tokens.Help Net Security
August 25, 2025 – Malware
Android.Backdoor.916.origin malware targets Russian business executives Full Text
Abstract
A newly discovered Android spyware, Android.Backdoor.916.origin, is actively targeting Russian-speaking business executives by masquerading as a fake antivirus app named "GuardCB." The malware is designed for surveillance and data theft.Security Affairs
August 25, 2025 – Outage
O took offline operational systems following a ransomware attack Full Text
Abstract
Data I/O, a prominent manufacturer of manual and automated programming systems for flash memory, microcontrollers, and logic devices, reported a ransomware attack that forced the company to take several operational systems offline.Security Affairs
August 25, 2025 – Breach
Murky Panda hackers exploit cloud trust to hack downstream customers Full Text
Abstract
Murky Panda has recently compromised cloud service providers to abuse their trusted access to customer environments. In one case, they exploited zero-day vulnerabilities to access a SaaS provider’s cloud infrastructure.Bleeping Computer
August 25, 2025 – Education
Why satellite cybersecurity threats matter to everyone Full Text
Abstract
Many satellites currently in orbit are over 20 years old and were not designed with cybersecurity in mind. These legacy systems often lack the compute, memory, and storage capacity required to support modern cybersecurity tools.Help Net Security
August 25, 2025 – Botnet
GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets Full Text
Abstract
These campaigns—GeoServer exploitation, PolarEdge botnet, and the Gayfemboy Mirai variant—demonstrate a shift toward stealthy, persistent monetization and advanced evasion techniques.The Hacker News
August 25, 2025 – Phishing
Fake CoinMarketCap Journalists Targeting Crypto Executives in Spear-Phishing Campaign Full Text
Abstract
A targeted spear-phishing campaign is impersonating CoinMarketCap journalists to compromise cryptocurrency executives. The attackers exploit Zoom’s remote control feature to gain access to victims' systems.Hack Read
August 23, 2025 – Policy and Law
Dev gets 4 years for creating kill switch on ex-employer’s systems Full Text
Abstract
A software developer, Davis Lu, has been sentenced to four years in prison for deploying a kill switch and custom malware within the Windows production environment of a reportedly affected Ohio-based company.Bleeping Computer
August 23, 2025 – Phishing
Europol Denies $50K Reward for Qilin Ransomware, Calls It a Scam Full Text
Abstract
A fraudulent message claiming that Europol was offering a $50,000 reward for information on the Qilin ransomware group has been confirmed as a scam. The law enforcement agency has clarified that it does not use Telegram for official communications.Hack Read
August 23, 2025 – Vulnerabilities
U.S. CISA adds Apple iOS, iPadOS, and macOS flaw to its Known Exploited Vulnerabilities catalog Full Text
Abstract
CISA has added CVE-2025-43300, a zero-day vulnerability affecting Apple iOS, iPadOS, and macOS, to its KEV catalog. Successful exploitation can result in memory corruption, potentially allowing attackers to execute arbitrary code.Security Affairs
August 23, 2025 – Criminals
Interpol operation seizes $97 million in African cybercrime sweep Full Text
Abstract
A large-scale cybercrime crackdown across Africa, dubbed Operation Serengeti 2.0, has led to the arrest of 1,209 individuals, the dismantling of 11,432 malicious infrastructures, and the recovery of $97.4 million.Help Net Security
August 22, 2025 – Breach
Criminal background checker APCS faces data breach Full Text
Abstract
A significant data breach has impacted Access Personal Checking Services (APCS), a major UK-based provider of criminal background checks. The breach originated from a compromise at Intradev.The Register
August 22, 2025 – Malware
Fake Mac fixes trick users into installing new Shamos infostealer Full Text
Abstract
A new macOS infostealer malware named Shamos, developed by the cybercriminal group COOKIE SPIDER, is actively targeting Mac users through deceptive ClickFix attacks. Shamos is a variant of the Atomic macOS Stealer.Bleeping Computer
August 22, 2025 – Breach
DaVita says ransomware gang stole data of nearly 2.7 million people Full Text
Abstract
DaVita Inc., a leading kidney dialysis provider, has confirmed a ransomware attack that compromised the personal and health data of nearly 2.7 million individuals. The Interlock ransomware gang claimed responsibility.Bleeping Computer
August 22, 2025 – Policy and Law
Chinese national who sabotaged Ohio company’s systems handed four-year jail stint Full Text
Abstract
A former employee of Eaton Corporation, a power management company based in Ohio, has been sentenced to four years in prison for intentionally sabotaging the company’s computer systems.The Record
August 22, 2025 – General
The Good, the Bad and the Ugly in Cybersecurity – Week 34 Full Text
Abstract
Key incidents include the sentencing of high-profile cybercriminals, enhanced supply chain protections by PyPI, the evolution of the Noodlophile infostealer, and a sophisticated DPRK-linked espionage campaign using the MoonPeak RAT.Sentinel One
August 22, 2025 – Breach
IT staffing firm The Computer Merchant notifies 34K people of data breach that leaked SSNs Full Text
Abstract
The Computer Merchant, an IT staffing firm based in Norwell, Massachusetts, has disclosed a data breach affecting 34,127 individuals. The breach, attributed to the Play ransomware group, exposed sensitive personal data.Compari Tech
August 20, 2025 – Government
Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure Full Text
Abstract
The FBI has issued a warning about Russian FSB cyber actors (Center 16), also known as Berserk Bear and Dragonfly, targeting networking devices and critical infrastructure globally. These actors exploit CVE-2018-0171 in Cisco Smart Install.FBI
August 20, 2025 – Vulnerabilities
Commvault security advisory (AV25-531) Full Text
Abstract
Four high-severity vulnerabilities have been identified affecting versions 11.32.0 to 11.32.101 and 11.36.0 to 11.36.59 of Commvault software. Proof-of-concept exploit code exists for these issues, increasing the risk of exploitation.Government of Canada
August 20, 2025 – Policy and Law
A hacker tied to Yemen Cyber Army gets 20 months in prison Full Text
Abstract
A UK-based hacker, Al-Tahery Al-Mashriky (26), linked to the Yemen Cyber Army (YCA) and Spider Team, has been sentenced to 20 months in prison for defacing thousands of websites and possessing stolen personal data.Security Affairs
August 20, 2025 – Vulnerabilities
Google fixed Chrome flaw found by Big Sleep AI Full Text
Abstract
Google has released Chrome version 139 to address a high-severity vulnerability (CVE-2025-9132) in the V8 JavaScript and WebAssembly engine. CVE-2025-9132 is a high-severity out-of-bounds write vulnerability in the V8 engine.Security Affairs
August 20, 2025 – Vulnerabilities
Citizen Lab Reports Hidden VPN Networks Sharing Ownership and Security Flaws Full Text
Abstract
A new report by Citizen Lab titled “Hidden Links” has uncovered that several popular VPN apps, including Turbo VPN, VPN Monster, and Snap VPN, are secretly operated by the same entities and exhibit critical security flaws.Hack Read
August 20, 2025 – Vulnerabilities
Elastic rejects claims of a zero-day RCE flaw in Defend EDR Full Text
Abstract
On August 19, Elastic publicly refuted claims made by AshES Cybersecurity regarding a zero-day remote code execution (RCE) vulnerability in its Defend endpoint detection and response (EDR) product.Bleeping Computer
August 20, 2025a – Policy and Law
DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks Full Text
Abstract
U.S. authorities have charged 22-year-old Ethan Foltz for operating the RapperBot botnet, also known as "CowBot" and "Eleven Eleven Botnet." This botnet facilitated over 370,000 DDoS attacks across 80+ countries.The Hacker News
August 20, 2025 – Breach
`
NY Business Council discloses data breach affecting 47,000 people Full Text
Abstract
The Business Council of New York State (BCNYS) has disclosed a data breach affecting 47,329 individuals. The breach involved unauthorized access to sensitive personal, financial, and health data.Bleeping Computer
August 20, 2025 – Breach
Ransomware gang says it hacked drug research firm Inotiv Full Text
Abstract
On August 8, 2025, Inotiv, a U.S.-based drug research firm, disclosed a ransomware attack in an SEC filing. The Qilin ransomware group claimed responsibility, stating it exfiltrated 176 GB of sensitive data.CompariTech
August 20, 2025 – Vulnerabilities
Apache ActiveMQ attackers patch critical vuln after entry Full Text
Abstract
A new attack campaign is targeting Apache ActiveMQ servers by exploiting CVE-2023-46604, a critical vulnerability with a CVSS score of 9.8. Threat actors are deploying a custom Linux malware dubbed DripDropper to establish persistence.The Register
August 18, 2025 – Malware
PipeMagic in 2025: How the backdoor operators’ tactics have changed Full Text
Abstract
PipeMagic is a backdoor first detected in December 2022 while researchers were investigating a malicious campaign involving RansomExx. The victims were industrial companies in Southeast Asia.Secure List
August 18, 2025 – Criminals
Threat Actor Claims to Sell 15.8 Million Plain-Text PayPal Credentials Full Text
Abstract
A threat actor using the name Chucky_BF on a cybercrime and hacker forum is advertising what they claim to be a massive PayPal data dump. The post describes a trove allegedly containing more than 15.8 million records of email and plaintext passwords.Hack Read
August 18, 2025 – Outage
Colt Customers Face Prolonged Outages After Major Cyber Incident Full Text
Abstract
On August 14, the telecommunications giant publicly confirmed that an internal system was breached. Although this system was disconnected from its customer-facing infrastructure, the company has taken some systems offline in respond to the incident.Infosecurity Magazine
August 18, 2025 – Policy and Law
DoJ seizes $2.8M linked to Zeppelin Ransomware Full Text
Abstract
DoJ seized $2.8M in crypto from Ianis Antropenko, indicted in Texas and tied to the defunct Zeppelin ransomware. The U.S. Department of Justice (DoJ) seized more than $2.8 million in cryptocurrency from Ianis Aleksandrovich Antropenko.Security Affairs
August 18, 2025 – Breach
Human resources firm Workday disclosed a data breach Full Text
Abstract
Human resources firm Workday disclosed a data breach after attackers accessed a third-party CRM platform via social engineering. The company provides services to over 11,000 organizations, including over 60% of Fortune 500 firms.Security Affairs
August 15, 2025 – Breach
Hackers exploit Microsoft flaw to breach Canada ’s House of Commons Full Text
Abstract
“The House of Commons and Canada’s cybersecurity agency are investigating a significant data breach caused by an unknown “threat actor” targeting employee information.” reported CBC News.Security Affairs
August 15, 2025 – Outage
Telco giant Colt suffers attack, takes systems offline Full Text
Abstract
Colt Technology Services says a "cyber incident" is to blame for its customer portal and other services being down for a number of days. The issues began on August 12 when a reported incident led to disrupted services for some customers.The Register
August 15, 2025 – Attack
‘Blue Locker’ Ransomware Targeting Oil & Gas Sector in Pakistan Full Text
Abstract
Blue Locker ransomware hits Pakistan’s oil & gas sector. NCERT-Pakistan has warned ministries of severe ongoing risk. Notably, the malicious cyber activity took place in close proximity to the celebration of Pakistan’s Independence Day.Security Affairs
August 15, 2025 – APT
UAT-7237 targets Taiwanese web hosting infrastructure Full Text
Abstract
Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat (APT) group active since at least 2022, which has significant overlaps with UAT-5918. UAT-7237 aims to establish long-term persistence in high-value victim environments.Talos Intelligence
August 15, 2025 – Policy and Law
US updates sanctions on Russian cryptocurrency exchange Garantex Full Text
Abstract
The U.S. Treasury Department has renewed and expanded sanctions against Russian cryptocurrency exchange Garantex, its successor Grinex, and associated individuals and entities.The Record
August 15, 2025 – Criminals
For $40, you can buy stolen police and government email accounts Full Text
Abstract
Cybercriminals are actively selling access to active and still-in-use police and government email accounts on the dark web for as little as $40. These accounts originate from agencies in the U.S., U.K, Germany, India, and Brazil.Help Net Security
August 14, 2025 – General
What happened in Vegas (that you actually want to know about) Full Text
Abstract
Cisco Talos unveiled several critical cybersecurity developments at Black Hat USA 2025, including a new multi-stage malware campaign named PS1Bot and groundbreaking research on AI guardrail bypasses and embedded chip vulnerabilities.Talos Intelligence
August 14, 2025 – Breach
Norway confirms dam intrusion by Pro-Russian hackers Full Text
Abstract
Pro-Russian hackers seized control of a dam in Bremanger, Norway, in a demonstrative cyberattack targeting critical infrastructure. The attackers opened a flood gate to release 500 liters of water per second for four hours before being stopped.Security Affairs
August 14, 2025 – Vulnerabilities
Threat Signal Report Full Text
Abstract
Critical authentication bypass vulnerabilities have been discovered in Zscaler, Netskope, and Check Point ZTNA. These vulnerabilities allow to bypass authentication mechanisms, impersonate users across organizations, and access sensitive data.FortiGuard
August 14, 2025 – Vulnerabilities
Zoom patches critical Windows flaw allowing privilege escalation Full Text
Abstract
Zoom has patched a critical vulnerability (CVE-2025-49457) in its Windows clients that could allow unauthenticated attackers to escalate privileges via network access. The flaw stems from an untrusted search path and affects several Zoom productsSecurity Affairs
August 14, 2025 – Attack
Croatian research institute confirms ransomware attack via ToolShell vulnerabilities Full Text
Abstract
The Ruder Boškovic Institute (RBI), Croatia’s largest science and technology research institute, has confirmed a ransomware attack on July 31, 2025, exploiting Microsoft SharePoint "ToolShell" vulnerabilities.Help Net Security
August 14, 2025 – Attack
Ransomware gang takes credit for cyber attack on Box Elder County, UT Full Text
Abstract
The Interlock ransomware gang has claimed responsibility for a cyberattack on Box Elder County, Utah, which occurred on August 6, 2025. The group alleges it exfiltrated 4.5 TB of data, amounting to approximately 2.1 million files.Compari Tech
August 14, 2025 – Attack
When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal Full Text
Abstract
A recent campaign orchestrated by the EncryptHub threat group combines social engineering tactics with exploitation of CVE-2025-26633 to deliver malicious payloads. Attackers impersonate Brave Support to deceive users.Trust Wave
August 14, 2025 – General
Fictitious Law Firms Targeting Cryptocurrency Scam Victims Combine Multiple Exploitation Tactics While Offering to Recover Funds Full Text
Abstract
Scammers are increasingly impersonating fictitious law firms to defraud individuals—particularly vulnerable populations such as the elderly—who have previously fallen victim to cryptocurrency scams.IC3
August 13, 2025 – Malware
Fake Minecraft Installer Spreads NjRat Spyware to Steal Data Full Text
Abstract
A malicious campaign is distributing the NjRat Remote Access Trojan (RAT) through a fake Minecraft installer disguised as a browser-based clone called Eaglercraft 1.12 Offline.Hack Read
August 13, 2025 – General
Speed kills: AI coding tools revive old-school hacks Full Text
Abstract
Researchers uncovered critical vulnerabilities in AI-powered coding tools that prioritize development speed over security. Tools like CodeRabbit can be exploited to perform RCE and exfiltrate sensitive data from development environments.Reversing Labs
August 13, 2025 – Attack
Active attacks target Office vuln patched 8 years ago Full Text
Abstract
Attackers continue to exploit CVE-2017-11882, a remote code execution vulnerability in Microsoft Office's Equation Editor, despite it being patched in 2017 and the component being removed in 2018.The Register
August 13, 2025 – Phishing
Deepfake AI Trading Scams Target Global Investors Full Text
Abstract
A sophisticated wave of fraudulent “AI-powered” trading platforms is targeting global investors using deepfake technology and coordinated online deception. These exploit artificial intelligence to impersonate public figures and fabricate credibility.Infosecurity Magazine
August 13, 2025 – Breach
Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach Full Text
Abstract
Allianz Life has confirmed a significant data breach involving the exposure of 2.8 million sensitive records, affecting the majority of its 1.4 million customers. The breach is linked to a compromise of a third-party Salesforce CRM system.Security Affairs
August 13, 2025 – Criminals
Cybercriminals Exploit Low-Cost Initial Access Broker Market Full Text
Abstract
The most common initial access vectors included: VPN accounts – 23.5% Domain user accounts – 19.9% Remote Desktop Protocol (RDP) – 16.7% Such access enables threat actors to perform lateral movement, defense evasion, and data exfiltration.Infosecurity Magazine
August 13, 2025 – Hacker
Muddled Libra’s Strike Teams: Amalgamated Evil Full Text
Abstract
Since late 2022, threat researchers from Unit 42 have tracked at least seven distinct strike teams associated with Muddled Libra. These teams are not static; personas frequently move between them, and their objectives and methods evolve over time.Palo Alto Networks
August 13, 2025 – Phishing
Malvertising campaign leads to PS1Bot, a multi-stage malware framework Full Text
Abstract
A persistent malvertising campaign active throughout 2025 is delivering PS1Bot, a modular multi-stage malware framework written in PowerShell and C#. PS1Bot is designed for stealth and flexibility.Talos Intelligence
August 13, 2025 – Vulnerabilities
SAP fixed 26 flaws in August 2025 Update, including 4 Critical Full Text
Abstract
The vulnerabilities pose severe risks including full system compromise, unauthorized code execution, and unauthorized database access. Exploitation could lead to loss of confidentiality, integrity, and availability across affected SAP environments.Security Affairs
August 13, 2025 – Attack
Russian government hackers said to be behind US federal court filing system hack: Report Full Text
Abstract
A recent cyberattack on the U.S. federal court filing system, PACER, has been attributed to Russian government hackers. The breach has compromised sealed legal records and potentially exposed the identities of confidential informants.Tech Crunch
August 12, 2025 – Outage
Major outage at Pennsylvania OAG blamed on ‘cyber incident’ Full Text
Abstract
The Pennsylvania Office of Attorney General (OAG) is experiencing a major service outage due to a suspected cyber incident. The disruption has rendered its website, email systems, and phone lines inoperable for two consecutive days.The Register
August 12, 2025 – Phishing
Home Office Phishing Scam Targets UK Immigration Sponsors Full Text
Abstract
A phishing campaign is actively targeting UK organizations licensed to sponsor foreign workers and students by impersonating the UK Home Office. The attackers aim to steal Sponsorship Management System credentials to facilitate immigration fraud.Infosecurity Magazine
August 12, 2025 – Policy and Law
Ghanaian Nationals Extradited for Roles in $100M Romance and Wire Frau Full Text
Abstract
Four Ghanaian nationals have been indicted for orchestrating a transnational fraud ring responsible for over $100 million in losses through romance scams and Business Email Compromise (BEC) schemes.Infosecurity Magazine
August 12, 2025 – Ransomware
Researchers cracked the encryption used by DarkBit ransomware Full Text
Abstract
Cybersecurity firm Profero has successfully cracked the encryption used by the DarkBit ransomware, enabling victims to recover encrypted files without paying a ransom. The ransomware is attributed to the Iran-linked MuddyWater APT group.Security Affairs
August 12, 2025 – Vulnerabilities
Researchers determine old vulnerabilities pose real-world threat to sensitive data in public clouds Full Text
Abstract
The vulnerability poses a significant threat to public cloud providers, whose business model involves offering remote code execution as a service and renting out shared hardware resources.Cyber Scoop
August 12, 2025 – Breach
North Korean Kimsuky hackers exposed in alleged data breach Full Text
Abstract
A major breach has exposed the inner workings of the North Korean state-sponsored threat group Kimsuky. Two hackers, 'Saber' and 'cyb0rg', leaked 8.9GB of Kimsuky's internal data, citing ethical motivations.Bleeping Computer
August 12, 2025 – Vulnerabilities
SonicWall pins firewall attack spree on year-old vulnerability Full Text
Abstract
A recent surge in ransomware attacks targeting SonicWall Gen 7 firewalls has been attributed to CVE-2024-40766, a critical improper access control vulnerability in SonicOS. SonicWall has denied the presence of a zero-day vulnerability.Cyber Scoop
August 12, 2025 – Attack
High-severity WinRAR 0-day exploited for weeks by 2 groups Full Text
Abstract
A critical zero-day vulnerability in WinRAR has been actively exploited by two Russian cybercrime groups. The attackers used phishing emails with malicious archive attachments to backdoor victim systems.Ars Technica
August 11, 2025 – Vulnerabilities
Xerox FreeFlow Flaws Enable SSRF and Remote Code Execution Full Text
Abstract
Xerox has released critical patches for FreeFlow Core version 8.0.4 to address two high-severity vulnerabilities—CVE-2025-8355 and CVE-2025-8356—that enable Server-Side Request Forgery (SSRF) and Remote Code Execution (RCE).GBHackers
August 11, 2025 – Criminals
MedusaLocker ransomware group is looking for pentesters Full Text
Abstract
The MedusaLocker ransomware group, active since 2019 and operating under a Ransomware-as-a-Service (RaaS) model, has announced a recruitment drive for penetration testers via its Tor-based data leak site.Security Affairs
August 11, 2025 – Breach
Connex Credit Union data breach impacts 172,000 members Full Text
Abstract
Connex Credit Union, one of Connecticut’s largest non-profit financial institutions, has disclosed a significant data breach that compromised the personal and financial information of approximately 172,000 individuals.Bleeping Computer
August 11, 2025 – Vulnerabilities
Smart Buses flaws expose vehicles to tracking, control, and spying Full Text
Abstract
Researchers have uncovered critical vulnerabilities in smart bus systems that could allow attackers to remotely track, control, or spy on vehicles. These flaws arise from the insecure integration of passenger Wi-Fi and critical vehicle systems.Security Affairs
August 11, 2025 – Vulnerabilities
ReVault! When your SoC turns against you… deep dive edition Full Text
Abstract
Researchers uncovered multiple critical vulnerabilities in Dell ControlVault3 and ControlVault3 Plus firmware, including CVE-2025-25215, CVE-2025-24922, and CVE-2025-24919.Talos Intelligence
August 11, 2025 – Phishing
WinRAR zero-day exploited to plant malware on archive extraction Full Text
Abstract
A critical 0-day vulnerability in WinRAR, tracked as CVE-2025-8088, was actively exploited by the RomCom threat actor group in phishing campaigns. The flaw, a directory traversal vulnerability, allows attackers to extract files into arbitrary paths.Bleeping Computer
August 11, 2025 – Breach
The inside story of the Telemessage saga Full Text
Abstract
A major security lapse in TeleMessage, a Signal clone used by U.S. government officials, has led to the exposure of 410GB of sensitive communications. Over 780 CBP officer emails were compromised.The Register
August 11, 2025 – Ransomware
Embargo Ransomware nets $34.2M in crypto since April 2024 Full Text
Abstract
According to a new report, the Embargo ransomware group has amassed approximately $34.2 million in cryptocurrency since its emergence in April 2024. The group primarily targets the healthcare, business services, and manufacturing sectors.Security Affairs
August 11, 2025 – Vulnerabilities
Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere Full Text
Abstract
A security researcher uncovered critical vulnerabilities in a major carmaker’s dealership web portal that allowed unauthorized creation of a national admin account. This access enabled full control over customer and vehicle data.Tech Crunch
August 11, 2025 – Phishing
After researchers unmasked a prolific SMS scammer, a new operation has emerged in its wake Full Text
Abstract
A new large-scale SMS phishing operation, dubbed Magic Mouse, has emerged following the takedown of the earlier scam campaign known as Magic Cat. Magic Mouse is now responsible for the theft of approximately 650,000 credit cards per month.Tech Crunch
August 8, 2025 – General
From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends Full Text
Abstract
Between late 2024 and early 2025, the percentage of customers affected by security incidents nearly tripled, rising from 6% to 17%. Over half of these incidents began at the initial access stage.Help Net Security
August 8, 2025 – Attack
Royal and BlackSuit ransomware gangs hit over 450 US companies Full Text
Abstract
The Royal and BlackSuit ransomware gangs, believed to be successors of the Conti syndicate, have compromised over 450 U.S. organizations since 2022, collecting more than $370 million in ransom payments.Bleeping Computer
August 8, 2025 – Law Article
Australian Regulator Sues Optus Over 2022 Data Breach Full Text
Abstract
The Australian Information Commissioner (AIC) has initiated civil proceedings against telecommunications provider Optus over a 2022 data breach that compromised the personal information of 9.5 million Australians.Infosecurity Magazine
August 8, 2025 – Privacy
Research reveals possible privacy gaps in Apple Intelligence’s data handling Full Text
Abstract
Findings indicate that Siri and related services may transmit sensitive user data to Apple servers beyond what is disclosed in Apple’s privacy policies, raising questions about user consent, data handling transparency, and more.Cyber Scoop
August 8, 2025 – Breach
Columbia University data breach impacts nearly 870,000 individuals Full Text
Abstract
Columbia University has disclosed a significant data breach that compromised the sensitive information of 868,969 individuals, including current and former students, employees, applicants, and their family members.Bleeping Computer
August 8, 2025 – Malware
Efimer Trojan delivered via email and hacked WordPress websites Full Text
Abstract
A new malware campaign involving the Efimer Trojan has been observed targeting cryptocurrency users and WordPress site administrators. Efimer is a ClipBanker-type Trojan that steals and replaces cryptocurrency wallet addresses.Secure List
August 8, 2025 – Vulnerabilities
Juniper Networks security advisory (AV25-491) Full Text
Abstract
On August 8, 2025, Juniper Networks issued Security Advisory AV25-491 to address multiple vulnerabilities in Juniper Secure Analytics (JSA). These vulnerabilities affect versions 7.5.0 up to but not including 7.5.0 UP12 IF03.Government of Canada
August 8, 2025 – Attack
North Korean cyber-espionage group ScarCruft adds ransomware in recent attack Full Text
Abstract
ScarCruft, a North Korean state-sponsored cyber-espionage group, has taken the unusual step of deploying a new ransomware named VCD in its latest campaign. ScarCruft used phishing emails with malicious archive attachments to gain initial access.The Record
August 8, 2025 – Breach
US court system to boost cyber posture after hack of electronic case management tool Full Text
Abstract
The US federal judiciary issued a statement confirming that its electronic case management system had been compromised in a cyberattack. The judiciary is implementing enhanced cybersecurity measures to protect sensitive legal documents and case data.Next Gov
August 8, 2025 – Breach
Cyberattack hits France’s third-largest mobile operator, millions of customers affected Full Text
Abstract
Bouygues Telecom, France’s third-largest mobile operator, has confirmed a significant cyberattack that compromised the personal data of approximately 6.4 million customer accounts.The Record
August 8, 2025 – Vulnerabilities
Encryption Made for Police and Military Radios May Be Easily Cracked Full Text
Abstract
Researchers have uncovered critical vulnerabilities in end-to-end encryption (E2EE) used in TETRA-based radios, which are widely deployed by police, military, and intelligence agencies globally.Wired
August 8, 2025 – Phishing
Adult sites trick users into Liking Facebook posts using a clickjack Trojan Full Text
Abstract
A new clickjacking campaign is exploiting adult content websites hosted on blogspot[.]com to distribute a Trojan that manipulates Facebook interactions. This campaign leverages malicious SVG files containing obfuscated JavaScript.Malware Bytes
August 8, 2025 – Breach
Air France and KLM disclosed data breaches following the hack of a third-party platform Full Text
Abstract
Air France and KLM have disclosed a data breach resulting from unauthorized access to a third-party customer service platform. The breach exposed limited customer data but did not compromise sensitive information such as passwords or payment details.Security Affairs
August 8, 2025 – Vulnerabilities
Why blow up satellites when you can just hack them? Full Text
Abstract
Researchers revealed critical vulnerabilities in satellite and ground station software that could allow attackers to hijack or disable space assets. Exploitation of these bugs could allow attackers to take full control of satellite systems and more.The Register
August 8, 2025 – General
Leak Reveals the Workaday Lives of North Korean IT Scammers Full Text
Abstract
A newly leaked trove of data has exposed the inner workings of North Korea’s covert IT worker operations, revealing how the regime systematically places skilled developers in remote jobs worldwide to generate revenue for its weapons programs.Wired
August 7, 2025 – Vulnerabilities
Exploring the Top Cyber Threats Facing Agentic AI Systems Full Text
Abstract
Context corruption is the most critical threat to agentic AI systems. LLMs are unreliable at distinguishing between legitimate and malicious instructions. Attackers can inject malicious prompts that alter the agent’s behavior.Infosecurity Magazine
August 7, 2025 – Phishing
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams Full Text
Abstract
A sophisticated cybercriminal operation led by the VexTrio group has been uncovered, involving the distribution of fraudulent mobile applications through the Google Play Store and Apple App Store.The Hacker News
August 7, 2025 – Breach
Google confirms customer data stolen from Salesforce DB Full Text
Abstract
Google has confirmed a data breach involving one of its Salesforce instances, attributed to the threat actor group UNC6040, linked to the notorious ShinyHunters. The attackers accessed contact information and related notes of SMB customers.The Register
August 7, 2025 – Vulnerabilities
‘High-severity’ Microsoft Exchange vulnerability disclosed on heels of Black Hat talk Full Text
Abstract
The vulnerability (CVE-2025-53786) allows attackers to manipulate user credentials, escalate privileges, and impersonate hybrid users. It also exposes Entra ID, potentially compromising cloud-based identity services.Next Gov
August 6, 2025 – Breach
KLM Confirms Customer Data Breach Linked to Third-Party System Full Text
Abstract
KLM Royal Dutch Airlines has confirmed a data breach involving a third-party system that exposed customer data from previous interactions with its customer service team. Affected users, including frequent flyers, were notified via email.Hack Read
August 6, 2025 – Vulnerabilities
Hackers Hijacked Google’s Gemini AI With a Poisoned Calendar Invite to Take Over a Smart Home Full Text
Abstract
Security researchers have demonstrated a groundbreaking indirect prompt injection attack against Google’s Gemini AI, showing how malicious calendar invites can trigger real-world actions in smart homes.Wired
August 6, 2025 – Vulnerabilities
WWBN, MedDream, Eclipse vulnerabilities Full Text
Abstract
Researchers have disclosed multiple vulnerabilities across WWBN AVideo, MedDream PACS Premium, and Eclipse ThreadX FileX. These include cross-site scripting (XSS), race conditions, privilege escalation, and buffer overflow issues.Talos Intelligence
August 6, 2025 – Attack
UAC-0099 Hackers Weaponize HTA Files to Deploy MATCHBOIL Loader Malware Full Text
Abstract
UAC-0099, a threat actor group, is actively targeting Ukrainian defense and government entities using a sophisticated malware delivery chain. The campaign leverages phishing emails with double-archived HTA files to deploy the MATCHBOIL loader.GBHackers
August 6, 2025 – Criminals
Ransomware gang gives Ridgefield Public Schools 2 days to pay before 90 GB is leaked Full Text
Abstract
Ridgefield Public Schools (RPS) in Connecticut was targeted by the ransomware group SafePay on July 24, 2025. SafePay demanded a ransom and threatened to leak 90 GB of stolen data if unpaid.CompariTech
August 6, 2025 – Malware
Shared secret: EDR killer in the kill chain Full Text
Abstract
A new wave of sophisticated EDR killer tools, often packed with HeartCrypt, is being deployed by multiple ransomware groups to disable endpoint defenses and facilitate ransomware execution.Sophos
August 6, 2025 – Malware
Active infrastructure for Candiru spyware linked to Hungary, Saudi Arabia Full Text
Abstract
Researchers identified eight operational infrastructure clusters associated with Candiru’s DevilsTongue spyware, a Windows-based surveillance tool. Five of these clusters are currently active, with confirmed links to Hungary and Saudi Arabia.The Record
August 6, 2025 – Breach
PBS confirms data breach after employee info leaked on Discord servers Full Text
Abstract
PBS has confirmed a data breach involving the exposure of sensitive corporate contact information for nearly 4,000 employees and affiliates. The leaked data has been circulating on Discord servers frequented by fans of PBS Kids.Bleeping Computer
August 6, 2025 – Vulnerabilities
Vibe coding tool Cursor allows persistent code execution Full Text
Abstract
A critical vulnerability in the AI-powered code editor Cursor, identified as “MCPoison,” allows persistent remote code execution through manipulation of the Model Context Protocol (MCP) configuration.The Register
August 6, 2025 – Vulnerabilities
Potential SSL VPN Zero-Day vulnerability impacting Gen 7 SonicWall Firewalls Full Text
Abstract
A potential zero-day vulnerability in SonicWall Gen 7 SSL VPN firewalls is being actively exploited to bypass multi-factor authentication (MFA) and deploy Akira ransomware. Successful exploitation allows bypassing MFA and deploying ransomware.Government of Canada
August 5, 2025 – Breach
Cisco discloses data breach impacting Cisco.com user accounts Full Text
Abstract
Cisco has disclosed a data breach affecting users of Cisco.com, following a successful voice phishing (vishing) attack that compromised a third-party cloud-based Customer Relationship Management (CRM) system.Bleeping Computer
August 5, 2025 – Attack
Dutch Caribbean islands respond to cyberattacks on courts, tax departments Full Text
Abstract
Multiple Dutch Caribbean territories — including Curaçao, Aruba, and Sint Maarten — have recently experienced significant cyberattacks targeting government institutions such as tax departments, courts, and parliamentary systems.The Record
August 5, 2025 – Hacker
Pro-Iran Hackers Aligned Cyber with Kinetic War Aims Full Text
Abstract
A recent surge in cyber operations by pro-Iran hacking groups has been observed in alignment with a 12-day kinetic conflict against Israel. They targeted critical infrastructure, public entities, and individuals through a variety of techniques.Infosecurity Magazine
August 5, 2025 – Phishing
Smart Contract Scams | Ethereum Drainers Pose as Trading Bots to Steal Crypto Full Text
Abstract
A widespread cryptocurrency scam campaign has been uncovered, where threat actors distribute malicious Ethereum smart contracts disguised as trading bots. These contracts have collectively stolen over $900,000 USD from unsuspecting users.Sentinel One
August 5, 2025 – Government
Crypto ATMs fueling criminal activity, Treasury warns Full Text
Abstract
Crypto ATMs have seen a dramatic rise in deployment across the United States. According to data cited by FinCEN from Coin ATM Radar, the number of reported Bitcoin ATMs in the U.S. increased from 4,250 in early 2020 to 30,647 as of August 4, 2025.The Record
August 5, 2025 – Vulnerabilities
NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers Full Text
Abstract
Multiple critical vulnerabilities in NVIDIA's Triton Inference Server for Windows and Linux allow unauthenticated remote attackers to achieve remote code execution (RCE) and hijack AI servers.The Hacker News
August 4, 2025 – Phishing
Mozilla warns of phishing attacks targeting add-on developers Full Text
Abstract
Mozilla issued a warning about an active phishing campaign targeting developers on its official add-on repository. Mozilla’s add-on platform hosts over 60,000 browser extensions and more than 500,000 themes.Bleeping Computer
August 4, 2025 – Vulnerabilities
Bitdefender Warns Users to Update Dahua Cameras Over Critical Flaws Full Text
Abstract
Bitdefender has identified two critical vulnerabilities—CVE-2025-31700 and CVE-2025-31701—in Dahua security cameras, including the widely used Hero C1 model. These flaws allow unauthenticated attackers to gain full remote access to affected devices.Hack Read
August 4, 2025 – Malware
Ghost in the Zip | New PXA Stealer and Its Telegram-Powered Ecosystem Full Text
Abstract
A sophisticated infostealer campaign leveraging the Python-based PXA Stealer has compromised over 4,000 systems across 62 countries. The campaign exfiltrates credentials, cookies, and financial data via Telegram bots and Cloudflare Workers.Sentinel One
August 4, 2025 – Vulnerabilities
Microsoft Recall can still nab credit cards, passwords, info Full Text
Abstract
Microsoft Recall continues to capture sensitive data such as credit card numbers and passwords despite built-in filters. Although Microsoft labels Recall as a "preview" app, it is actively pushed during the Windows Out-of-Box Experience (OOBE).The Register
August 4, 2025 – Attack
New Attack Uses Windows Shortcut Files to Install REMCOS Backdoor Full Text
Abstract
A newly identified malware campaign leverages malicious Windows shortcut (LNK) files to install the REMCOS remote access trojan (RAT). This multi-stage attack uses stealthy techniques to gain full control over victim systems.Hack Read
August 4, 2025 – Malware
New Linux backdoor Plague bypasses auth via malicious PAM module Full Text
Abstract
A newly discovered Linux backdoor named Plague has been identified by researchers. Disguised as a malicious Pluggable Authentication Module (PAM), Plague enables attackers to bypass authentication mechanisms and maintain persistent SSH access.Security Affairs
August 4, 2025 – Ransomware
Akira Ransomware targets SonicWall VPNs in likely zero-day attacks Full Text
Abstract
Akira ransomware is exploiting a likely zero-day vulnerability in SonicWall SSL VPNs, targeting even fully patched devices with multi-factor authentication (MFA) and rotated credentials. Multiple intrusions were observed in late July 2025.Security Affairs
August 4, 2025 – Attack
Attackers exploit link-wrapping services to steal Microsoft 365 logins Full Text
Abstract
The campaign involves threat actors abusing link-wrapping services from trusted providers such as Proofpoint and Intermedia to disguise malicious URLs that lead to Microsoft 365 credential harvesting pages.Bleeping Computer
August 1, 2025 – Government
China accuses US of exploiting Microsoft zero-day in cyberattack Full Text
Abstract
China has accused U.S. intelligence agencies of conducting cyberattacks on two Chinese military enterprises, including the exploitation of a Microsoft Exchange zero-day vulnerability.Cyber Scoop
August 1, 2025 – Outage
Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage Full Text
Abstract
Luxembourg experienced a nationwide telecommunications outage lasting over three hours, reportedly due to a cyberattack targeting Huawei router software within POST Luxembourg’s infrastructure.The Record
August 1, 2025 – Breach
Florida prison exposes visitor contact info to every inmate Full Text
Abstract
A data breach at a Florida prison has exposed the personal contact information of prison visitors to all inmates, raising significant concerns about potential extortion, harassment, and physical threats to both inmates and their families.The Register
August 1, 2025 – Vulnerabilities
AI-powered Cursor IDE vulnerable to prompt-injection attacks Full Text
Abstract
A critical prompt-injection vulnerability, identified as CVE-2025-54135 and dubbed "CurXecute", affects almost all versions of the AI-powered Cursor IDE prior to version 1.3. This flaw allows remote code execution with developer privileges.Bleeping Computer
August 1, 2025 – Breach
Pi-hole discloses data breach triggered by WordPress plugin flaw Full Text
Abstract
Pi-hole, a widely-used network-level ad-blocker, has disclosed a data breach caused by a vulnerability in the GiveWP WordPress donation plugin. The flaw exposed donor names and email addresses to the public via the webpage's source code.Bleeping Computer
August 1, 2025 – General
Staggering 800% Rise in Infostealer Credential Theft Full Text
Abstract
Flashpoint’s Global Threat Intelligence Index: 2025 Midyear Edition, analyzing over 3.6 petabytes of data, reports an 800% surge in credential theft, with 1.8 billion credentials stolen from 5.8 million infected devices.Infosecurity Magazine
August 1, 2025 – Malware
Android Malware Targets Banking Users Through Discord Channels Full Text
Abstract
A new variant of the DoubleTrouble trojan is actively targeting users across Europe, posing a significant threat to financial data security. Initially spread via phishing websites, the malware now leverages Discord-hosted APKs for distribution.Infosecurity Magazine
August 1, 2025 – Vulnerabilities
Attackers actively exploit critical zero-day in Alone WordPress Theme Full Text
Abstract
A critical zero-day vulnerability (CVE-2025-5394, CVSS 9.8) in the Alone – Charity Multipurpose Non-profit WordPress Theme is being actively exploited by threat actors. The theme has over 9,000 installations.Security Affairs
August 1, 2025 – Vulnerabilities
Back Up With Care, But Neglecting Patches can Leave You in Despair! Full Text
Abstract
CVE-2024-7348 is a race condition vulnerability in PostgreSQL's `pg_dump` utility that allows attackers with sufficient privileges to execute arbitrary SQL commands as the user running the dump, often a superuser.Trust Wave
August 1, 2025 – Privacy
Kremlin goons caught abusing local ISPs to spy on diplomats Full Text
Abstract
Microsoft has confirmed that the Russian state-sponsored threat group Secret Blizzard (aka Turla, VENOMOUS BEAR) is conducting cyber-espionage operations against foreign embassies in Moscow by exploiting local ISPs.The Register