matlock.ca // THREAT INTELLIGENCE

110Articles

8Categories

2025-08-07Date

🐛

Researchers uncover RCE attack chains in popular enterprise credential vaults

CSOONLINE.COM — 07 Aug 2025

🐛

New Microsoft Exchange Server Vulnerability Allows Unauthorized Admin Privilege Escalation

GBHACKERS.COM — 07 Aug 2025

🐛

Akamai Ghost Platform Flaw Allows Hidden Second Request Injection

GBHACKERS.COM — 07 Aug 2025

🐛

HashiCorp Vault & CyberArk Conjur kompromittiert

CSOONLINE.COM — 07 Aug 2025

🐛

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment

SECURITYWEEK.COM — 07 Aug 2025

🐛

Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups

THEHACKERNEWS.COM — 07 Aug 2025

🐛

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day

THEHACKERNEWS.COM — 07 Aug 2025

🐛

CISA Warns of ‘ToolShell’ Exploitation Chain Targeting SharePoint Servers; IOCs and Detections Released

GBHACKERS.COM — 07 Aug 2025

🐛

CISA Issues ED 25-02: Mitigate Microsoft Exchange Vulnerability

CISA.GOV — Thu, 07 Aug 25 1

🐛

Hybrid Exchange environment vulnerability needs fast action

CSOONLINE.COM — 07 Aug 2025

🐛

CISA orders fed agencies to patch new Exchange flaw by Monday

BLEEPINGCOMPUTER.COM — 07 Aug 2025

🐛

Chromium: CVE-2025-8582 Insufficient validation of untrusted input in DOM

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

Chromium: CVE-2025-8581 Inappropriate implementation in Extensions

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

Chromium: CVE-2025-8580 Inappropriate implementation in Filesystems

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

Chromium: CVE-2025-8578 Use after free in Cast

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

Chromium: CVE-2025-8576 Use after free in Extensions

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

Chromium: CVE-2025-8583 Inappropriate implementation in Permissions

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

Chromium: CVE-2025-8579 Inappropriate implementation in Gemini Live in Chrome

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

Chromium: CVE-2025-8577 Inappropriate implementation in Picture In Picture

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

CVE-2025-53792 Azure Portal Elevation of Privilege Vulnerability

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

CVE-2025-53767 Azure OpenAI Elevation of Privilege Vulnerability

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

CVE-2025-53774 Microsoft 365 Copilot BizChat Information Disclosure Vulnerability

MSRC.MICROSOFT.COM — 07 Aug 2025

🐛

CVE-2025-53787 Microsoft 365 Copilot BizChat Information Disclosure Vulnerability

MSRC.MICROSOFT.COM — 07 Aug 2025

⚠️

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

THEHACKERNEWS.COM — 07 Aug 2025

⚠️

Durch Datenlecks verursachte Kosten sind gefallen

CSOONLINE.COM — 07 Aug 2025

⚠️

IT-Security-Jobs – 5 bittere Wahrheiten

CSOONLINE.COM — 07 Aug 2025

⚠️

Beef up AI security with zero trust principles

CSOONLINE.COM — 07 Aug 2025

⚠️

Google’s Salesforce Environment Compromised – User Information Exfiltrated

GBHACKERS.COM — 07 Aug 2025

⚠️

Hackers Exploit Social Engineering to Gain Remote Access in Just 5 Minutes

GBHACKERS.COM — 07 Aug 2025

⚠️

WhatsApp Removes 6.8 Million Accounts Over Malicious Activity Concerns

GBHACKERS.COM — 07 Aug 2025

⚠️

HTTP/1.1 Vulnerability Could Let Attackers Hijack Millions of Sites

GBHACKERS.COM — 07 Aug 2025

⚠️

6 ways hackers hide their tracks

CSOONLINE.COM — 07 Aug 2025

⚠️

Microsoft warns of high-severity flaw in hybrid Exchange deployments

BLEEPINGCOMPUTER.COM — 07 Aug 2025

⚠️

HeartCrypt-Packed ‘AVKiller’ Tool Actively Deployed in Ransomware Attacks to Disable EDR

GBHACKERS.COM — 07 Aug 2025

⚠️

New Active Directory Attack Method Bypasses Authentication to Steal Data

GBHACKERS.COM — 07 Aug 2025

⚠️

Air France and KLM disclose data breaches impacting customers

BLEEPINGCOMPUTER.COM — 07 Aug 2025

⚠️

‘Ghost Calls’ Attack Exploits Web Conferencing as Hidden Command-and-Control Channel

GBHACKERS.COM — 07 Aug 2025

⚠️

Cracking the Vault: how we found zero-day flaws in authentication, identity, and authorization in HashiCorp Vault

INFOSEC.PUB — 7 Aug 2025

⚠️

‘We too were breached,’ says Google, months after revealing Salesforce attacks

CSOONLINE.COM — 07 Aug 2025

⚠️

Air France, KLM Say Hackers Accessed Customer Data

SECURITYWEEK.COM — 07 Aug 2025

⚠️

Project Ire: Microsoft’s autonomous AI agent that can reverse engineer malware

CSOONLINE.COM — 07 Aug 2025

⚠️

Hackers Exploit Legitimate Drivers to Disable Antivirus and Weaken System Defenses

GBHACKERS.COM — 07 Aug 2025

⚠️

Gemini AI Exploited via Google Invite Prompt Injection to Steal Sensitive User Data

GBHACKERS.COM — 07 Aug 2025

⚠️

6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits

THEHACKERNEWS.COM — 07 Aug 2025

⚠️

Weaponizing Microsoft 365 Direct Send to Bypass Email Security Defenses

GBHACKERS.COM — 07 Aug 2025

⚠️

Google suffers data breach in ongoing Salesforce data theft attacks

SH.ITJUST.WORKS — 7 Aug 2025

⚠️

Weaponized npm Packages Target WhatsApp Developers with Remote Kill Switch

GBHACKERS.COM — 07 Aug 2025

⚠️

SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw

BLEEPINGCOMPUTER.COM — 07 Aug 2025

⚠️

CISA Releases Ten Industrial Control Systems Advisories

CISA.GOV — Thu, 07 Aug 25 1

⚠️

SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability

SECURITYWEEK.COM — 07 Aug 2025

⚠️

Hackers Exploit SVG Files with Embedded JavaScript to Deploy Malware on Windows Systems

GBHACKERS.COM — 07 Aug 2025

⚠️

CISA issues emergency directive requiring federal agencies to update systems to prevent Microsoft Exchange vulnerability

CISA.GOV — Thu, 07 Aug 25 1

⚠️

HashiCorp Vault 0-Day Flaws Enable Remote Code Execution Attacks

GBHACKERS.COM — 07 Aug 2025

⚠️

FBI Report: Attackers Are Sending Physical Packages with Malicious QR Codes

KNOWBE4.COM — 07 Aug 2025

📢

Windows tips for reducing the ransomware threat

CSOONLINE.COM — 07 Aug 2025

📢

Microsoft Exchange security advisory (AV25-490)

CYBER.GC.CA — 2025-08-07

📢

Black Hat USA 2025: Policy compliance and the myth of the silver bullet

WELIVESECURITY.COM — 07 Aug 2025

🔥

Akira ransomware abuses CPU tuning tool to disable Microsoft Defender

INFOSEC.PUB — 7 Aug 2025

🔥

SocGholish Uses Parrot and Keitaro TDS to Spread Malware via Fake Updates

GBHACKERS.COM — 07 Aug 2025

🔥

Data breach at French telecom giant Bouygues affects millions of customers

TECHCRUNCH.COM — 07 Aug 2025

🔥

KLM Confirms Customer Data Breach Linked to Third-Party System

SH.ITJUST.WORKS — 7 Aug 2025

🔥

Ukraine claims to have hacked secrets from Russia's newest nuclear submarine

SH.ITJUST.WORKS — 7 Aug 2025

🔥

Makop Ransomware Identified in Attacks in South Korea - ASEC

SH.ITJUST.WORKS — 7 Aug 2025

🔥

If Frameworks Are So Secure... Why Do We Still Get Hacked?

YOUTUBE.COM — 2025-08-07

🔥

Bouygues Telecom confirms data breach impacting 6.4 million customers

BLEEPINGCOMPUTER.COM — 07 Aug 2025

🔥

New EDR killer tool used by eight different ransomware groups

BLEEPINGCOMPUTER.COM — 07 Aug 2025

🔥

Splunk Unveils PLoB Tool to Detect Compromised Credential Usage

GBHACKERS.COM — 07 Aug 2025

🔥

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others

THEHACKERNEWS.COM — 07 Aug 2025

🔥

10 Best Red Teaming Companies for Advanced Attack Simulation in 2025

GBHACKERS.COM — 07 Aug 2025

🔥

Devices Are Attacking - PSW #886

KEVYOUTUBE.COM — 2025-08-07

🔥

The Shocking Truth About Double Ransom Attacks

YOUTUBE.COM — 2025-08-07

🔥

Tapjacking: How A Simple Click Can Destroy Your Data!

YOUTUBE.COM — 2025-08-07

🕵️

Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams

THEHACKERNEWS.COM — 07 Aug 2025

🕵️

Mass Internet Scanning from ASN 43350 [Guest Diary], (Thu, Aug 7th)

ISC.SANS.EDU — 07 Aug 2025

🕵️

ISC Stormcast For Thursday, August 7th, 2025 https://isc.sans.edu/podcastdetail/9560, (Thu, Aug 7th)

ISC.SANS.EDU — 07 Aug 2025

🕵️

News alert: SpyCloud’s AI-powered platform mimics veteran analysts, speeds threat detection

LASTWATCHDOG.COM — 07 Aug 2025

🕵️

Nvidia Denies Presence of Backdoors, Kill Switches, or Spyware in Its Chips

GBHACKERS.COM — 07 Aug 2025

🕵️

New HTTP Request Smuggling Attacks Impacted CDNs, Major Orgs, Millions of Websites

SECURITYWEEK.COM — 07 Aug 2025

🕵️

China Accuses Nvidia of Putting Backdoors into Their Chips

SCHNEIER.COM — 2025-08-07

🕵️

AccuKnox partners with SecuVerse.ai to deliver Zero Trust CNAPP Security for National Gaming Infrastructure

GBHACKERS.COM — 07 Aug 2025

🕵️

MY TAKE: The GenAI security crisis few can see — but these startups are quietly mapping the gaps

LASTWATCHDOG.COM — 07 Aug 2025

🕵️

IRGC-Linked Hackers Target Financial, Government, and Media Organizations

GBHACKERS.COM — 07 Aug 2025

🕵️

Anatomy of a Vishing Scam

KNOWBE4.COM — 07 Aug 2025

🕵️

Black Hat USA 2025 – Summary of Vendor Announcements (Part 3)

SECURITYWEEK.COM — 07 Aug 2025

🕵️

Why GitHub Actions Are a Cybersecurity Game-Changer

YOUTUBE.COM — 2025-08-07

🕵️

GenAI Used to Impersonate Brazil’s Govt Websites | ThreatLabz

SH.ITJUST.WORKS — 7 Aug 2025

🕵️

Shared secret: EDR killer in the kill chain – Sophos News

SH.ITJUST.WORKS — 7 Aug 2025

🕵️

ScarCruft Hacker Group Launches New Rust-Based Malware Attack Leveraging PubNub

GBHACKERS.COM — 07 Aug 2025

🕵️

Hacker Extradited to U.S. for $2.5 Million Tax Fraud Scheme

GBHACKERS.COM — 07 Aug 2025

🕵️

Announcing public preview: Phishing triage agent in Microsoft Defender

TECHCOMMUNITY.MICROSOFT.COM — 07 Aug 2025

🕵️

This is Why Tech Makes Money But Solves Nothing

YOUTUBE.COM — 2025-08-07

🕵️

Risk Velocity EXPLAINED in 15 Seconds! ⚡

YOUTUBE.COM — 2025-08-07

🕵️

Fake News at Lightspeed!

YOUTUBE.COM — 2025-08-07

🕵️

How Machine Learning Detects Living off the Land (LotL) Attacks

GBHACKERS.COM — 07 Aug 2025

🕵️

Is Cybercrime the Next Big Investment? 😳

YOUTUBE.COM — 2025-08-07

🕵️

Who's Still Making Money in Crypto? 🤔

YOUTUBE.COM — 2025-08-07

🕵️

HTTP/1.1 Must Die: What This Means for AppSec Leadership

INFOSEC.PUB — 7 Aug 2025

🌐

Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

THEHACKERNEWS.COM — 07 Aug 2025

🌐

UEBA rules in Kaspersky SIEM | Kaspersky official blog

KASPERSKY.COM — 07 Aug 2025

🌐

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

THEHACKERNEWS.COM — 07 Aug 2025

🎙️

Black Hat USA 2025: Does successful cybersecurity today increase cyber-risk tomorrow?

WELIVESECURITY.COM — 07 Aug 2025

📡

Microsoft accidentally confirms GPT-5, GPT-5-Mini, GPT-5-Nano ahead of launch

BLEEPINGCOMPUTER.COM — 07 Aug 2025

📡

Massive IPTV piracy service with 28,000 channels taken offline

BLEEPINGCOMPUTER.COM — 07 Aug 2025

📡

Anthropic targets DevSecOps with Claude Code update as AI rivals gear up

INFOWORLD.COM — 07 Aug 2025

📡

Cryptomixer founders pled guilty to laundering money for cybercriminals

BLEEPINGCOMPUTER.COM — 07 Aug 2025

📡

The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense

THEHACKERNEWS.COM — 07 Aug 2025

📡

Wave of 150 crypto-draining extensions hits Firefox add-on store

BLEEPINGCOMPUTER.COM — 07 Aug 2025

📡

ChatGPT's GPT-5 models released: everything you need to know

BLEEPINGCOMPUTER.COM — 07 Aug 2025

📡

Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job

SOPHOS.COM — 07 Aug 2025

📡

Fake WhatsApp developer libraries hide destructive data-wiping code

BLEEPINGCOMPUTER.COM — 07 Aug 2025