🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
10 AugResearchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege EscalationCybersecurity researchers have presented new findings related to a now-patched security issue in Microsoft's Windows Remote Procedure Call (RPC) communication protocol that could be abused by an attacker to conduct spoofing attacks and impersonate a known server. The vulnerabilit…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 6[−]
10 AugLinux-Based Lenovo Webcams’ Flaw Can Be Remotely Exploited for BadUSB AttacksCybersecurity researchers have disclosed vulnerabilities in select model webcams from Lenovo that could turn them into BadUSB attack devices. "This allows remote attackers to inject keystrokes covertly and launch attacks independent of the host operating system," Eclypsium resear…THEHACKERNEWS.COM
10 AugAPT Sidewinder Mimics Government and Military Agencies to Steal Login CredentialsCybersecurity researchers have uncovered an extensive phishing campaign orchestrated by APT Sidewinder, a persistent threat actor believed to originate from South Asia, targeting government and military institutions across Bangladesh, Nepal, and Turkey through sophisticated crede…GBHACKERS.COM
10 AugDisney’s Copyright Police Don’t Mess Around 🐭💼In this shocking short story, Doug White recounts a true incident where a Japanese student received a terrifying legal threat from Disney—for using a simple Minnie Mouse image on her website in 1998. Only four people saw it, but that didn’t stop Disney from sending one of the har…YOUTUBE.COM
10 AugNorth Korea’s Cyber Army Is Attacking Web3North Korea’s Lazarus Group is no ordinary hacking crew—they’re a state-sponsored cyber army. In this explosive short, Aaran breaks down how they’re targeting Web3, exploiting DeFi vulnerabilities, and hijacking DAOs to siphon millions. With their relentless adaptability and adva…YOUTUBE.COM
10 AugGoogle Hacked – Approx 2.5 Million Records of Google Ads Customer Data LeakedGoogle has disclosed a significant data breach involving one of its corporate Salesforce instances, compromising customer data tied to its Google Ads platform. Google has not revealed the exact number of people impacted, but according to ShinyHunters, who spoke with Cyber Securit…GBHACKERS.COM
10 AugAI Was Supposed to Help… But It Backfired! 🤖💥In this surprising twist, cybersecurity expert Doug White breaks down a recent academic study revealing that AI tools actually made experienced open source developers 19% slower. With over 246 tasks analyzed, the devs using AI fell behind their non-AI counterparts in performance—…YOUTUBE.COM
🔥 INCIDENT REPORTING 1[−]
10 AugThe inside story of the Telemessage saga, and how you can view the datasubmitted by PhilipTheBucket to cybersecurity 1 points | 0 comments https://www.theregister.com/2025/08/10/telemessage_archive_online/ It turns out no one was clean on OPSEC DEF CON On Saturday at DEF CON, security boffin Micah Lee explained just how he hacked into TeleMessage, t…SH.ITJUST.WORKS
🕵️ THREAT INTELLIGENCE 9[−]
10 AugResearchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop ModelsCybersecurity researchers have uncovered multiple security flaws in Dell's ControlVault3 firmware and its associated Windows APIs that could have been abused by attackers to bypass Windows login, extract cryptographic keys, as well as maintain access even after a fresh operating …THEHACKERNEWS.COM
10 AugClickFix macOS Malware Targets User Login CredentialsSecurity researchers have identified a new malware campaign targeting macOS users through a sophisticated ClickFix technique that combines phishing and social engineering to steal cryptocurrency wallet details, browser credentials, and sensitive personal data. The Odyssey Stealer…GBHACKERS.COM
10 AugCISO Survival Guide: Control What You CanIn a world of nonstop cybersecurity threats and volatility, Alla Valente breaks down the 3 critical zones of risk every CISO must navigate: the enterprise, the ecosystem, and the externalities. When everything feels like it’s falling apart at once, this survival guide reminds lea…YOUTUBE.COM
10 AugGoogle Paid Ads for Fake Tesla Websites, (Sun, Aug 10th)In recent media events, Tesla has demoed progressively more sophisticated versions of its Optimus robots. The sales pitch is pretty simple: "Current AI" is fun, but what we really need is not something to create more funny kitten pictures. We need AI to load and empty dishwashers…ISC.SANS.EDU
10 Aug“CEO Got Robbed by a Hooker in Vegas” – Don’t Fall for It!When a fake emergency email claimed the CEO was stranded in Vegas after being robbed by a hooker, one cybersecurity expert had a clear message: “Just say no.” This short reveals how modern hackers don’t need malware – they just need your trust. Aaran breaks down a real-world soci…YOUTUBE.COM
10 AugYour Bank's Bot Just Screwed You… Legally!When Joshua Marpet breaks down how liability shifts in AI-powered financial advice, cybersecurity professionals better take notes. In this short, he explains how robo-advisors operate without licenses—meaning if they mess up, you pay the price, not the bank. A sharp warning about…YOUTUBE.COM
10 AugExistential Dread But Make It AI 💀When Doug White breaks down the latest AI safety scores, things get chilling fast. According to the Future of Life Institute, no major AI firm scored higher than a D in existential safety planning. That’s right — a D. As Doug dives into the scary world of AGI, self-replicating AI…YOUTUBE.COM
10 AugFrom Freud to Mecha-Hitler: AI’s Identity Crisis ExplainedWhen cybersecurity expert Doug White warns that LLMs are “sociopaths pretending to care,” it’s not just a hot take—it’s a reality check. This short dives into the dark side of AI personas, from virtual therapists like “Dr. Penguin” to twisted roleplay as “Mecha-Hitler.” These mod…YOUTUBE.COM
10 AugImagine AI Watching Your Screen 24/7. Now Stop Imagining.An app that takes constant screenshots of your screen, analyzes them with AI, and lets you search your digital life like a surveillance reel? Doug White breaks down this eerie new tech that might already be running on your device—without you even realizing it. Cybersecurity pros,…YOUTUBE.COM
📡 INFOSEC NEWS 2[−]
10 AugAfter researchers unmasked a prolific SMS scammer, a new operation has emerged in its wakeSecurity researchers are now sounding the alarm on a new SMS text message fraud operation, which is surging in popularity — and its ability to steal people's credit cards — since the demise of its predecessor.TECHCRUNCH.COM
10 AugGoogle Calendar invites let researchers hijack Gemini to leak user dataGoogle fixed a bug that allowed maliciously crafted Google Calendar invites to remotely take over Gemini agents running on the target's device and leak sensitive user data. [...]BLEEPINGCOMPUTER.COM