🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
16 AugRussian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer MalwareThe threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious payloads. Trustwave SpiderLabs said it recently observed an EncryptHub campaign that brings together social engineering and the exploitation …THEHACKERNEWS.COM
16 AugPoC Released for Fortinet FortiSIEM Command Injection FlawSecurity researchers have uncovered a severe pre-authentication command injection vulnerability in Fortinet’s FortiSIEM platform that allows attackers to completely compromise enterprise security monitoring systems without any credentials. The vulnerability, designated CVE-…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 6[−]
16 AugChinese Hackers Exploit Web Hosting Infrastructure for CyberattacksCisco Talos researchers have uncovered a sophisticated Chinese-speaking advanced persistent threat (APT) group, designated UAT-7237, that has been actively targeting web hosting infrastructure in Taiwan since at least 2022. The group demonstrates significant operational overlaps …GBHACKERS.COM
16 AugERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware InfrastructureCybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure. "The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injectio…THEHACKERNEWS.COM
16 AugHow Steam Quietly Shares Access to Your MachineMost people think Steam is just for gaming, but cybersecurity expert Doug White drops a shocking truth: it might be quietly acting like a global file-sharing service with access to your local system. This YouTube Short breaks down how Steam could be a hidden vulnerability running…YOUTUBE.COM
16 AugThe Call That Took Down a Hypervisor ☎️When hackers from Scattered Spider wanted access to critical systems, they didn’t look for exploits—they picked up the phone. This short reveals how one fake IT support call was enough to compromise an entire ESXi hypervisor, shutting down operations in retail and airline industr…YOUTUBE.COM
16 AugResearcher to release exploit for full auth bypass on FortiWebA security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. [...]BLEEPINGCOMPUTER.COM
16 AugWeekly Update 465Presently sponsored by: Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing How much tech stuff do I have sitting there in progress, literally just within arm's reach? I kick off this week's video going through it, and it&apos…TROYHUNT.COM
🔥 INCIDENT REPORTING 6[−]
16 AugSoupDealer Malware Bypasses Every Sandbox, AV's and EDR/XDR in Real-World Incidentssubmitted by cm0002 to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/soupdealer-malware-bypasses-every-sandbox/INFOSEC.PUB
16 AugExploring the Ransomware Ecosystem with Tammy HarperIn this episode of 'Cybersecurity Today,' the host welcomes Tammy Harper from Flair.io for an in-depth exploration into the ransomware ecosystem. Tammy, a seasoned threat intelligence researcher and certified dark web investigator, shines a light on the complex world of ransomwar…CYBERSECURITYTODAY.LIBSYN.COM
16 AugThreat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious PackagesA sophisticated phishing campaign targeting the maintainer of eslint-config-prettier, a widely-used npm package with over 3.5 billion downloads, resulted in malicious code being distributed to thousands of developer projects worldwide. The incident, discovered on July 18 by Rever…GBHACKERS.COM
16 AugHow Security Jargon Can Destroy Psychological SafetyIn this eye-opening short, Danielle shares a true CISO story about how “cool” cybersecurity talk accidentally sparked fear across an entire company. She explains how well-intentioned transparency turned into confusion and distrust — and why the wrong words can erode psychological…YOUTUBE.COM
16 AugExposing the Spiciest Data Breach EVER 🔥When a leading sex toy manufacturer suffers a security flaw, intimate user data gets exposed — profiles, private chats, even history logs. This Short dives into the bizarre yet serious world where ethical hackers uncover the truth… only to face backlash instead of thanks. A mix o…YOUTUBE.COM
16 AugWhen Test Environments Turn Into Hacker GoldminesIn this shocking real-world scenario, a “test” account wasn’t just for testing anymore—it held sensitive production data, turning it into a hacker’s dream target. Cybersecurity expert Kalyani Pawar shares how overlooked environments can become the weakest link in enterprise secur…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 5[−]
16 AugWatch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event)CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) app…SECURITYWEEK.COM
16 AugChatGPT Just Made Me Malware 😳When cybersecurity expert Rob Allen casually asked ChatGPT to write a C# loader for remote access, he didn’t expect to get fully functional reverse shell code — and the wild part? It bypassed Windows Defender like it didn’t exist. No signatures. No alerts. Just clean, running mal…YOUTUBE.COM
16 AugLLM chatbots trivial to weaponize for data theft, say boffinssubmitted by cm0002 to cybersecurity 2 points | 0 comments https://www.theregister.com/2025/08/15/llm_chatbots_trivial_to_weaponise/INFOSEC.PUB
16 AugMulti-Cloud Madness: The Security Gap You Can’t IgnoreIn less than 20 years, the cloud has gone from 3 simple AWS services to over 200 in every provider — and now multi-cloud is the new normal. In this clip, Yogi exposes how this explosion of complexity leaves massive security gaps, as engineers focus on building cool innovations bu…YOUTUBE.COM
16 AugMicrosoft’s AI Can Break Down Malware in SecondsMicrosoft has unveiled Project IRI — an autonomous AI that can reverse engineer malware without human help. In this clip, viewers will see how this prototype analyzes binaries, detects threats, and supports Defender with impressive precision. Perfect for cybersecurity professiona…YOUTUBE.COM
📡 INFOSEC NEWS 4[−]
16 AugOpenAI is improving ChatGPT voice modeChatGPT's Voice mode is already pretty good, but OpenAI is working on a new feature that will allow you to control how Voice mode actually works. [...]BLEEPINGCOMPUTER.COM
16 AugMicrosoft Teams to protect against malicious URLs, dangerous file typesMicrosoft recently revealed that it's currently enhancing protection against dangerous file types and malicious URLs in Teams chats and channels. [...]BLEEPINGCOMPUTER.COM
16 AugLeak: ChatGPT cheaper plan costs $4 or £3.50, might release everywhereOpenAI is working on a cheaper plan called ChatGPT Go, and we previously thought it would be just limited to a few regions like India, but that may not be the case. [...]BLEEPINGCOMPUTER.COM
16 AugOpenAI prepares Chromium-based AI browser to take on GoogleOpenAI is testing an AI-powered browser that uses Chromium as its underlying engine, and it could debut on macOS first. [...]BLEEPINGCOMPUTER.COM