matlock.ca // THREAT INTELLIGENCE — 2025-08-25

90Articles

10Categories

2025-08-25Date

🚨

CISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2024-8069 Citrix Session Recording Deserialization of Untrusted Data Vulnerability CVE-2024-8068 Citrix Session Recording Improper P…

KEVCISA.GOV — Mon, 25 Aug 25 1

🚨

Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage SystemExecutive summary People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military infrastructure networks. While these actors focus on large …

KEVCISA.GOV — 25 Aug 2025

🐛

PoC Exploit and Technical Analysis Published for Apple 0-Day RCE Vulnerability

GBHACKERS.COM — 25 Aug 2025

🐛

Critical Tableau Server Flaws Allows Malicious File Uploads

GBHACKERS.COM — 25 Aug 2025

🐛

BCP-04 Draft Preparation - Work-group session 25/08/2025 - Luxembourg

INFOSEC.PUB — 25 Aug 2025

🐛

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3

THEHACKERNEWS.COM — 25 Aug 2025

⚠️

6 wichtige Punkte für Ihren Incident Response Plan

CSOONLINE.COM — 25 Aug 2025

⚠️

Microsoft Copilot Agent Policy Flaw Lets Any User Access AI Agents

GBHACKERS.COM — 25 Aug 2025

⚠️

NIST Releases Lightweight Cryptography Standard for IoT Security

GBHACKERS.COM — 25 Aug 2025

⚠️

Happy Birthday Linux! 34 Years of Open-Source Power

GBHACKERS.COM — 25 Aug 2025

⚠️

From CVE To Cyber Attack In Minutes With AI: Cybersecurity Today

CYBERSECURITYTODAY.LIBSYN.COM — 25 Aug 2025

⚠️

BSI-Doppelstrategie für digitale Souveränität

CSOONLINE.COM — 25 Aug 2025

⚠️

How AI is reshaping cybersecurity operations

CSOONLINE.COM — 25 Aug 2025

⚠️

83% of CISOs say staff shortage is major issue for defense

CSOONLINE.COM — 25 Aug 2025

⚠️

Weekly Update 466

TROYHUNT.COM — 25 Aug 2025

⚠️

Hackers Exploit SendGrid to Steal User Login Credentials in Latest Attack

GBHACKERS.COM — 25 Aug 2025

⚠️

Rowhammer attack can backdoor AI models with one devastating bit flip

CSOONLINE.COM — 25 Aug 2025

⚠️

Oktane Preview with Harish Peri, Invisible Prompt Attacks, and the weekly news! - Hari... - ESW #421

YOUTUBE.COM — 2025-08-25

⚠️

Threat Actors Exploit Windows Scheduled Tasks for Stealthy Persistence Without Additional Tools

GBHACKERS.COM — 25 Aug 2025

⚠️

Chip Programming Firm Data I/O Hit by Ransomware

SECURITYWEEK.COM — 25 Aug 2025

⚠️

Multiple vtenext Flaws Allow Attackers to Bypass Authentication and Run Remote Code

GBHACKERS.COM — 25 Aug 2025

⚠️

Meet the unsung silent hero of cyber resilience you’ve been ignoring

CSOONLINE.COM — 25 Aug 2025

⚠️

0-Click Zendesk Flaw Lets Hackers Hijack Accounts and View All Tickets

GBHACKERS.COM — 25 Aug 2025

⚠️

⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More

THEHACKERNEWS.COM — 25 Aug 2025

⚠️

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

SH.ITJUST.WORKS — 25 Aug 2025

⚠️

Vulnerability-Lookup 2.15.0 released

INFOSEC.PUB — 25 Aug 2025

⚠️

Critical Docker Desktop flaw lets attackers hijack Windows hosts

BLEEPINGCOMPUTER.COM — 25 Aug 2025

⚠️

What Is a Hybrid Mesh Firewall and Why It Matters

PALOALTONETWORKS.COM — 25 Aug 2025

⚠️

Big Banks Can’t Even Hire Enough AppSec Experts 💻🔒

YOUTUBE.COM — 2025-08-25

⚠️

Need help with AI safety? Stay ahead of risks with these tools and frameworks

CSOONLINE.COM — 25 Aug 2025

⚠️

Munich Reinsurance unites global security teams to boost resilience, cut costs

CSOONLINE.COM — 25 Aug 2025

⚠️

2025 CSO Hall of Fame: Meg Anderson on AI, strategic security investments, and life after InfoSec

CSOONLINE.COM — 25 Aug 2025

⚠️

Hackers Disrupt Iranian Ships via Maritime Communication Terminals Exploiting MySQL Database

GBHACKERS.COM — 25 Aug 2025

⚠️

New Stealthy Malware Hijacking Cisco, TP-Link, and Other Routers for Remote Control

GBHACKERS.COM — 25 Aug 2025

⚠️

Farmers Insurance data breach impacts 1.1M people after Salesforce attack

BLEEPINGCOMPUTER.COM — 25 Aug 2025

⚠️

ThreatActors Leverage Google Classroom to Target 13,500 Organizations

GBHACKERS.COM — 25 Aug 2025

📋

Microsoft Confirms August 2025 Patch Slows Down Windows 11 24H2 and Windows 10

GBHACKERS.COM — 25 Aug 2025

📢

CISA Requests Public Feedback on Updated SBOM Guidance

SECURITYWEEK.COM — 25 Aug 2025

📢

Ubuntu security advisory (AV25-536)

CYBER.GC.CA — 2025-08-25

📢

Dell security advisory (AV25-538)

CYBER.GC.CA — 2025-08-25

📢

CISA ICS security advisories (AV25-537)

CYBER.GC.CA — 2025-08-25

📢

Red Hat security advisory (AV25-540)

CYBER.GC.CA — 2025-08-25

📢

IBM security advisory (AV25-539)

CYBER.GC.CA — 2025-08-25

🔥

Farmers Insurance Data Breach Impacts Over 1 Million People

SECURITYWEEK.COM — 25 Aug 2025

🔥

New macOS Installer Boasts Lightning-Fast Data Theft, Marketed on Dark Web

GBHACKERS.COM — 25 Aug 2025

🔥

Aspire Rural Health System Data Breach Impacts Nearly 140,000

SECURITYWEEK.COM — 25 Aug 2025

🔥

Hackers Use AI-Generated Summaries to Deliver Ransomware Payloads

GBHACKERS.COM — 25 Aug 2025

🔥

Fake Google Play Store Websites Deliver Potent RAT to Steal Sensitive Data

GBHACKERS.COM — 25 Aug 2025

🔥

Auchan retailer data breach impacts hundreds of thousands of customers

BLEEPINGCOMPUTER.COM — 25 Aug 2025

🔥

Autonomous SOC: Too Risky or the Future? 🤔

KEVYOUTUBE.COM — 2025-08-25

🔥

postMessaged and Compromised

MSRC.MICROSOFT.COM — 25 Aug 2025

🔥

Yemen Cyber Army hacker jailed after stealing millions of people’s data

GRAHAMCLULEY.COM — 25 Aug 2025

🕵️

ISC Stormcast For Monday, August 25th, 2025 https://isc.sans.edu/podcastdetail/9584, (Mon, Aug 25th)

ISC.SANS.EDU — 25 Aug 2025

🕵️

ghrc.io Appears to be Malicious

SH.ITJUST.WORKS — 25 Aug 2025

🕵️

Hackers Steal Windows Secrets and Credentials Undetected by EDR Detection

GBHACKERS.COM — 25 Aug 2025

🕵️

Arch Linux Project Responding to Week-Long DDoS Attack

SECURITYWEEK.COM — 25 Aug 2025

🕵️

BSI-E-Mail-Checker soll vor Hackern schützen

CSOONLINE.COM — 25 Aug 2025

🕵️

SASE Company Netskope Files for IPO

SECURITYWEEK.COM — 25 Aug 2025

🕵️

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

THEHACKERNEWS.COM — 25 Aug 2025

🕵️

Chinese Hacker Sentenced for Kill Switch Attack on Ohio Firm’s Global Network

GBHACKERS.COM — 25 Aug 2025

🕵️

Unmasking KorPlug Malware: TTPs, Control Flow, and Exposed IOCs

GBHACKERS.COM — 25 Aug 2025

🕵️

Hackers Abuse Python eval/exec Calls to Run Malicious Code

GBHACKERS.COM — 25 Aug 2025

🕵️

Poor Password Choices

SCHNEIER.COM — 2025-08-25

🕵️

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps

SECURITYWEEK.COM — 25 Aug 2025

🕵️

Arch Linux Services Hit by Week-Long DDoS Attack

GBHACKERS.COM — 25 Aug 2025

🕵️

Kimsuky APT Exposed: GPKI Certificates, Rootkits, and Cobalt Strike Assets Uncovered

GBHACKERS.COM — 25 Aug 2025

🕵️

New Android Spyware Masquerading as Antivirus Targets Business Executives

GBHACKERS.COM — 25 Aug 2025

🕵️

Attaxion Releases Agentless Traffic Monitoring for Immediate Risk Prioritization

GBHACKERS.COM — 25 Aug 2025

🕵️

Pakistani Hackers Back at Targeting Indian Government Entities

SECURITYWEEK.COM — 25 Aug 2025

🕵️

Legacy Protocols Still Run Our Critical Systems 😱

YOUTUBE.COM — 2025-08-25

🕵️

Chinese APT Leverages Proxy and VPN Services to Obfuscate Infrastructure

GBHACKERS.COM — 25 Aug 2025

🕵️

Only 7 Days Left for Early Bird Registration to the OpenSSL Conference 2025

GBHACKERS.COM — 25 Aug 2025

🕵️

From Crashes to Protection: The Test Suite Hack 💡

YOUTUBE.COM — 2025-08-25

🕵️

Proxyware Malware Poses as YouTube Video Download Site, Delivering Malicious JavaScript

GBHACKERS.COM — 25 Aug 2025

🕵️

News alert: Attaxion launches agentless traffic monitoring to flag threats and prioritize risk

LASTWATCHDOG.COM — 25 Aug 2025

🕵️

OneFlip: An Emerging Threat to AI that Could Make Vehicles Crash and Facial Recognition Fail

SECURITYWEEK.COM — 25 Aug 2025

🕵️

The Harsh Truth: Your Code Baby Is Ugly (But Secure!)

YOUTUBE.COM — 2025-08-25

🕵️

LLMs = The New Cyber Villains? 👀

YOUTUBE.COM — 2025-08-25

🕵️

Beware! Google Ads Promote Fake Tesla Websites Soliciting Fraudulent Deposits

GBHACKERS.COM — 25 Aug 2025

🕵️

UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats

THEHACKERNEWS.COM — 25 Aug 2025

🕵️

News alert: Global security leaders to convene at OpenSSL 2025 — final week for early-bird rates

LASTWATCHDOG.COM — 25 Aug 2025

🌐

Defending against malware persistence techniques with Wazuh

BLEEPINGCOMPUTER.COM — 25 Aug 2025

🌐

Malicious Android apps with 19M installs removed from Google Play

BLEEPINGCOMPUTER.COM — 25 Aug 2025

🌐

A new security flaw in TheTruthSpy phone spyware is putting victims at risk

TECHCRUNCH.COM — 25 Aug 2025

🌐

Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads

THEHACKERNEWS.COM — 25 Aug 2025

🎙️

Wide World of Cyber: Microsoft's China Entanglement

RISKY.BIZ — 25 Aug 2025

📡

Reading Location Position Value in Microsoft Word Documents, (Mon, Aug 25th)

ISC.SANS.EDU — 25 Aug 2025

📡

Why SIEM Rules Fail and How to Fix Them: Insights from 160 Million Attack Simulations

THEHACKERNEWS.COM — 25 Aug 2025

📡

New AI attack hides data-theft prompts in downscaled images

BLEEPINGCOMPUTER.COM — 25 Aug 2025

📡

Surge in coordinated scans targets Microsoft RDP auth servers

BLEEPINGCOMPUTER.COM — 25 Aug 2025