🚨 CISA KEV 2[−]
26 Aug KEVCISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and GitThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws impacting Citrix Session Recording and Git to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follo…THEHACKERNEWS.COM
26 Aug KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-7775 Citrix NetScaler Memory Overflow Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
26 AugPhpSpreadsheet Library Vulnerability Lets Attackers Inject Malicious HTML InputA critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in the popular PhpSpreadsheet library, allowing attackers to inject malicious HTML input when processing spreadsheet documents. The vulnerability, assigned CVE-2025-54370, affects multi…GBHACKERS.COM
26 Aug KEVCISA Alerts on Git Arbitrary File Write Flaw Actively ExploitedThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical vulnerability in Git (CVE-2025-48384) that enables arbitrary file writes and has already been observed in active exploitation campaigns. The flaw arises from Git’s inconsis…GBHACKERS.COM
26 AugPoC Exploit Published for Chrome 0-Day Already Under Active AttackA proof-of-concept exploit for a high-severity Google Chrome zero-day vulnerability has been published publicly, less than three months after the flaw was first disclosed, amid reports of active in-the-wild exploitation. The vulnerability, tracked as CVE-2025-5419, stems from out…GBHACKERS.COM
26 Aug KEVCitrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild. The vulnerabilities in question are listed below - CVE-2025-7775 (CVSS score: 9.2) - Memory overflow vulnerability…THEHACKERNEWS.COM
26 AugCritical Docker Desktop flaw allows container escapeUsers of Docker Desktop on Windows and Mac are urged to upgrade to the latest version to patch a critical vulnerability that could allow an attacker to break the container isolation layer and potentially take over the host system. The flaw could also be exploited remotely through…CSOONLINE.COM
26 Aug KEVCitrix fixes critical NetScaler RCE flaw exploited in zero-day attacksCitrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as CVE-2025-7775 that was actively exploited in attacks as a zero-day vulnerability. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 29[−]
26 AugWarum das SOC in der Krise steckt – und wie Sie das ändern669226129 Gorodenkoff | shutterstock.com Trotz Millioneninvestitionen in Security Operations Center (SOCs) und modernsten Detection-Technologien sind Breaches weiterhin an der Tagesordnung – Tendenz weiterhin steigend. In meiner Erfahrung reagiert nur etwa jedes zwanzigste SOC ef…CSOONLINE.COM
26 Aug KEVCISA Issues Alert on Citrix Flaws Actively Exploited by HackersThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert after adding three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog on August 25, 2025. The alert highlights active exploitation of two serious Citrix Sess…GBHACKERS.COM
26 AugBehind the Coinbase breach: Bribery emerges as enterprise threatOn May 11, cryptocurrency exchange giant Coinbase “received an email communication from an unknown threat actor claiming to have obtained information about certain Coinbase customer accounts, along with internal Coinbase documentation, including materials relating to customer-ser…CSOONLINE.COM
26 AugShadow AI is surging — getting AI adoption right is your best defenseAI adoption in the enterprise is no longer theoretical. It is already happening, whether organizations are ready or not. Employees are using publicly available AI tools to complete real work. They are summarizing documents, writing emails, generating reports, translating material…CSOONLINE.COM
26 AugOrganizations Warned of Exploited Git VulnerabilityCISA urges federal agencies to immediately patch an exploited arbitrary file write vulnerability in Git that leads to remote code execution. The post Organizations Warned of Exploited Git Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
26 AugTranslating Security Regulations into Secure Projects - Emily Fox, Roman Zhukov - ASW #345The EU Cyber Resilience Act joins the long list of regulations intended to improve the security of software delivered to users. Emily Fox and Roman Zhukov share their experience education regulators on open source software and educating open source projects on security. They talk…YOUTUBE.COM
26 AugHOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote CommandsCybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages. "A prominent characteristic of the latest variant is its capacity to deploy a full-screen ransomware over…THEHACKERNEWS.COM
26 AugUsers of WhatsApp Desktop on Windows Face Code Execution Risk Via PythonA critical security risk has emerged for Windows users of WhatsApp Desktop who also have Python installed. Attackers can exploit a flaw in how WhatsApp Desktop handles .pyz (Python archive) files, delivering arbitrary code execution on the victim’s machine with a single click. Re…GBHACKERS.COM
26 AugDocker Desktop Vulnerability Leads to Host CompromiseA critical vulnerability in Docker Desktop allows attackers to modify the filesystem of Windows hosts to become administrators. The post Docker Desktop Vulnerability Leads to Host Compromise appeared first on SecurityWeek .SECURITYWEEK.COM
26 AugCyberattack on state systems bring Nevada’s official websites & phone lines down; officials rely on social media to issue updatessubmitted by Pro to cybersecurity 1 points | 0 comments cross-posted from: programming.dev/post/36349616 Source .SH.ITJUST.WORKS
26 AugShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto MinersA new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners. The l…THEHACKERNEWS.COM
26 AugRache am Arbeitgeber bringt Entwickler vier Jahre in den KnastWelche Konsequenzen es haben kann, wenn technisch versierte IT-Fachkräfte zum Innentäter werden, hat die Eaton Corporation am eigenen Leib erfahren. JHVEPhoto | shutterstock.com Wenn unzufriedene Mitarbeitende sich digital an ihrem Arbeitgeber vergehen , kann das für beide Seiten…CSOONLINE.COM
26 AugWeaponized PuTTY Delivered via Malicious Bing Ads Targets Kerberos and Active Directory ServicesCybersecurity incidents increasingly exploit human vulnerabilities, including those of privileged users, as demonstrated in recent compromises involving trojanized versions of the PuTTY SSH client distributed through malvertising on Microsoft’s Bing search engine. LevelBlue…GBHACKERS.COM
26 Aug KEVCISA warns of actively exploited Git code execution flawThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the Git distributed version control system. [...]BLEEPINGCOMPUTER.COM
26 AugCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on August 26, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-238-01 INVT VT-Designer and HMITool ICSA-25-238-03 Schneider Elect…CISA.GOV
26 AugThe AI Fix #65: Excel Copilot will wreck your data, and can AI fix social media?In episode 65 of The AI Fix, a pigeon gives a PowerPoint presentation, Mark plays Graham a song about the Transformer architecture, a robot dog delivers parcels, some robots fall over at the World Humanoid Robot Games, and Graham takes credit for one of computing’s greatest insig…GRAHAMCLULEY.COM
26 AugRandom Inputs = Remote Code Execution?! 😱In this short, Artur Cygan breaks down how fuzzing—feeding random inputs into software—can actually lead to one of the scariest outcomes in cybersecurity: remote code execution. He explains why simple program crashes often hide deeper dangers like memory corruption and why fuzzin…YOUTUBE.COM
26 AugNew Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base StationA team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB). The attack, per the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and De…THEHACKERNEWS.COM
26 AugSalesloft breached to steal OAuth tokens for Salesforce data-theft attacksHackers breached sales automation platform Salesloft to steal OAuth and refresh tokens from its Drift chat agent integration with Salesforce to pivot to customer environments and exfiltrate data. The ShinyHunters extortion group claims responsibility for these additional Salesfor…BLEEPINGCOMPUTER.COM
26 AugESET Research: The first AI-powered(LLM) ransomware has been discovered- PromptLock.submitted by Pro to cybersecurity 2 points | 0 comments cross-posted from: programming.dev/post/36376329 SourceSH.ITJUST.WORKS
26 AugGoogle to verify all Android devs to block malware on Google PlayGoogle is introducing a new defense for Android called 'Developer Verification' to block malware installations from sideloaded apps sourced from outside the official Google Play app store. [...]BLEEPINGCOMPUTER.COM
26 AugNew ZipLine Campaign Targets Critical Manufacturing Firms with In-Memory MixShell MalwareCheck Point Research has uncovered a highly persistent phishing operation dubbed ZipLine, which reverses traditional attack vectors by exploiting victims’ own “Contact Us” web forms to initiate seemingly legitimate business communications. Targeting primarily U.…GBHACKERS.COM
26 AugAttackers steal data from Salesforce instances via compromised AI live chat toolA threat actor managed to obtain Salesforce OAuth tokens from a third-party integration called Salesloft Drift and used the tokens to download large volumes of data from impacted Salesforce instances. One of the attacker’s goals was to find and extract additional credentials stor…CSOONLINE.COM
26 AugMultiple Vulnerabilities in Microsoft Products Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user o…CISECURITY.ORG
26 AugMultiple Vulnerabilities in Commvault Backup & Recovery Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Commvault Backup & Recovery, which when chained together, could allow for remote code execution. Commvault Backup & Recovery is a comprehensive data protection solution that offers a range of services for safeguarding data across v…CISECURITY.ORG
26 AugA Vulnerability in Git Could Allow for Remote Code ExecutionA vulnerability has been discovered in Git, which could allow for remote code execution. Git is a free and open-source distributed version control system (VCS). It is designed to track changes in source code during software development and is widely used for coordinating work amo…CISECURITY.ORG
26 AugGoogle to verify all Android devs to protect users from malwareGoogle is introducing a new defense for Android called 'Developer Verification' to block malware installations from sideloaded apps sourced from outside the official Google Play app store. [...]BLEEPINGCOMPUTER.COM
26 AugMultiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large…CISECURITY.ORG
26 AugA Vulnerability in Apple Products Could Allow for Arbitrary Code ExecutionA vulnerability has been discovered in Apple products which could allow for arbitrary code execution. Successful exploitation could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could the…CISECURITY.ORG
📢 SECURITY ADVISORIES 11[−]
26 AugMaryland Transportation Systems Disrupted Following CyberattackMaryland’s transit network experienced widespread disruption this week after a sophisticated cyberattack targeted critical information systems, forcing the Maryland Transit Administration (MTA) and the Department of Information Technology (DoIT) to scramble containment efforts. W…GBHACKERS.COM
26 AugMicrosoft Launches Tool to Migrate VMware VMs From vCenter to Hyper-VMicrosoft today announced the public preview of a new VM Conversion extension for Windows Admin Center, enabling IT administrators to migrate virtual machines from VMware vCenter to Hyper-V with minimal downtime. Available at no cost during its preview phase, the lightw…GBHACKERS.COM
26 AugNIS2 und der Mittelstand: Zwischen Pflicht und PraxisCyberkriminalität ist und bleibt ein einträgliches Geschäft – eines, das zu einem wachsenden Problem wird. Knapp 179 Milliarden Euro Schaden sind in Deutschland im Jahr 2024 durch Phishing & Co. entstanden. Und angesichts der politischen Weltlage rückt auch das Thema Digitale…CSOONLINE.COM
26 AugBeyond GDPR security training: Turning regulation into opportunityDiscover how GDPR compliance can spark real growth and give you a competitive advantage with practical strategies and a strong security culture. [...]BLEEPINGCOMPUTER.COM
26 AugDOGE uploaded live copy of Social Security database to ‘vulnerable’ cloud server, says whistleblowerThe Social Security Administration's chief data officer publicly blew the whistle, saying DOGE put hundreds of millions of Social Security records at risk by uploading a critical government database of citizen's data to Amazon's cloud.TECHCRUNCH.COM
🔥 INCIDENT REPORTING 12[−]
26 AugPalo Alto Networks Named a Leader in WW Incident Response ServicesIDC recognizes Unit 42’s ability to integrate threat intelligence, technology and rapid response to deliver cyber resilience at a global scale. The post Palo Alto Networks Named a Leader in WW Incident Response Services appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
26 AugFrench Retailer Auchan Hit by Cyberattack, Customer Data CompromisedFrench retail giant Auchan announced on August 21 that it fell victim to a cyberattack that resulted in the theft of loyalty account information belonging to several hundred thousand customers. The company revealed in an official statement that attackers acces…GBHACKERS.COM
26 AugDas kostet ein Data Breach 2025width="2028" height="1141" sizes="auto, (max-width: 2028px) 100vw, 2028px"> Laut einer aktuellen Studie liegen die durchschnittlichen Kosten einer Datenpanne in Deutschland bei 3,87 Millionen Euro. photoschmidt – shutterstock.com Laut dem aktuellen „Cost of a Data Breach“- Report…CSOONLINE.COM
26 AugHundreds of Thousands Affected by Auchan Data BreachAuchan confirms that the personal information of hundreds of thousands of customers was stolen in a data breach. The post Hundreds of Thousands Affected by Auchan Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
26 AugHealthcare Services Group Data Breach Impacts 624,000The personal information of many individuals was stolen from Healthcare Services Group’s computer systems in 2024. The post Healthcare Services Group Data Breach Impacts 624,000 appeared first on SecurityWeek .SECURITYWEEK.COM
26 AugNissan confirms design studio data breach claimed by Qilin ransomwareNissan Japan has confirmed to BleepingComputer that it suffered a data breach following unauthorized access to a server of one of its subsidiaries, Creative Box Inc. (CBI). [...]BLEEPINGCOMPUTER.COM
26 AugBig-Tech-Zulieferer meldet Ransomware-AttackeDer Anbieter für Programmiersysteme Data I/O wurde kürzlich von einem Cyberangriff getroffen. Dabei wurden möglicherweise Daten gestohlen. janews – shutterstock.com Data I/O bietet Programmierlösungen für Flash-Speicher und Mikrocontroller an. Zu den Kunden zählen diverse namhaft…CSOONLINE.COM
26 AugDenial of Service on Energy Systems… Scary Truth 😱 #cybersecurityWhen Matthew Rogers explains what happens if denial of service hits an energy system, the scary truth comes out: controllers may freeze, shut down, or trigger emergencies depending on vendor design. This short exposes why cybersecurity pros must ask the right questions before tru…YOUTUBE.COM
26 AugNew Hook Android Banking Malware Emerges with Advanced Features and 107 Remote CommandsZimperium’s zLabs research team has identified a sophisticated new variant of the Hook Android banking trojan, marking a significant escalation in mobile threat sophistication. This iteration incorporates ransomware-style overlays that display extortion messages, demanding paymen…GBHACKERS.COM
26 AugNevada closes state offices as cyberattack disrupts IT systemsNevada remains two days into a cyberattack that began early Sunday, disrupting government websites, phone systems, and online platforms, and forcing all state offices to close on Monday. [...]BLEEPINGCOMPUTER.COM
26 AugVelociraptor incident response tool abused for remote accessThis approach represents an evolution from threat actors abusing remote monitoring and management toolsSOPHOS.COM
26 AugFirst known AI-powered ransomware uncovered by ESET ResearchThe discovery of PromptLock shows how malicious use of AI models could supercharge ransomware and other threatsWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 27[−]
26 AugISC Stormcast For Tuesday, August 26th, 2025 https://isc.sans.edu/podcastdetail/9586, (Tue, Aug 26th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
26 AugHackers Scan Over 1,000 IPs to Target Microsoft Remote Desktop Web AccessA sophisticated scanning campaign has escalated dramatically, with threat intelligence firm GreyNoise detecting over 30,000 unique IP addresses simultaneously probing Microsoft Remote Desktop Protocol (RDP) services on August 24, 2024. This represents a significant expa…GBHACKERS.COM
26 AugFTC Calls on Tech Firms to Resist Foreign Anti-Encryption DemandsTech giants have received a letter from the FTC urging them not to weaken security and privacy at the request of foreign governments. The post FTC Calls on Tech Firms to Resist Foreign Anti-Encryption Demands appeared first on SecurityWeek .SECURITYWEEK.COM
26 AugX/Twitter Found to Be Most Aggressive Social Media App in Tracking User Location DataA comprehensive study examining the location data practices of the top 10 social media platforms has uncovered concerning patterns of user tracking that extend far beyond what most users realize. The research, which analyzed App Store disclosures from major platforms including X,…GBHACKERS.COM
26 AugAI Systems Vulnerable to Prompt Injection via Image Scaling AttackResearchers show how popular AI systems can be tricked into processing malicious instructions by hiding them in images. The post AI Systems Vulnerable to Prompt Injection via Image Scaling Attack appeared first on SecurityWeek .SECURITYWEEK.COM
26 AugChinese UNC6384 Hackers Use Valid Code-Signing Certificates to Evade DetectionGoogle Threat Intelligence Group (GTIG) has uncovered a multifaceted cyber espionage operation attributed to the PRC-nexus threat actor UNC6384, believed to be associated with TEMP.Hex (also known as Mustang Panda). This campaign, aligned with China’s strategic interests, p…GBHACKERS.COM
26 AugWhy SIEM Rules Fail and How to Fix Them: Insights from 160 Million Attack Simulationssubmitted by Amoxtli to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/08/why-siem-rules-fail-and-how-to-fix-them.html?m=1SH.ITJUST.WORKS
26 AugEncryption Backdoor in Military/Police RadiosI wrote about this in 2023. Here’s the story : Three Dutch security analysts discovered the vulnerabilities—five in total—in a European radio standard called TETRA (Terrestrial Trunked Radio), which is used in radios made by Motorola, Damm, Hytera, and others.…SCHNEIER.COM
26 AugThreat Actors Update Android Droppers to Remain Effective with Even Simple MalwareThreat actors are increasingly refining Android droppers to circumvent enhanced security measures, extending their utility beyond sophisticated banking trojans to simpler malware variants like SMS stealers and basic spyware. Historically, droppers served as innocuous entry points…GBHACKERS.COM
26 AugBeware! Fake Google Play Store Sites Used to Spread Android MalwareCybersecurity researchers have identified a resurgence of SpyNote malware campaigns targeting Android users through sophisticated fake Google Play Store websites. The malicious actor behind these attacks has implemented new anti-analysis techniques and expanded their deceptive ta…GBHACKERS.COM
26 AugChinese Hackers Hijack Web Traffic to Spy on Foreign Diplomatssubmitted by Pro to cybersecurity 1 points | 0 comments https://cloud.google.com/blog/topics/threat-intelligence/prc-nexus-espionage-targets-diplomats cross-posted from: programming.dev/post/36349920 In March 2025, Google Threat Intelligence Group (GTIG) identified a complex, mul…SH.ITJUST.WORKS
26 AugMalware-ridden apps made it into Google's Play Store, scored 19 million downloadssubmitted by nemeski to cybersecurity 2 points | 0 comments https://www.theregister.com/2025/08/26/apps_android_malware/SH.ITJUST.WORKS
26 AugDSLRoot, Proxies, and the Threat of ‘Legal Botnets’The cybersecurity community on Reddit responded in disbelief this month when a self-described Air National Guard member with top secret security clearance began questioning the arrangement they'd made with company called DSLRoot, which was paying $250 a month to plug a pair of la…KREBSONSECURITY.COM
26 AugOneFlip Attack Backdoors AI Systems by Flipping a Single Bit in Neural NetworksCYFIRMA researchers have uncovered a campaign they have codenamed “OneFlip”, an operation that demonstrates how a single-bit modification inside a seemingly benign file can be enough to re-pivot a neural-network-driven security workflow and open a backdoor on the underlying host.…GBHACKERS.COM
26 AugBeyond the Prompt: Building Trustworthy Agent SystemsBuilding secure AI agent systems requires a disciplined engineering approach focused on deliberate architecture and human oversight. The post Beyond the Prompt: Building Trustworthy Agent Systems appeared first on SecurityWeek .SECURITYWEEK.COM
26 AugAppSec Involvement: Too Early or Too Late Can Cost Millions 💸When the AppSec team joins too early, developers lose time. When they join too late, the company risks massive vulnerabilities. In this short, Farshad Abasi breaks down the 3 key stages where AppSec must step in — from design changes to sensitive user stories and high-risk vulner…YOUTUBE.COM
26 AugCyberheistNews Vol 15 #34 [Watch Out] That Urgent Payroll Update Alert? It's a Phishing AttackKNOWBE4.COM
26 AugGoogle Introduces Enhanced Developer Verification for Play Store App DistributionGoogle has announced that all Android apps installed on approved devices will soon need to be able to be traced back to a verified developer identity in an effort to combat the growing wave of financial fraud operations and mobile viruses. The policy, scheduled to roll out in sel…GBHACKERS.COM
26 AugSecuring and governing the rise of autonomous agentsIn this blog you will hear directly from Corporate Vice President and Deputy Chief Information Security Officer (CISO) for Identity, Igor Sakhnov, about how to secure and govern autonomous agents. This blog is part of a new ongoing series where our Deputy CISOs share their thoug…MICROSOFT.COM
26 AugThis Golang Security Feature Breaks AI Models 💥AI might be powerful, but it’s not perfect. In this short, Louis from PentesterLab reveals how Golang’s new security feature, os.openroot, is invisible to AI models because their training data is outdated. This means AI completely misses a defense released just months ago—somethi…YOUTUBE.COM
26 AugSecurden Unified PAM Flaw Allows Attackers to Bypass AuthenticationSecurden Unified PAM is a comprehensive privileged access management platform that is used to store, manage, and monitor credentials across human, machine, and AI identities in a variety of environments. Security researchers discovered four critical vulnerabilities in this platfo…GBHACKERS.COM
26 AugWhen AI Outcodes Humans… Who Secures It? 🤔AI is now writing billions of lines of code every day, but who’s securing it? This short explores the hidden risks of AI-generated software, where more code means more vulnerabilities, regressions, and security gaps. Cybersecurity professionals are bracing for the moment AI offic…YOUTUBE.COM
26 AugChina-Based Threat Actor Mustang Panda’s TTPs LeakedA significant milestone for cybersecurity experts is the disclosure of specific tactics, methods, and procedures (TTPs) used by Mustang Panda, an advanced persistent threat (APT) group based in China, which has illuminated their intricate activities. First observed in 2017 but po…GBHACKERS.COM
26 AugThreat Actors Leverage AI Agents to Conduct Social Engineering AttacksCybersecurity landscapes are undergoing a paradigm shift as threat actors increasingly deploy agentic AI systems to orchestrate sophisticated social engineering attacks. Unlike reactive generative AI models that merely produce content such as deepfakes or phishing emails, agentic…GBHACKERS.COM
26 AugAPT36 Targets Indian BOSS Linux Using Weaponized .desktop Shortcut FilesResearchers have unveiled ONEFLIP, a novel inference-time backdoor attack that compromises full-precision deep neural networks (DNNs) by flipping just one bit in the model’s weights, marking a significant escalation in the practicality of hardware-based attacks on AI system…GBHACKERS.COM
26 AugNaughty RBG, Docker, RDP, SBOMS, Kullback-Leibler, Oneflip, Youtube, Josh Marpet... - SWN #506Naughty RBG, Docker, RDP, SBOMS, Kullback-Leibler, Oneflip, Youtube, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-506YOUTUBE.COM
26 AugSilk Typhoon hackers hijack network captive portals in diplomat attacksState-sponsored hackers linked to the Mustang Panda activity cluster targeted diplomats by hijacking web traffic to redirect to a malware serving website. [...]BLEEPINGCOMPUTER.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
26 AugMixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain ManufacturersCybersecurity researchers are calling attention to a sophisticated social engineering campaign that's targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check Point Research. "Instead of se…THEHACKERNEWS.COM
📡 INFOSEC NEWS 9[−]
26 AugGoogle to Verify All Android Developers in 4 Countries to Block Malicious AppsGoogle has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store. "Android will require all apps to be registered by verified developers in order to be installed by use…THEHACKERNEWS.COM
26 AugAlleged mastermind behind K-Pop celebrity stock heist extradited to South KoreaA suspected hacker, believed to be the mastermind behind an organised campaign of attacks that stole millions of dollars worth of stocks from celebrities, including BTS singer Jung Kook, has been extradited to South Korea. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
26 AugSecurity researcher maps hundreds of TeslaMate servers spilling Tesla vehicle dataA security researcher mapped TeslaMate servers that are publicly exposed to the internet, including sensitive Tesla vehicle data, such as their locations.TECHCRUNCH.COM
26 AugHow to remove your information from personal data brokers' databases | Kaspersky official blogData brokers build detailed dossiers on you. Where do they get the data, and how can you delete it?KASPERSKY.COM
26 AugGetting a Better Handle on International Domain Names and Punycode, (Tue, Aug 26th)International domain names (IDN) continue to be an interesting topic. For the most part, they are probably less of an issue than some people make them out to be, given that popular browsers like Google Chrome are pretty selective in displaying them. But on the other hand, they ar…ISC.SANS.EDU
26 AugTrend Vision One Integrates Microsoft Defender for EndpointDiscover how Trend Vision One integrates with Microsoft Defender for Endpoint to unify visibility, close security gaps, and accelerate risk mitigation - maximizing protection without replacing existing tools.TRENDMICRO.COM