🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
28 Aug KEVAttackers exploiting NetScaler ADC and Gateway zero day flaw, Citrix warnsCitrix NetScaler ADC and NetScaler Gateway customers have been hit by a new round of zero day vulnerabilities that require urgent patching, including one the company warned is being actively exploited. That exploitation alert makes the highest priority flaw, CVE-2025-7775, the on…CSOONLINE.COM
28 Aug KEVOver 28,000 Citrix Servers at Risk from Active 0-Day RCE ExploitA critical zero-day remote code execution (RCE) vulnerability is currently threatening the security of over 28,000 Citrix instances worldwide. The flaw, designated as CVE-2025-7775, is being actively exploited by threat actors, prompting urgent security warnings from cy…GBHACKERS.COM
28 Aug KEVCISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the WildThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after detecting active exploitation of a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices. Designated CVE-2025-7775, the flaw stems from a memory overflow…GBHACKERS.COM
28 AugBadSuccessor After Patch: Using dMSAs for Credential Theft and Lateral Movement in ADAkamai researchers evaluated Microsoft’s patch for the BadSuccessor vulnerability (CVE-2025-53779) to determine its scope and limitations. While the update effectively blocks the original direct escalation path, the core mechanics of BadSuccessor remain exploitable under specific…GBHACKERS.COM
28 AugCisco Nexus 3000 & 9000 Vulnerability Enables DoS AttacksCisco has issued a high-severity security advisory warning of a dangerous vulnerability in its Nexus 3000 and 9000 Series switches that could allow attackers to trigger denial of service (DoS) attacks through crafted network packets. The vulnerability, tracked as CVE-2025-20…GBHACKERS.COM
28 AugCisco IMC Virtual Keyboard Vulnerability Allows Attackers to Redirect Users to Malicious WebsitesCisco has released urgent security updates to remediate a high-severity vulnerability in its Integrated Management Controller (IMC) virtual keyboard video monitor (vKVM) module that could allow unauthenticated, remote attackers to hijack sessions and redirect users to malicious w…GBHACKERS.COM
28 AugChromium: CVE-2025-9478 Use after free in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
28 AugSalt Typhoon APT techniques revealed in new reportGovernment intelligence and cybersecurity agencies from 13 countries have released a joint advisory detailing the techniques used by Salt Typhoon, a Chinese state-sponsored APT group that has targeted telecommunications, government, transportation, lodging and military infrastruc…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 28[−]
28 AugStorm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud AttacksThe financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. "Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encry…THEHACKERNEWS.COM
28 AugAnthropic detects the inevitable: genAI-only attacks, no humans involvedWhen Anthropic published a report Wednesday detailing genAI attacks that entirely bypassed humans, as opposed to human attackers using AI tools as aids, it was the realization of what many CISOs have long anticipated. But it shows that preparations for AI-only attacks need to be …CSOONLINE.COM
28 Aug7 Anzeichen für akuten MSSP-BedarfManaged Security Service Provider können das Sicherheitsniveau nachhaltig steigern. Godlikeart | shutterstock.com Ein Managed Security Service Provider (MSSP) bietet seinen Kunden ein umfassendes Spektrum an Sicherheits-Services. Als Drittanbieter kann ein MSSP die Arbeitsbelastu…CSOONLINE.COM
28 AugUK and allies expose China-based technology companies for enabling global cyber campaign against critical networkssubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://www.ncsc.gov.uk/news/uk-allies-expose-china-tech-companies-enabling-cyber-campaign cross-posted from: lemmy.sdf.org/post/41203833 GCHQ’s [the UK Government Communications Headquarters’] National Cyber Securit…INFOSEC.PUB
28 AugUK and allies expose China-based technology companies for enabling global cyber campaign against critical networkssubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://www.ncsc.gov.uk/news/uk-allies-expose-china-tech-companies-enabling-cyber-campaign cross-posted from: lemmy.sdf.org/post/41203833 GCHQ’s [the UK Government Communications Headquarters’] National Cyber Securit…SH.ITJUST.WORKS
28 AugThe CISO succession crisis: why companies have no plan and how to change thatCISO turnover is showing signs of stability, dropping from 21% in 2022 to 12% in 2023 and to an annualized 11% in the first half of 2024, according to IANS Research and Artico Search’s report . Still, organizations face a stark reality: when their top security executive departs, …CSOONLINE.COM
28 AugNew Research and PoC Reveal Security Risks in LLM-Based CodingA recent investigation has uncovered that relying solely on large language models (LLMs) to generate application code can introduce critical security vulnerabilities, according to a detailed blog post published on August 22, 2025. The research underscores that LLMs, which are tra…GBHACKERS.COM
28 AugMicrosoft Unveils Storm-0501’s Cloud-Based Ransomware Deployment TacticsMicrosoft Threat Intelligence has detailed the evolving tactics of the financially motivated threat actor Storm-0501, which has transitioned from traditional on-premises ransomware deployments to sophisticated cloud-based operations. Unlike conventional ransomware that relies on …GBHACKERS.COM
28 AugTAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and DissidentsThe TAOTH campaign exploited abandoned software and spear-phishing to deploy multiple malware families, targeting dissidents and other high-value individuals across Eastern Asia.TRENDMICRO.COM
28 AugFreePBX Servers Hit by 0-Day Exploit, Disable Internet Access AdvisedFreePBX administrators worldwide have been urged to immediately disable public internet access to their systems after a critical 0-day vulnerability was discovered in the commercial Endpoint Manager module. The Sangoma FreePBX Security Team confirmed that attacker-controlled expl…GBHACKERS.COM
28 AugShadowSilk Targets Penetration-Testing Tools and Public Exploits to Breach OrganizationsCybersecurity experts discovered an advanced persistent threat (APT) cluster called ShadowSilk in a thorough research published by Group-IB. Since at least 2023, this group has been actively breaching government institutions in Central Asia and the Asia-Pacific area. The group…GBHACKERS.COM
28 AugChina’s Salt Typhoon Hacked Critical Infrastructure Globally for YearsChina-linked APT ‘Salt Typhoon’ exploited known router flaws to maintain persistent access across telecom, government, and military networks, giving Beijing’s intelligence services global surveillance reach. The post China’s Salt Typhoon Hacked Critical Infrastructure Globally fo…SECURITYWEEK.COM
28 AugFarmers Insurance Breach Exposes Data of 1.1 Million Customers via Salesforce CompromiseFarmers Insurance has disclosed a data breach stemming from unauthorized access to a third-party vendor’s database, potentially compromising the personal information of approximately 1.1 million customers. The breach, detected on May 30, 2025, involved an unauthorized actor…GBHACKERS.COM
28 AugSalt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations WorldwideThe China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors. "While these a…THEHACKERNEWS.COM
28 AugBreaking the Passkey Promise: SquareX Discloses Major Passkey Vulnerability at DEF CON 33It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that allows users to log in with biometrics or a hardware key. According t…GBHACKERS.COM
28 AugNews alert: SquareX finds browser flaw undermining passkeys while exposing banking and SaaS appsPalo Alto, Calif., Aug. 28, 2025, CyberNewswire — It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that … (more…) The…LASTWATCHDOG.COM
28 AugAnthropic Blocks Hackers Attempting to Exploit Claude AI for Cyber AttacksAnthropic, a leading AI research company, has successfully disrupted multiple attempts by cybercriminals to misuse its Claude AI model for sophisticated cyberattacks, as detailed in their latest Threat Intelligence report. The company has implemented advanced safeguards, includin…GBHACKERS.COM
28 AugThreat Actors Exploit Velociraptor Incident Response Tool for Remote AccessResearchers from the Counter Threat Unit (CTU) at Sophos uncovered a sophisticated intrusion where threat actors repurposed the legitimate open-source Velociraptor digital forensics and incident response (DFIR) tool to establish unauthorized remote access within targeted networks…GBHACKERS.COM
28 AugPasswordstate dev urges users to patch auth bypass vulnerabilityClick Studios, the company behind the Passwordstate enterprise-grade password manager, has warned customers to patch a high-severity authentication bypass vulnerability as soon as possible. [...]BLEEPINGCOMPUTER.COM
28 AugCISA Releases Nine Industrial Control Systems AdvisoriesCISA released nine Industrial Control Systems (ICS) advisories on August 28, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-240-01 Mitsubishi Electric MELSEC iQ-F Series CPU Module ICSA-25-24…CISA.GOV
28 AugCisco UCS Manager Software Flaw Allows Attackers to Inject Malicious CommandsCisco has released urgent security updates to remediate two medium-severity command injection vulnerabilities in its UCS Manager Software that could allow authenticated administrators to execute arbitrary commands and compromise system integrity. Disclosed on August 27, 2025, the…GBHACKERS.COM
28 AugHow SafeLine WAF Turns Hackers’ Scanners into TrashWhen web application protection is no longer a million-dollar luxury, and when every developer can build their own security perimeter with just a few clicks—that is when cybersecurity truly fulfills its mission. As a penetration tester, I’ve used zero-days to crush countless fire…GBHACKERS.COM
28 Aug2025 CSO Hall of Fame: George Finney on decryption risks, AI, and the CISO’s growing cloutWith more than 20 years of experience at startups, nonprofits, and large universities, George Finney has built a reputation for seeing both the big picture and the detailed improvements needed for lasting cybersecurity. Today, he brings that perspective to his role as chief infor…CSOONLINE.COM
28 AugHow Gainesville Regional Utilities is locking down vendor riskGainesville Regional Utilities (GRU) isn’t just a utilities provider—it’s the communications backbone for the community. In addition to delivering electricity and water, GRU operates fiber-optic networks and uses smart grid and metering technologies to keep homes, businesses, and…CSOONLINE.COM
28 AugGoogle warns Salesloft breach impacted some Workspace accountsGoogle reports that the Salesloft Drift breach is larger than initially thought, warning that attackers also used stolen OAuth tokens to access Google Workspace email accounts in addition to Salesforce data. [...]BLEEPINGCOMPUTER.COM
28 AugADV200013 Microsoft Guidance for Addressing Spoofing Vulnerability in DNS ResolverIn the Security Updates table, added Windows Server 2022, version 23H2, Windows Server 2025, and Windows Server 2025 (Server Core installation) as these versions of Windows Server are also affected by this vulnerability. Customers running these versions should configure Windows D…MSRC.MICROSOFT.COM
28 AugNews alert: Halo Security’s custom dashboards give security teams control while streamlining workflowsMiami, Aug. 28, 2025, CyberNewswire — Halo Security , a leading provider of external risk management solutions, today announced significant platform enhancements designed to give security teams greater flexibility and control within the platform. The new features include custom d…LASTWATCHDOG.COM
28 AugHackers Steal Your Car and Vulnerabilities - Rob Allen - PSW #889Rob Allen joins us to discuss the importance of security research teams, and some cool stuff they've worked on. Then, in the Security News: * Flipper Zero, unlocking cars: The saga continues * The one where they stole the vulnerabilities * ESP32 Bus Pirates * AI will weaponize ev…YOUTUBE.COM
📢 SECURITY ADVISORIES 5[−]
28 AugRegierung plant stärkere Cyberabwehrsrcset="https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2424502447.jpg?quality=50&strip=all 7008w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2424502447.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
28 AugCISA Releases Guide to Hunt and Mitigate Chinese State-Sponsored ThreatsThe Cybersecurity and Infrastructure Security Agency (CISA) unveiled a comprehensive Cybersecurity Advisory (CSA) designed to empower network defenders to detect, hunt, and mitigate the activities of advanced persistent threat (APT) actors linked to the People’s Republic of China…GBHACKERS.COM
28 AugThe FBI and agencies in the UK, Canada, and others warn that a Chinese hacking campaign targeting US telecoms has expanded to more countries and US companiessubmitted by Pro to cybersecurity 1 points | 0 comments https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-239a cross-posted from: programming.dev/post/36422828 PDF . People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally,…SH.ITJUST.WORKS
28 AugWebinar Today: Ransomware Defense That Meets Evolving Compliance MandatesJoin this live discussion to learn how organizations can strengthen ransomware defenses while staying ahead of tightening compliance requirements. The post Webinar Today: Ransomware Defense That Meets Evolving Compliance Mandates appeared first on SecurityWeek .SECURITYWEEK.COM
🔥 INCIDENT REPORTING 14[−]
28 AugMicrosoft Teams Flaw Prevents Users From Accessing Embedded Office FilesA widespread service disruption is currently affecting Microsoft Teams users across the globe, preventing access to embedded Office documents within the collaboration platform. The issue, which began surfacing, has created significant workflow interruptions for organiza…GBHACKERS.COM
28 AugHackers Target Popular Nx Build System in First AI-Weaponized Supply Chain AttackWith more than 4 million weekly downloads, the Nx build platform became the first known supply chain breach where hackers weaponized AI assistants for data theft. The post Hackers Target Popular Nx Build System in First AI-Weaponized Supply Chain Attack appeared first on Security…SECURITYWEEK.COM
28 AugNew Research Explores Emulating Scattered Spider Tactics in Real-World ScenariosExperts have described methods for mimicking the strategies of the advanced persistent threat (APT) group Scattered Spider in a recent in-depth analysis by cybersecurity company Lares, allowing enterprises to strengthen their defenses through adversarial cooperation. Lares specia…GBHACKERS.COM
28 AugFirst AI-Powered Ransomware “PromptLock” Uses OpenAI gpt-oss-20b for EncryptionPromptLock, a novel ransomware strain discovered by the ESET Research team, marks the first known instance of malware harnessing a local large language model to generate its malicious payload on the victim’s machine. Rather than carrying pre-compiled attack logic, PromptLock ship…GBHACKERS.COM
28 AugHidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures ThemEvery day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average cost of a data breach worldwide was about $4.88 million.…THEHACKERNEWS.COM
28 AugTransUnion says hackers stole 4.4 million customers’ personal informationThe credit reporting giant confirmed unauthorized access to a third-party application storing the personal information of its customers.TECHCRUNCH.COM
28 AugWebinar: Why Top Teams Are Prioritizing Code-to-Cloud Mapping in Our 2025 AppSecPicture this: Your team rolls out some new code, thinking everything's fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs millions. Scary, right…THEHACKERNEWS.COM
28 AugLazarus Group Targets Windows 11 with ClickFix Tactics and Fake Job OffersThe notorious Lazarus advanced persistent threat (APT) organization, which Qi’anxin internally tracks as APT-Q-1, has been seen using the ClickFix technique to penetrate Windows 11 and macOS systems in a sophisticated progression of social engineering attacks. Known for hig…GBHACKERS.COM
28 AugTransUnion suffers data breach impacting over 4.4 million peopleConsumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States. [...]BLEEPINGCOMPUTER.COM
28 AugMATLAB dev says ransomware gang stole data of 10,000 peopleMathWorks, a leading developer of mathematical simulation and computing software, revealed that a ransomware gang stole the data of over 10,000 people after breaching its network in April. [...]BLEEPINGCOMPUTER.COM
28 AugElectronics Manufacturer Data I/O Suffers Ransomware BreachData I/O Corporation, a well-known electronics firm that specializes in device programming and security provisioning solutions, revealed a ransomware attack that penetrated its internal IT infrastructure in a major cybersecurity event. The incident, detected on August 16, 2025, p…GBHACKERS.COM
28 AugState of Nevada Faces IT Outage Amid Cyberattack, Offices SuspendedThe State of Nevada became the target of a significant cyberattack which resulted in a substantial network security incident impacting government infrastructure across multiple agencies. According to an official communication from the Governor’s Technology Office, state officials…GBHACKERS.COM
28 AugMalware devs abuse Anthropic’s Claude AI to build ransomwareAnthropic's Claude Code large language model has been abused by threat actors who used it in data extortion campaigns and to develop ransomware packages. [...]BLEEPINGCOMPUTER.COM
28 AugCrowdStrike buys Onum in agentic SOC pushCrowdStrike has announced the purchase of Spanish data intelligence company Onum, which specializes in real-time telemetry pipeline management. According to Fortune , the deal is valued at $290 million dollars (€250 million) and involved three months of negotiations between the M…CSOONLINE.COM
🕵️ THREAT INTELLIGENCE 14[−]
28 AugISC Stormcast For Thursday, August 28th, 2025 https://isc.sans.edu/podcastdetail/9590, (Thu, Aug 28th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
28 AugChinesische Telekom-Hacker in 80 Ländern aktivwidth="2470" height="1389" sizes="auto, (max-width: 2470px) 100vw, 2470px"> Laut FBI hat es die chinesische Hackergruppe “Salt Typhoon” auf mindestens 80 Länder abgesehen. Paopano – shutterstock.com Die mutmaßlich chinesischen Hacker, die Telekommunikations-Anbieter in den USA au…CSOONLINE.COM
28 AugNew TamperedChef Attack Uses Weaponized PDF Editor to Steal Sensitive Data and Login CredentialsCybersecurity researchers at Truesec have uncovered a sophisticated malware campaign distributing a weaponized PDF editor under the guise of “AppSuite PDF Editor.” This operation, which began on June 26, 2025, involves multiple websites promoting the software as a fre…GBHACKERS.COM
28 Aug115.000 Phishing-Emails in einer Woche versendetEine neue Art des Phishings breitet sich aus. Sie setzt dabei auf bewährte Marken, unaufgeklärte Mitarbeitende und ungeschützte Kanäle. janews – Shutterstock.com Laut Google nutzen 40 Millionen Lehrer und Schüler weltweit Google Classroom, um Leistungsnachweise, Schulaufgaben und…CSOONLINE.COM
28 AugU.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ ProfitsThe U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in the North Korean remote information technology (IT) worker scheme to generate illicit revenue for the regi…THEHACKERNEWS.COM
28 AugThe UK May Be Dropping Its Backdoor MandateThe US Director of National Intelligence is reporting that the UK government is dropping its backdoor mandate against the Apple iPhone. For now, at least, assuming that Tulsi Gabbard is reporting this accurately.SCHNEIER.COM
28 AugU.S. Treasury Sanctions North Korean IT Worker Network Funding Weapons ProgramsThe U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Russian national Vitaliy Sergeyevich Andreyev, DPRK official Kim Ung Sun, Chinese entity Shenyang Geumpungri Network Technology Co., Ltd. DPRK-based Korea Sinjin Trading C…GBHACKERS.COM
28 AugCrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time TelemetryCrowdStrike says the acquisition will bring valuable technology to enhance its Falcon Next-Gen SIEM. The post CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry appeared first on SecurityWeek .SECURITYWEEK.COM
28 AugWeaponized ScreenConnect RMM Tool Deceives Users into Installing Xworm RATThe SpiderLabs Threat Hunt Team recently discovered a cyber campaign in which threat actors used the genuine ScreenConnect remote management application as a weapon to spread the Xworm Remote Access Trojan (RAT) through a multi-phase infection chain. The attack begins with social…GBHACKERS.COM
28 AugResearchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same NamesCybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious ext…THEHACKERNEWS.COM
28 AugReport: Cybercriminals are Hiring Social Engineering TalentReliaQuest has published a report on the cybercriminal recruitment ecosystem, finding that fluent English speakers with social engineering skills are highly sought-after.KNOWBE4.COM
28 AugSecuring the AI "Before Times”The cybersecurity landscape is being reshaped by AI, requiring a fundamental rethinking of our approach to cyber resilience and a new security framework. The post Securing the AI "Before Times” appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
28 AugNew Phishing Kit Bypasses MFA to Steal Microsoft 365 CredentialsAttackers are using a newly discovered phishing-as-a-service (PhaaS) platform dubbed “Salty 2FA” to target a wide range of industries across North America and Europe, according to researchers at ANYRUN.KNOWBE4.COM
28 AugUS targets North Korean IT worker army with new sanctionsThe U.S. Treasury's Office of Foreign Assets Control (OFAC) has sanctioned two individuals and two companies associated with North Korean IT worker schemes that operate at the expense of American organizations. [...]BLEEPINGCOMPUTER.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
28 AugMalicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI CredentialsThe maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the popular npm package and other auxiliary plugins with data-gathering capabilities. "Malicious versions of the nx package, as well as some …THEHACKERNEWS.COM
28 AugWave of npm supply chain attacks exposes thousands of enterprise developer credentialsAttacks on the NX build system and React packages highlight escalating threats to enterprise software development pipelines.INFOWORLD.COM
📡 INFOSEC NEWS 10[−]
28 AugNX build compromise detection and response | Kaspersky official blogSigns and features of s1ngularity attack, detection and response measuresKASPERSKY.COM
28 AugDefend what matters: Introducing Sophos Endpoint for Legacy PlatformsComprehensive endpoint security for critical systemsSOPHOS.COM
28 AugShadow IT Is Expanding Your Attack Surface. Here’s ProofShadow IT isn't theoretical—it's everywhere. Intruder uncovered exposed backups, open Git repos, and admin panels in just days, all hiding sensitive data. Make your hidden assets visible before attackers do. [...]BLEEPINGCOMPUTER.COM
28 AugPolice seize VerifTools fake ID marketplace servers, domainsThe FBI and the Dutch Police have shut down the VerifTools marketplace for fraudulent identity documents after seizing servers in Amsterdam that hosted the online operation. [...]BLEEPINGCOMPUTER.COM
28 AugIncreasing Searches for ZIP Files, (Thu, Aug 28th)I noticed recently that we have more and more requests for ZIP files in our web honeypot logs. Over the last year, we have had a substantial increase in these requests.
ISC.SANS.EDU
28 AugMicrosoft Word will save your files to the cloud by defaultMicrosoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default. [...]BLEEPINGCOMPUTER.COM
28 AugAffiliates Flock to ‘Soulless’ Scam Gambling MachineLast month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. We've since learned that these scam gambling sites ha…KREBSONSECURITY.COM
28 AugGoogle shares workarounds for auth failures on ChromeOS devicesGoogle is working to resolve authentication failures preventing users from signing into their Clever and ClassLink accounts on some ChromeOS devices. [...]BLEEPINGCOMPUTER.COM
28 AugThis month in security with Tony Anscombe – August 2025 editionFrom Meta shutting down millions of WhatsApp accounts linked to scam centers all the way to attacks at water facilities in Europe, August 2025 saw no shortage of impactful cybersecurity newsWELIVESECURITY.COM
28 AugTrend Vision One™ Email Security Raises the StandardLearn all the new aspects of Trend Vision One™ Email Security and how it's raising the standard of effectiveness for the industry.TRENDMICRO.COM