Monthly Archives: August 2025

Google Requires Crypto App Licenses in 15 Regions as FBI Warns of $9.9M Scam Losses

Google said it’s implementing a new policy requiring developers of cryptocurrency exchanges and wallets to...

14
Aug
CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting...

14
Aug
New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks

Cybersecurity researchers have discovered a new malvertising campaign that’s designed to infect victims with a...

13
Aug
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws

Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow...

13
Aug
NIST Finalizes ‘Lightweight Cryptography’ Standard to Protect Small Devices
August 13, 2025

Four related algorithms are now ready for use to protect data created and transmitted by...

Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said...

13
Aug
AI SOC 101: Key Capabilities Security Leaders Need to Know

Security operations have never been a 9-to-5 job. For SOC analysts, the day often starts...

13
Aug
Webinar: What the Next Wave of AI Cyberattacks Will Look Like — And How to Survive

The AI revolution isn’t coming. It’s already here. From copilots that write our emails to...

13
Aug
Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws

Microsoft on Tuesday rolled out fixes for a massive set of 111 security flaws across...

13
Aug
Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics

Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called...

13
Aug
Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks

New research has uncovered Docker images on Docker Hub that contain the infamous XZ Utils...

12
Aug
Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager

Cybersecurity researchers are warning of a “significant spike” in brute-force traffic aimed at Fortinet SSL...

12
Aug
Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses

An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial...

12
Aug
The Voice of Deception: How Vishing Exploits Human Emotion

Vishing or voice phishing has rapidly become one of the most dangerous tools in a...

12
Aug
New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks

A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia...

12
Aug
The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions

Most security tools can’t see what happens inside the browser, but that’s where the majority...

12
Aug
Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors

The Dutch National Cyber Security Centre (NCSC-NL) has warned of cyber attacks exploiting a recently...

12
Aug
New TETRA Radio Encryption Flaws Expose Law Enforcement Communications

Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio...

11
Aug
Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls

Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform...

11
Aug
NIST Releases Test Tools to Accelerate Adoption of Emerging Route Leak Mitigation Standards
August 11, 2025

NIST has released NIST BGP RPKI IO (BRIO) – an open-source test tool designed to...

⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More

This week, cyber attackers are moving quickly, and businesses need to stay alert. They’re finding...

11
Aug
6 Lessons Learned: Focusing Security Where Business Value Lives

The Evolution of Exposure Management Most security teams have a good sense of what’s critical...

11
Aug
WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

The maintainers of the WinRAR file archiving utility have released an update to address an...

11
Aug
New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP

A novel attack technique could be weaponized to rope thousands of public domain controllers (DCs)...

10
Aug
Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

Cybersecurity researchers have presented new findings related to a now-patched security issue in Microsoft’s Windows...

10
Aug
Linux-Based Lenovo Webcams’ Flaw Can Be Remotely Exploited for BadUSB Attacks

Cybersecurity researchers have disclosed vulnerabilities in select model webcams from Lenovo that could turn them...

09
Aug
Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Cybersecurity researchers have uncovered multiple security flaws in Dell’s ControlVault3 firmware and its associated Windows...

09
Aug
Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems

Cybersecurity researchers have uncovered a jailbreak technique to bypass ethical guardrails erected by OpenAI in...

09
Aug
CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials

Cybersecurity researchers have discovered over a dozen vulnerabilities in enterprise secure vaults from CyberArk and...

09
Aug
AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims

Cybersecurity researchers are drawing attention to a new campaign that’s using legitimate generative artificial intelligence...

08
Aug