Hackers Weaponize QR Codes With Malicious Links to Steal Sensitive Data
Quishing, a powerful form of phishing that uses malicious hyperlinks contained in QR codes to expose user credentials and sensitive data, has surfaced in the…
Month: August 2025
Scale of MoD Afghan data breaches widens dramatically
The Ministry of Defence (MoD) has admitted there have been more than 12 times as many data breaches linked to its Afghan Relocations and Assistance…
CrowdStrike warns of uptick in Silk Typhoon attacks this summer
The Chinese state-backed threat group Silk Typhoon has raised the pace of attacks targeting government, technology, legal and professional services in North America since late…
Kali Vagrant Rebuilt Released – Pre-configured DebOS VMs via Command Line
The Kali Linux team has announced a significant enhancement of its Vagrant image build process, streamlining development and simplifying deployment for users. In a move…
Threat Actors Weaponize PDF Editor Trojan to Convert Devices into Proxies
Researchers have discovered a complex campaign using trojanized software that uses authentic code-signing certificates to avoid detection and turn compromised machines into unintentional residential proxies,…
Qilin Ransomware Gang Claims 4TB Data Breach at Nissan CBI
Qilin ransomware claims a 4TB data breach at Nissan CBI, leaking car design files, financial data, 3D models, and VR design images as proof. The…
FTC warns tech companies not to weaken encryption, free speech practices for foreign governments
Federal Trade Commission Chair Andrew Ferguson warned U.S. tech companies not to accede to laws in foreign countries that weaken Americans’ free speech or data…
APT MuddyWater Attacking CFOs Leveraging OpenSSH, Enables RDP, and Scheduled Task
A sophisticated cyber espionage campaign attributed to APT MuddyWater has emerged targeting Chief Financial Officers and finance executives across Europe, North America, South America, Africa,…
AI Website Generators Repurposed by Adversaries for Malware Campaigns
Adversaries are using AI-powered website builders to expedite the development of harmful infrastructure in a quickly changing threat landscape, hence reducing the entry barriers for…
Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks
Aug 21, 2025Ravie LakshmananVulnerability / Software Security Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution…
Apple addressed the seventh actively exploited zero-day
Apple addressed the seventh actively exploited zero-day Pierluigi Paganini August 21, 2025 Apple addressed a vulnerability impacting iOS, iPadOS, and macOS that it is under…
Mozilla High Severity Vulnerabilities Enables Remote Code Execution
Mozilla has released Firefox 142 to address multiple high-severity security vulnerabilities that could allow attackers to execute arbitrary code remotely on affected systems. The security…