IT Security Weekend Catch Up – August 1, 2025

Comments
close searching

01.08.2025 | 21:11

IT Security Weekend Catch Up – August 1, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – August 1, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. UK government secretly paid foreign YouTube stars for ‘propaganda’
  2. Facebook rigorously removes news articles mentioning pirate service “MagisTV”
  3. Tea app leak worsens with second database exposing user chats
  4. Proton: Introducing Lumo, the AI where every conversation is confidential
  5. OpenAI’s ChatGPT Agent casually clicks through “I am not a robot” verification test
  6. A bar? A church? China? A stolen iPhone's baffling journey around the globe
  7. How bad is Afghan data breach for MI6 and SAS?
  8. French submarine-maker targeted by hackers
  9. Operation Grayskull culminates in lengthy sentences for managers of dark web site dedicated to sexual abuse of children
  10. Law enforcement operations seized BlackSuit ransomware gang’s darknet sites
  11. Cybercrime forum XSS returns on mirror and dark web 1 day after seizure

For the more technical

  1. In-the-wild exploitation of CVE-2025-53770 and CVE-2025-53771: Technical details and mitigation strategies
  2. Before ToolShell: Exploring Storm-2603’s Previous Ransomware Operations
  3. Cisco Identity Services Engine unauthenticated remote code execution vulnerabilities
  4. Stack overflows, heap overflows, and existential dread (SonicWall SMA100 CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598)
  5. Vulnerabilities identified in Dahua Hero C1 smart cameras
  6. Thorium: A scalable platform for automated file analysis and result aggregation
  7. Understanding current CastleLoader campaigns
  8. Gold Blade remote DLL sideloading attack deploys RedLoader
  9. Email-delivered RMM: Abusing PDFs for silent initial access
  10. Exploiting Direct Send: Attackers abuse Microsoft 365 to deliver internal phishing attacks
  11. Sealed chain of deception: Actors leveraging Node.JS to launch JSCeal
  12. MaaS appeal: An infostealer rises from the ashes
  13. ToxicPanda: The Android banking trojan targeting Europe
  14. AI-generated malware in panda image hides persistent Linux threat
  15. Gunra ransomware group unveils efficient Linux variant
  16. Fire Ant: A deep-dive into hypervisor-level espionage
  17. LARVA-208’s new campaign targets Web3 developers
  18. Muddled Libra threat assessment: Further-reaching, faster, more impactful
  19. Dropping Elephant APT group targets Turkish defense industry with new campaign and capabilities: LOLBAS, VLC Player, and encrypted Shellcode
  20. Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical UK government secretly paid foreign YouTube stars for ‘propaganda’ Facebook rigorously removes ne 2025-08-01T21:11:11+02:00

Comments