IT Security Weekend Catch Up – August 30, 2025

Comments
close searching

30.08.2025 | 14:47

IT Security Weekend Catch Up – August 30, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – August 30, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Doxing as a new tool in Russian influence operations
  2. YouTube secretly tested AI video enhancement without notifying creators
  3. Can Flipper Zero really steal your car? (Spoiler: NO)
  4. U.S. government seizes online marketplaces selling fraudulent identity documents used in cybercrime schemes
  5. African authorities dismantle massive cybercrime and fraud networks, recover millions
  6. Chinese national who deployed "kill switch" code on employer's network sentenced to four years in prison
  7. Hundreds of Swedish municipalities impacted by suspected ransomware attack on IT supplier
  8. Auchan hacked: hundreds of thousands of customers exposed

For the more technical

  1. Reverse engineering Apple’s TCC daemon: When decompiled code
  2. Critical Docker Desktop flaw lets attackers hijack Windows hosts
  3. The one where we just steal the vulnerabilities (CrushFTP CVE-2025-54309)
  4. BadSuccessor is dead, long live BadSuccessor(?)
  5. Detecting CVE-2025-43300: A deep dive into Apple's DNG processing vulnerability
  6. Agentic browser security: Indirect prompt injection in Perplexity Comet
  7. Interesting technique to launch a shellcode
  8. What's new in Ghidra 11.4
  9. The root(ing) of all evil: Security holes that could compromise your mobile device
  10. AppSuite PDF Editor backdoor: A detailed technical analysis
  11. Chasing the Silver Fox: Cat & mouse in kernel shadows
  12. Storm-0501’s evolving techniques lead to cloud-based ransomware
  13. Examining the tactics of Bqtlock ransomware & its variants
  14. Cephalus ransomware: Don’t lose your head
  15. Hook version 3: The banking trojan with the most advanced capabilities
  16. Malicious Screen Connect campaign abuses AI-themed lures for Xworm delivery
  17. ZipLine campaign: A sophisticated phishing attack targeting US companies
  18. Phishing campaign targeting companies via UpCrypter
  19. TAG-144’s persistent grip on South American organizations
  20. Belarus-linked DSLRoot proxy network deploys hardware in U.S. residences, including military homes
  21. How Spur uncovered a Chinese proxy and VPN service used in an APT campaign
  22. Countering Chinese state-sponsored actors compromise of networks worldwide to feed global espionage system
  23. TAOTH campaign exploits end-of-support software to target traditional Chinese users and dissidents
  24. Deception in depth: PRC-nexus espionage campaign hijacks web traffic to target diplomats

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical Doxing as a new tool in Russian influence operations YouTube secretly tested AI video enhancement 2025-08-30T14:47:43+02:00

Comments