IT Security Weekend Catch Up – September 12, 2025

Comments
close searching

12.09.2025 | 19:07

IT Security Weekend Catch Up – September 12, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – September 12, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Singapore to order Meta to curb impersonation scams or face fines of up to S$1 million
  2. Google hit with $425 million verdict in privacy class action suit
  3. Apple is teaching its AI to adapt to the Trump era
  4. 400 scientists speak out against chat control
  5. Introducing Signal secure backups
  6. The Tor Project has released an official VPN
  7. PromptLock ransomware is just a research project, but it's still disturbing

For the more technical

  1. September 2025 Patch Tuesday: Two publicly disclosed zero-days and eight critical vulnerabilities among 84 CVEs
  2. Addressing the unauthorized issuance of multiple TLS certificates for 1.1.1.1
  3. DNS4EU – a bit EU, a bit secure, a bit pointless
  4. The Rise of RatOn: From NFC heists to remote control and ATS
  5. Technical report: AgeGO age verification on pornographic platforms
  6. The history of AppSuite: the certs of the BaoLoader developer
  7. Behind the mask of Madgicx Plus: A Chrome extension campaign targeting Meta advertisers
  8. Fancy Bear GonePostal – espionage tool provides backdoor access to Microsoft Outlook
  9. ChillyHell: A deep dive into a modular macOS backdoor
  10. ZynorRAT technical analysis: Reverse engineering a novel, Turkish Go-based RAT
  11. Technical analysis of kkRAT
  12. MostereRAT deployed AnyDesk/TightVNC for covert full access
  13. AdaptixC2: A new open-source framework leveraged in real-world attacks
  14. SafePay ransomware: How a non-RaaS group executes rapid fire attacks
  15. Trigona rebranding suspicions and global threats, and BlackNevas ransomware analysis
  16. Unmasking the Gentlemen ransomware: Tactics, techniques, and procedures revealed
  17. CyberVolk ransomware: Analysis of double encryption structure and disguised decryption logic
  18. Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm
  19. Frankenstein variant of the ToneShell backdoor targeting Myanmar
  20. APT37 targets Windows with Rust backdoor and Python loader
  21. Inside the 2025 energy phishing wave: Chevron, Conoco, PBF, Phillips 66
  22. Inside the Kimsuky leak: How the “Kim” dump exposed North Korea’s credential theft playbook
  23. Kimsuky’s use of GitHub for malware delivery and exfiltration
  24. Salt Typhoon and UNC4841: Silent Push discovers new domains; urges defenders to check telemetry and log data

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical Singapore to order Meta to curb impersonation scams or face fines of up to S$1 million Google hit 2025-09-12T19:07:15+02:00

Comments