Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 The Hacker [email protected] (The Hacker News)
August 26, 2025

Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild. The vulnerabilities in question …


New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station The Hacker [email protected] (The Hacker News)
August 26, 2025

A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB). The …


Getting a Better Handle on International Domain Names and Punycode, (Tue, Aug 26th) SANS Internet Storm Center, InfoCON: green
August 26, 2025

International domain names (IDN) continue to be an interesting topic. For the most part, they are probably less of an issue than some people make them out to be, given …


DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ Krebs on SecurityBrianKrebs
August 26, 2025

The cybersecurity community on Reddit responded in disbelief this month when a self-described Air National Guard member with top secret security clearance began questioning the arrangement they'd made with company …


The Hidden Risk of Consumer Devices in the Hybrid Workforce darkreadingGene Moody
August 26, 2025

Until businesses begin to account for uncontrolled variables in their threat models, attackers will continue to exploit the weakest link in the chain. Until businesses begin to account for uncontrolled variables …


MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers The Hacker [email protected] (The Hacker News)
August 26, 2025

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that's targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check …


CISA Releases Three Industrial Control Systems Advisories AlertsCISA
August 26, 2025

CISA released three Industrial Control Systems (ICS) advisories on August 26, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-238-01 INVT VT-Designer and HMITool ICSA-25-238-03 …


ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners The Hacker [email protected] (The Hacker News)
August 26, 2025

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to …


HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands The Hacker [email protected] (The Hacker News)
August 26, 2025

Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages. "A prominent characteristic of the latest variant is …


Google to Verify All Android Developers in 4 Countries to Block Malicious Apps The Hacker [email protected] (The Hacker News)
August 25, 2025

Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store. "Android will require …