ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners The Hacker [email protected] (The Hacker News)
August 26, 2025

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to …


HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands The Hacker [email protected] (The Hacker News)
August 26, 2025

Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages. "A prominent characteristic of the latest variant is …


Google to Verify All Android Developers in 4 Countries to Block Malicious Apps The Hacker [email protected] (The Hacker News)
August 25, 2025

Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store. "Android will require …


CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git The Hacker [email protected] (The Hacker News)
August 25, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws impacting Citrix Session Recording and Git to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence …


ISC Stormcast For Tuesday, August 26th, 2025 https://isc.sans.edu/podcastdetail/9586, (Tue, Aug 26th) SANS Internet Storm Center, InfoCON: green
August 25, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Hackers Lied In Wait, Then Knocked Out Iran Ship Comms darkreadingJai Vijayan, Contributing Writer
August 25, 2025

Lab-Dookhtegen claims major attack on more than 60 cargo ships and oil tankers belonging to two Iranian companies on US sanctions list. Lab-Dookhtegen claims major attack on more than 60 cargo …


FTC Chair Tells Tech Giants to Hold the Line on Encryption darkreadingKristina Beek
August 25, 2025

The chairman sent letters out to companies like Apple, Meta, and Microsoft, advising them not to adhere to the demands of foreign governments to weaken their encryption. The chairman sent letters …


ClickFix Attack Tricks AI Summaries Into Pushing Malware darkreadingAlexander Culafi
August 25, 2025

Because instructions appear to come from AI-generated content summaries and not an external source, the victim is more likely to follow them without suspicion. Because instructions appear to come from AI-generated …


UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats The Hacker [email protected] (The Hacker News)
August 25, 2025

A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia and other entities across the globe to advance Beijing's strategic …


Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 The Hacker [email protected] (The Hacker News)
August 25, 2025

Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the …