Hackers Lied In Wait, Then Knocked Out Iran Ship Comms darkreadingJai Vijayan, Contributing Writer
August 25, 2025

Lab-Dookhtegen claims major attack on more than 60 cargo ships and oil tankers belonging to two Iranian companies on US sanctions list. Lab-Dookhtegen claims major attack on more than 60 cargo …


FTC Chair Tells Tech Giants to Hold the Line on Encryption darkreadingKristina Beek
August 25, 2025

The chairman sent letters out to companies like Apple, Meta, and Microsoft, advising them not to adhere to the demands of foreign governments to weaken their encryption. The chairman sent letters …


ClickFix Attack Tricks AI Summaries Into Pushing Malware darkreadingAlexander Culafi
August 25, 2025

Because instructions appear to come from AI-generated content summaries and not an external source, the victim is more likely to follow them without suspicion. Because instructions appear to come from AI-generated …


UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats The Hacker [email protected] (The Hacker News)
August 25, 2025

A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia and other entities across the globe to advance Beijing's strategic …


Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 The Hacker [email protected] (The Hacker News)
August 25, 2025

Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the …


Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads The Hacker [email protected] (The Hacker News)
August 25, 2025

Cybersecurity researchers have flagged a new phishing campaign that's using fake voicemails and purchase orders to deliver a malware loader called UpCrypter. The campaign leverages "carefully crafted emails to deliver malicious …


Fast-Spreading, Complex Phishing Campaign Installs RATs darkreadingElizabeth Montalbano, Contributing Writer
August 25, 2025

Attackers not only steal credentials but also can maintain long-term, persistent access to corporate networks through the global campaign. Attackers not only steal credentials but also can maintain long-term, persistent access …


Securing the Cloud in an Age of Escalating Cyber Threats darkreadingDrew Firment, Matthew Lloyd Davies
August 25, 2025

As threats intensify and cloud adoption expands, organizations must leave outdated security models behind. As threats intensify and cloud adoption expands, organizations must leave outdated security models behind.  ​Read More


⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More The Hacker [email protected] (The Hacker News)
August 25, 2025

Cybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn a software flaw into leverage, or shift who holds the upper hand. …


CISA Adds Three Known Exploited Vulnerabilities to Catalog AlertsCISA
August 25, 2025

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-8069 Citrix Session Recording Deserialization of Untrusted Data Vulnerability CVE-2024-8068 Citrix Session Recording Improper …