MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers The Hacker [email protected] (The Hacker News)
August 26, 2025

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that's targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check …


CISA Releases Three Industrial Control Systems Advisories AlertsCISA
August 26, 2025

CISA released three Industrial Control Systems (ICS) advisories on August 26, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-238-01 INVT VT-Designer and HMITool ICSA-25-238-03 …


ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners The Hacker [email protected] (The Hacker News)
August 26, 2025

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to …


HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands The Hacker [email protected] (The Hacker News)
August 26, 2025

Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages. "A prominent characteristic of the latest variant is …


Google to Verify All Android Developers in 4 Countries to Block Malicious Apps The Hacker [email protected] (The Hacker News)
August 25, 2025

Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store. "Android will require …


CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git The Hacker [email protected] (The Hacker News)
August 25, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws impacting Citrix Session Recording and Git to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence …


ISC Stormcast For Tuesday, August 26th, 2025 https://isc.sans.edu/podcastdetail/9586, (Tue, Aug 26th) SANS Internet Storm Center, InfoCON: green
August 25, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Hackers Lied In Wait, Then Knocked Out Iran Ship Comms darkreadingJai Vijayan, Contributing Writer
August 25, 2025

Lab-Dookhtegen claims major attack on more than 60 cargo ships and oil tankers belonging to two Iranian companies on US sanctions list. Lab-Dookhtegen claims major attack on more than 60 cargo …


FTC Chair Tells Tech Giants to Hold the Line on Encryption darkreadingKristina Beek
August 25, 2025

The chairman sent letters out to companies like Apple, Meta, and Microsoft, advising them not to adhere to the demands of foreign governments to weaken their encryption. The chairman sent letters …


ClickFix Attack Tricks AI Summaries Into Pushing Malware darkreadingAlexander Culafi
August 25, 2025

Because instructions appear to come from AI-generated content summaries and not an external source, the victim is more likely to follow them without suspicion. Because instructions appear to come from AI-generated …