Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager The Hacker [email protected] (The Hacker News)
August 12, 2025

Cybersecurity researchers are warning of a "significant spike" in brute-force traffic aimed at Fortinet SSL VPN devices. The coordinated activity, per threat intelligence firm GreyNoise, was observed on August 3, 2025, …


Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses The Hacker [email protected] (The Hacker News)
August 12, 2025

An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be working hand …


Charon Ransomware Emerges With APT-Style Tactics darkreadingElizabeth Montalbano, Contributing Writer
August 12, 2025

The first documented deployment of the novel malware in a campaign against the Middle Eastern public sector and aviation industry may be tied to China's state-sponsored actor Earth Baxia. The first …


How to Stay a Step Ahead of a Non-Obvious Threat darkreadingDirk Schrader
August 12, 2025

Securing business logic isn't just a technical requirement — it's a business imperative. Securing business logic isn't just a technical requirement — it's a business imperative.  ​Read More


New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks The Hacker [email protected] (The Hacker News)
August 12, 2025

A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to …


CISA Adds Three Known Exploited Vulnerabilities to Catalog AlertsCISA
August 12, 2025

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2013-3893 Microsoft Internet Explorer Resource Management Errors Vulnerability CVE-2007-0671 Microsoft Office Excel Remote Code …


CISA Releases Seven Industrial Control Systems Advisories AlertsCISA
August 12, 2025

CISA released seven Industrial Control Systems (ICS) advisories on August 12, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-224-01 Ashlar-Vellum Cobalt, Xenon, Argon, …


ShinyHunters Tactics Now Mirror Scattered Spider darkreadingJai Vijayan, Contributing Writer
August 12, 2025

There's growing evidence that two of arguably the most dangerous cybercrime groups out there are tag-teaming big targets. There's growing evidence that two of arguably the most dangerous cybercrime groups out …


The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions The Hacker [email protected] (The Hacker News)
August 12, 2025

Most security tools can’t see what happens inside the browser, but that’s where the majority of work, and risk, now lives. Security leaders deciding how to close that gap often …


Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors The Hacker [email protected] (The Hacker News)
August 12, 2025

The Dutch National Cyber Security Centre (NCSC-NL) has warned of cyber attacks exploiting a recently disclosed critical security flaw impacting Citrix NetScaler ADC products to breach organizations in the country. The …