ISC Stormcast For Tuesday, September 2nd, 2025 https://isc.sans.edu/podcastdetail/9594, (Tue, Sep 2nd) SANS Internet Storm Center, InfoCON: green
September 1, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft Krebs on SecurityBrianKrebs
September 1, 2025

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many …


Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans The Hacker [email protected] (The Hacker News)
September 1, 2025

Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware …


⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More The Hacker [email protected] (The Hacker News)
September 1, 2025

Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in …


When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider The Hacker [email protected] (The Hacker News)
September 1, 2025

As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web …


ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics The Hacker [email protected] (The Hacker News)
September 1, 2025

Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT. The activity has been codenamed …


pdf-parser: All Streams, (Sun, Aug 31st) SANS Internet Storm Center, InfoCON: green
August 31, 2025

A user reported a bug in pdf-parser: when dumping all filtered streams, an error would occur:  A user reported a bug in pdf-parser: when dumping all filtered streams, an error would …


Wireshark 4.4.9 Released, (Sun, Aug 31st) SANS Internet Storm Center, InfoCON: green
August 31, 2025

Wireshark release 4.4.9 fixes 5 bugs.  Wireshark release 4.4.9 fixes 5 bugs. Didier Stevens Senior handler blog.DidierStevens.com   (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling The Hacker [email protected] (The Hacker News)
August 30, 2025

Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate …


WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices The Hacker [email protected] (The Hacker News)
August 29, 2025

WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently …