Taiwan's National Security Bureau warns against Chinese apps like TikTok, WeChat, and Rednote, citing excessive data collection and transfer to China as national security risks.

APT36 (Transparent Tribe) is now targeting Indian government agencies via BOSS Linux with spear-phishing. It uses malicious .desktop files to deploy Go-based malware for espionage.

SpyCloud Labs exposes VenusTech & Salt Typhoon data leaks on DarkForums, revealing contract details for Chinese hack-for-hire operations against foreign targets, including military links.

NSFOCUS uncovers Hpingbot, a rapidly evolving Go-based botnet using Pastebin for payloads and hping3 for DDoS. It targets Windows/Linux/IoT, focusing on stealth and persistence.

Synacktiv unveils chained flaws in ScriptCase's prod console (CVE-2025-47227/47228) allowing pre-authenticated RCE via password reset & shell injection, risking web servers.

Apple's H2 2025 roadmap: iPhone 17 series (new Air model), Apple Watch Ultra 3 (5G/satellite), M5 Macs/iPads, and refreshed smart home devices, totaling over 15 new products.

Redis discloses CVE-2025-48367 (CVSSv4 7.0), a DoS flaw where authenticated clients can misuse multi-bulk commands. No direct code fix is planned; reinforce access controls.

A flaw (CVE-2025-48367, CVSS 7.0) in Redis HyperLogLog allows authenticated RCE via out-of-bounds writes. PoC available. Update to 8.0.3, 7.4.5, 7.2.10, or 6.2.19!

Pakistan-based threat actor APT36, also known as Transparent Tribe, has significantly evolved its cyber-espionage capabilities by launching a sophisticated campaign specifically targeting Indian defense personnel through weaponized ZIP files designed to compromise…

Best Network Security Solutions for CSO :1. Palo Alto Networks 2. Fortinet 3. Perimeter81 4. Check Point Software 5. Juniper Networks

A newly highlighted vulnerability in the Linux boot process exposes a critical weakness in the security posture of many modern distributions.

Microsoft Edge continues to actively discourage Google Chrome downloads using ads and warnings, though these tactics have ceased within the EU due to regulatory pressure.

Microsoft has officially removed the outdated and vulnerable PowerShell 2.0 from Windows 11 (starting with Build 27981), streamlining the OS and bolstering security.

TikTok is launching a new "M2" app by Sept 5 to comply with US divestment law, as ByteDance nears a deal with Oracle, aiming to replace the current app by March 2026.

Microsoft revised KB5001716 to stop automatic Windows 11 upgrades, now only showing notifications about end-of-life or hardware issues for Windows 10/11 users.

Best Network Security Solutions for CSO :1. Palo Alto Networks 2. Fortinet 3. Perimeter81 4. Check Point Software 5. Juniper Networks

A sophisticated APT group dubbed "NightEagle" (APT-Q-95) has been conducting targeted attacks against China's critical technology sectors.

Two critical vulnerabilities in ScriptCase's Production Environment module that can be chained together to achieve pre-authenticated remote command execution.

Security researchers from the Socket Threat Research Team have uncovered a sophisticated network of 8 malicious Firefox browser extensions.

Best Vulnerability Management Tools & software; 1. Intruder 2. Qualys 3. Acunetix 4. Tripwire 5. Astra Pentest 6. Rapid7 and more

Cybercriminals are increasingly exploiting legitimate Windows driver signing processes to deploy sophisticated kernel-level malware.