Top Security News for Today
Engineered to Fail: The DNA of Negligent Cyber Defenses
https://reporter.deepspecter.com/engineered-to-fail-the-dna-of-negligent-cyber-defenses-22466a034b28
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats
https://www.microsoft.com/en-us/security/blog/2025/07/31/frozen-in-transit-secret-blizzards-aitm-campaign-against-diplomats/
CISA unveils free Thorium malware analysis platform
https://therecord.media/cisa-unveils-free-malware-analysis-tool
Espionage costing Australia $8 billion each year, warns intelligence chief
https://therecord.media/espionage-costing-australia-8-billion
North Korean hackers targeting open-source repositories in new espionage campaign
https://therecord.media/north-korean-hackers-targeting-open-source-repositories
The State of Ransomware – Q2 2025
https://research.checkpoint.com/2025/the-state-of-ransomware-q2-2025/
Cheating on Quantum Computing Benchmarks
https://www.schneier.com/blog/archives/2025/07/cheating-on-quantum-computing-benchmarks.html
Before ToolShell: Exploring Storm-2603’s Previous Ransomware Operations
https://research.checkpoint.com/2025/before-toolshell-exploring-storm-2603s-previous-ransomware-operations/
Biotech contractor settles for $9.8 million with DOJ over alleged cybersecurity lapses
https://therecord.media/illumina-false-claims-act-doj-cybersecurity-settlement
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Engineered to Fail: The DNA of Negligent Cyber Defenses
https://reporter.deepspecter.com/engineered-to-fail-the-dna-of-negligent-cyber-defenses-22466a034b28
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats
https://www.microsoft.com/en-us/security/blog/2025/07/31/frozen-in-transit-secret-blizzards-aitm-campaign-against-diplomats/
CISA unveils free Thorium malware analysis platform
https://therecord.media/cisa-unveils-free-malware-analysis-tool
Espionage costing Australia $8 billion each year, warns intelligence chief
https://therecord.media/espionage-costing-australia-8-billion
North Korean hackers targeting open-source repositories in new espionage campaign
https://therecord.media/north-korean-hackers-targeting-open-source-repositories
The State of Ransomware – Q2 2025
https://research.checkpoint.com/2025/the-state-of-ransomware-q2-2025/
Cheating on Quantum Computing Benchmarks
https://www.schneier.com/blog/archives/2025/07/cheating-on-quantum-computing-benchmarks.html
Before ToolShell: Exploring Storm-2603’s Previous Ransomware Operations
https://research.checkpoint.com/2025/before-toolshell-exploring-storm-2603s-previous-ransomware-operations/
Biotech contractor settles for $9.8 million with DOJ over alleged cybersecurity lapses
https://therecord.media/illumina-false-claims-act-doj-cybersecurity-settlement
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Medium
Engineered to Fail: The DNA of Negligent Cyber Defenses
Intro
Top Security News for Today
Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage
https://therecord.media/luxembourg-telecom-outage-reported-cyberattack-huawei-tech
Russia’s mobile internet shutdowns hit record high amid Ukrainian drone attacks
https://therecord.media/russia-mobile-internet-shutdowns-record
Spying on People Through Airportr Luggage Delivery Service
https://www.schneier.com/blog/archives/2025/08/spying-on-people-through-airportr-luggage-delivery-service.html
Flo settles class action lawsuit alleging improper data sharing
https://therecord.media/flo-app-settlement-class-action-suit-data-sharing-meta
Hackers leak purported Aeroflot data as Russia denies breach
https://therecord.media/hackers-leak-purported-aeroflot-data
EU preps biometric checks for foreign visitors
https://therecord.media/eu-preps-biometric-checks-travel
It opened the free, online, practical 'Introduction to Security' class from the Czech Technical University.
https://www.reddit.com/r/netsec/comments/1mf29r9/it_opened_the_free_online_practical_introduction/
What the Top 20 OSS Vulnerabilities Reveal About the Real Challenges in Security Governance
https://www.reddit.com/r/netsec/comments/1mfh9ol/what_the_top_20_oss_vulnerabilities_reveal_about/
Friday Squid Blogging: A Case of Squid Fossil Misidentification
https://www.schneier.com/blog/archives/2025/08/friday-squid-blogging-a-case-of-squid-fossil-misidentification.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage
https://therecord.media/luxembourg-telecom-outage-reported-cyberattack-huawei-tech
Russia’s mobile internet shutdowns hit record high amid Ukrainian drone attacks
https://therecord.media/russia-mobile-internet-shutdowns-record
Spying on People Through Airportr Luggage Delivery Service
https://www.schneier.com/blog/archives/2025/08/spying-on-people-through-airportr-luggage-delivery-service.html
Flo settles class action lawsuit alleging improper data sharing
https://therecord.media/flo-app-settlement-class-action-suit-data-sharing-meta
Hackers leak purported Aeroflot data as Russia denies breach
https://therecord.media/hackers-leak-purported-aeroflot-data
EU preps biometric checks for foreign visitors
https://therecord.media/eu-preps-biometric-checks-travel
It opened the free, online, practical 'Introduction to Security' class from the Czech Technical University.
https://www.reddit.com/r/netsec/comments/1mf29r9/it_opened_the_free_online_practical_introduction/
What the Top 20 OSS Vulnerabilities Reveal About the Real Challenges in Security Governance
https://www.reddit.com/r/netsec/comments/1mfh9ol/what_the_top_20_oss_vulnerabilities_reveal_about/
Friday Squid Blogging: A Case of Squid Fossil Misidentification
https://www.schneier.com/blog/archives/2025/08/friday-squid-blogging-a-case-of-squid-fossil-misidentification.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage
Authorities in Luxembourg said a nationwide telecommunications outage in July was caused by a deliberately disruptive cyberattack. Huawei networking products were reportedly the target.
Top Security News for Today
Forced to give your password? Here is the solution.
https://www.reddit.com/r/netsec/comments/1mfnsvg/forced_to_give_your_password_here_is_the_solution/
Be patient and keep it simple.
https://www.reddit.com/r/netsec/comments/1mftecp/be_patient_and_keep_it_simple/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Forced to give your password? Here is the solution.
https://www.reddit.com/r/netsec/comments/1mfnsvg/forced_to_give_your_password_here_is_the_solution/
Be patient and keep it simple.
https://www.reddit.com/r/netsec/comments/1mftecp/be_patient_and_keep_it_simple/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Forced to give your password? Here is the solution.
Posted by marcusfrex - 0 votes and 19 comments
Top Security News for Today
4th August – Threat Intelligence Report
https://research.checkpoint.com/2025/4th-august-threat-intelligence-report/
[Need Feedback] Bootloader → Long Mode in pure NASM (15 y.o self-taught dev, 370+ lines so far)
https://www.reddit.com/r/lowlevel/comments/1mghva6/need_feedback_bootloader_long_mode_in_pure_nasm/
PyRIT – AI-Powered Reconnaissance for Cloud Red Teaming
https://www.darknet.org.uk/2025/08/pyrit/
I designed a constant-free cryptographic hash function where entropy fully emerges from the input: Kaoru Hash (public blueprint with code and spec)
https://www.reddit.com/r/netsec/comments/1mh1j25/i_designed_a_constantfree_cryptographic_hash/
Building Bigraphs of the real world
https://arxiv.org/abs/2508.00003
Reasoning under uncertainty in the game of Cops and Robbers
https://arxiv.org/abs/2508.00004
ReVise: A Human-AI Interface for Incremental Algorithmic Recourse
https://arxiv.org/abs/2508.00002
Modelling Program Spaces in Program Synthesis with Constraints
https://arxiv.org/abs/2508.00005
Agent Network Protocol Technical White Paper
https://arxiv.org/abs/2508.00007
Git Context Controller: Manage the Context of LLM-based Agents like Git
https://arxiv.org/abs/2508.00031
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
4th August – Threat Intelligence Report
https://research.checkpoint.com/2025/4th-august-threat-intelligence-report/
[Need Feedback] Bootloader → Long Mode in pure NASM (15 y.o self-taught dev, 370+ lines so far)
https://www.reddit.com/r/lowlevel/comments/1mghva6/need_feedback_bootloader_long_mode_in_pure_nasm/
PyRIT – AI-Powered Reconnaissance for Cloud Red Teaming
https://www.darknet.org.uk/2025/08/pyrit/
I designed a constant-free cryptographic hash function where entropy fully emerges from the input: Kaoru Hash (public blueprint with code and spec)
https://www.reddit.com/r/netsec/comments/1mh1j25/i_designed_a_constantfree_cryptographic_hash/
Building Bigraphs of the real world
https://arxiv.org/abs/2508.00003
Reasoning under uncertainty in the game of Cops and Robbers
https://arxiv.org/abs/2508.00004
ReVise: A Human-AI Interface for Incremental Algorithmic Recourse
https://arxiv.org/abs/2508.00002
Modelling Program Spaces in Program Synthesis with Constraints
https://arxiv.org/abs/2508.00005
Agent Network Protocol Technical White Paper
https://arxiv.org/abs/2508.00007
Git Context Controller: Manage the Context of LLM-based Agents like Git
https://arxiv.org/abs/2508.00031
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Check Point Research
4th August – Threat Intelligence Report - Check Point Research
For the latest discoveries in cyber research for the week of 4th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Russia’s largest airline Aeroflot has been attacked by pro-Ukrainian hacktivist groups, resulting in severe…
Top Security News for Today
Panel to create roadmap for establishing US Cyber Force
https://therecord.media/panel-to-create-roadmap-cyber-force
First Sentencing in Scheme to Help North Koreans Infiltrate US Companies
https://www.schneier.com/blog/archives/2025/08/first-sentencing-in-scheme-to-help-north-koreans-infiltrate-us-companies.html
Sean Cairncross confirmed as national cyber director
https://therecord.media/sean-cairncross-confirmed-oncd
Hacked Crimean servers reveal information about abducted children, Ukraine says
https://therecord.media/hacked-crimean-servers-abducted-children
Microsoft Entra Suite delivers 131% ROI by unifying identity and network access
https://www.microsoft.com/en-us/security/blog/2025/08/04/microsoft-entra-suite-delivers-131-roi-by-unifying-identity-and-network-access/
Jury ‘sends a message’ on app privacy in ruling against Meta
https://therecord.media/jury-verdict-meta-flo-app-data-privacy-case
SonicWall urges customers to take VPN devices offline after ransomware campaign
https://therecord.media/sonicwall-possible-zero-day-gen-7-firewalls-ssl-vpn
Crypto ATMs fueling criminal activity, Treasury warns
https://therecord.media/crypto-atms-fueling-cybercrime
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Panel to create roadmap for establishing US Cyber Force
https://therecord.media/panel-to-create-roadmap-cyber-force
First Sentencing in Scheme to Help North Koreans Infiltrate US Companies
https://www.schneier.com/blog/archives/2025/08/first-sentencing-in-scheme-to-help-north-koreans-infiltrate-us-companies.html
Sean Cairncross confirmed as national cyber director
https://therecord.media/sean-cairncross-confirmed-oncd
Hacked Crimean servers reveal information about abducted children, Ukraine says
https://therecord.media/hacked-crimean-servers-abducted-children
Microsoft Entra Suite delivers 131% ROI by unifying identity and network access
https://www.microsoft.com/en-us/security/blog/2025/08/04/microsoft-entra-suite-delivers-131-roi-by-unifying-identity-and-network-access/
Jury ‘sends a message’ on app privacy in ruling against Meta
https://therecord.media/jury-verdict-meta-flo-app-data-privacy-case
SonicWall urges customers to take VPN devices offline after ransomware campaign
https://therecord.media/sonicwall-possible-zero-day-gen-7-firewalls-ssl-vpn
Crypto ATMs fueling criminal activity, Treasury warns
https://therecord.media/crypto-atms-fueling-cybercrime
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Panel to create roadmap for establishing US Cyber Force
The Commission on Cyber Force Generation will develop potential routes Congress and the White House could follow in creating a separate cyber service and aim to deliver them in time for next year’s must-pass national defense authorization act.
Top Security News for Today
Surveilling Your Children with AirTags
https://www.schneier.com/blog/archives/2025/08/surveilling_your_children_with_airtags.html
HTTP Request Smuggling Explained: with seasoned bug bounty hunter NahamSec and world-class researcher James Kettle
https://portswigger.net/blog/http-request-smuggling-explained-with-seasoned-bug-bounty-hunter-nahamsec-and-world-class-researcher-james-kettle
3 Custom VT-x Hypervisors in C – EPT Cloaking, CPUID/MSR Spoofing & VMX Control
https://www.reddit.com/r/lowlevel/comments/1mi5txt/3_custom_vtx_hypervisors_in_c_ept_cloaking/
Dutch Caribbean islands respond to cyberattacks on courts, tax departments
https://therecord.media/aruba-curacao-governments-cyberattacks
CVE-2025-54136 – MCPoison Cursor IDE: Persistent Code Execution via MCP Trust Bypass
https://research.checkpoint.com/2025/cursor-vulnerability-mcpoison/
Taiwan’s TSMC fires engineers over suspected theft of semiconductor secrets
https://therecord.media/tsmc-fires-engineers-over-semiconductor-secrets-theft
Vietnamese-speaking hackers appear to be running global data theft operation through Telegram
https://therecord.media/pxa-infostealer-telegram-bots-vietnamese-speaking-hackers
OdooMap - A Pentesting Tool for Odoo Applications
https://www.reddit.com/r/netsec/comments/1micsmu/odoomap_a_pentesting_tool_for_odoo_applications/
Elevate your protection with expanded Microsoft Defender Experts coverage
https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/elevate-your-protection-with-expanded-microsoft-defender-experts-coverage/4439134
Bipartisan Senate duo wants answers from UnitedHealth over Episource data breach
https://therecord.media/episource-data-breach-questions-senators-cassidy-hassan
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Surveilling Your Children with AirTags
https://www.schneier.com/blog/archives/2025/08/surveilling_your_children_with_airtags.html
HTTP Request Smuggling Explained: with seasoned bug bounty hunter NahamSec and world-class researcher James Kettle
https://portswigger.net/blog/http-request-smuggling-explained-with-seasoned-bug-bounty-hunter-nahamsec-and-world-class-researcher-james-kettle
3 Custom VT-x Hypervisors in C – EPT Cloaking, CPUID/MSR Spoofing & VMX Control
https://www.reddit.com/r/lowlevel/comments/1mi5txt/3_custom_vtx_hypervisors_in_c_ept_cloaking/
Dutch Caribbean islands respond to cyberattacks on courts, tax departments
https://therecord.media/aruba-curacao-governments-cyberattacks
CVE-2025-54136 – MCPoison Cursor IDE: Persistent Code Execution via MCP Trust Bypass
https://research.checkpoint.com/2025/cursor-vulnerability-mcpoison/
Taiwan’s TSMC fires engineers over suspected theft of semiconductor secrets
https://therecord.media/tsmc-fires-engineers-over-semiconductor-secrets-theft
Vietnamese-speaking hackers appear to be running global data theft operation through Telegram
https://therecord.media/pxa-infostealer-telegram-bots-vietnamese-speaking-hackers
OdooMap - A Pentesting Tool for Odoo Applications
https://www.reddit.com/r/netsec/comments/1micsmu/odoomap_a_pentesting_tool_for_odoo_applications/
Elevate your protection with expanded Microsoft Defender Experts coverage
https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/elevate-your-protection-with-expanded-microsoft-defender-experts-coverage/4439134
Bipartisan Senate duo wants answers from UnitedHealth over Episource data breach
https://therecord.media/episource-data-breach-questions-senators-cassidy-hassan
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
Driver of destruction: How a legitimate driver is being used to take down AV processes
https://securelist.com/av-killer-exploiting-throttlestop-sys/117026/
Who Got Arrested in the Raid on the XSS Crime Forum?
https://krebsonsecurity.com/2025/08/who-got-arrested-in-the-raid-on-the-xss-crime-forum/
British intelligence warns cyber threat to critical infrastructure is increasing
https://therecord.media/british-intel-cyber-threat-infrastructure
Hackers using fake summonses in attacks on Ukraine's defense sector
https://therecord.media/hackers-using-fake-summonses-ukraine
Ransomware-as-a-Service Economy – Trends, Targets & Takedowns
https://www.darknet.org.uk/2025/08/ransomware-as-a-service-economy-trends-targets-takedowns/
Sharing practical guidance: Launching Microsoft Secure Future Initiative (SFI) patterns and practices
https://www.microsoft.com/en-us/security/blog/2025/08/06/sharing-practical-guidance-launching-microsoft-secure-future-initiative-sfi-patterns-and-practices/
Tornado Cash cofounder dodges money laundering conviction, found guilty of lesser charge
https://therecord.media/tornado-cash-money-laundering-conviction
Strong regulation can nudge automakers to improve customers’ privacy, research suggests
https://therecord.media/automakers-data-privacy-ratings-websites-customer-portals
HTTP/1.1 Must Die: What This Means for AppSec Leadership
https://portswigger.net/blog/http-1-1-must-die-what-this-means-for-appsec-leadership
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Driver of destruction: How a legitimate driver is being used to take down AV processes
https://securelist.com/av-killer-exploiting-throttlestop-sys/117026/
Who Got Arrested in the Raid on the XSS Crime Forum?
https://krebsonsecurity.com/2025/08/who-got-arrested-in-the-raid-on-the-xss-crime-forum/
British intelligence warns cyber threat to critical infrastructure is increasing
https://therecord.media/british-intel-cyber-threat-infrastructure
Hackers using fake summonses in attacks on Ukraine's defense sector
https://therecord.media/hackers-using-fake-summonses-ukraine
Ransomware-as-a-Service Economy – Trends, Targets & Takedowns
https://www.darknet.org.uk/2025/08/ransomware-as-a-service-economy-trends-targets-takedowns/
Sharing practical guidance: Launching Microsoft Secure Future Initiative (SFI) patterns and practices
https://www.microsoft.com/en-us/security/blog/2025/08/06/sharing-practical-guidance-launching-microsoft-secure-future-initiative-sfi-patterns-and-practices/
Tornado Cash cofounder dodges money laundering conviction, found guilty of lesser charge
https://therecord.media/tornado-cash-money-laundering-conviction
Strong regulation can nudge automakers to improve customers’ privacy, research suggests
https://therecord.media/automakers-data-privacy-ratings-websites-customer-portals
HTTP/1.1 Must Die: What This Means for AppSec Leadership
https://portswigger.net/blog/http-1-1-must-die-what-this-means-for-appsec-leadership
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
China Accuses Nvidia of Putting Backdoors into Their Chips
https://www.schneier.com/blog/archives/2025/08/china-accuses-nvidia-of-putting-backdoors-into-their-chips.html
Cyberattack hits France’s third-largest mobile operator, millions of customers affected
https://therecord.media/bouygues-telecom-france-cyberattack-data-breach
CISA, Microsoft issue alerts on ‘high-severity’ Exchange vulnerability
https://therecord.media/microsoft-exchange-server-vulnerability-cisa-alert
Building a Cyber-Aware Workforce: Mexico's Push for Security Training
https://www.tripwire.com/state-of-security/building-cyber-aware-workforce-mexicos-push-security-training
Cracking the Vault: how we found zero-day flaws in authentication, identity, and authorization in HashiCorp Vault
https://www.reddit.com/r/netsec/comments/1mjzm7g/cracking_the_vault_how_we_found_zeroday_flaws_in/
Announcing public preview: Phishing triage agent in Microsoft Defender
https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/announcing-public-preview-phishing-triage-agent-in-microsoft-defender/4438301
We replaced passwords with something worse
https://www.reddit.com/r/netsec/comments/1mk9qsy/we_replaced_passwords_with_something_worse/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
China Accuses Nvidia of Putting Backdoors into Their Chips
https://www.schneier.com/blog/archives/2025/08/china-accuses-nvidia-of-putting-backdoors-into-their-chips.html
Cyberattack hits France’s third-largest mobile operator, millions of customers affected
https://therecord.media/bouygues-telecom-france-cyberattack-data-breach
CISA, Microsoft issue alerts on ‘high-severity’ Exchange vulnerability
https://therecord.media/microsoft-exchange-server-vulnerability-cisa-alert
Building a Cyber-Aware Workforce: Mexico's Push for Security Training
https://www.tripwire.com/state-of-security/building-cyber-aware-workforce-mexicos-push-security-training
Cracking the Vault: how we found zero-day flaws in authentication, identity, and authorization in HashiCorp Vault
https://www.reddit.com/r/netsec/comments/1mjzm7g/cracking_the_vault_how_we_found_zeroday_flaws_in/
Announcing public preview: Phishing triage agent in Microsoft Defender
https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/announcing-public-preview-phishing-triage-agent-in-microsoft-defender/4438301
We replaced passwords with something worse
https://www.reddit.com/r/netsec/comments/1mk9qsy/we_replaced_passwords_with_something_worse/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
China Accuses Nvidia of Putting Backdoors into Their Chips - Schneier on Security
The government of China has accused Nvidia of inserting a backdoor into their H20 chips: China’s cyber regulator on Thursday said it had held a meeting with Nvidia over what it called “serious security issues” with the company’s artificial intelligence chips.…
Top Security News for Today
CISA pledges to continue backing CVE Program after April funding fiasco
https://therecord.media/cisa-pledges-support-cve-program-black-hat
Columbia University says hacker stole SSNs and other data of nearly 900,000
https://therecord.media/columbia-university-data-breach-cyberattack-notifications
North Korean cyber-espionage group ScarCruft adds ransomware in recent attack
https://therecord.media/scarcruft-north-korea-hackers-add-ransomware
Federal judiciary tightens digital security as it deals with ‘escalated cyberattacks’
https://therecord.media/federal-judiciary-tightens-digital-security-escalated-cyberattack
EU law to protect journalists from spyware takes effect
https://therecord.media/eu-law-to-protect-journalists-from-spyware-takes-effect
Embargo ransomware gang has handled at least $34 million in about a year, report says
https://therecord.media/embargo-ransomware-gang-blackcat-alphv-successor
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
CISA pledges to continue backing CVE Program after April funding fiasco
https://therecord.media/cisa-pledges-support-cve-program-black-hat
Columbia University says hacker stole SSNs and other data of nearly 900,000
https://therecord.media/columbia-university-data-breach-cyberattack-notifications
North Korean cyber-espionage group ScarCruft adds ransomware in recent attack
https://therecord.media/scarcruft-north-korea-hackers-add-ransomware
Federal judiciary tightens digital security as it deals with ‘escalated cyberattacks’
https://therecord.media/federal-judiciary-tightens-digital-security-escalated-cyberattack
EU law to protect journalists from spyware takes effect
https://therecord.media/eu-law-to-protect-journalists-from-spyware-takes-effect
Embargo ransomware gang has handled at least $34 million in about a year, report says
https://therecord.media/embargo-ransomware-gang-blackcat-alphv-successor
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
CISA pledges to continue backing CVE Program after April funding fiasco
Federal officials told an audience at the Black Hat conference that the Trump administration fully supports and wants to improve the CVE Program, which is heavily used to track and share cybersecurity vulnerabilities.
Top Security News for Today
Advancing Multi-Organ Disease Care: A Hierarchical Multi-Agent Reinforcement Learning Framework
https://arxiv.org/abs/2409.04224
Vulnerability Management Program - How to implement SLA and its processes
https://www.reddit.com/r/netsec/comments/1mls6sj/vulnerability_management_program_how_to_implement/
Pentest Trick: Out of sight, out of mind with Windows Long File Names
https://www.reddit.com/r/netsec/comments/1mm72n1/pentest_trick_out_of_sight_out_of_mind_with/
OMEN Improvements
https://reusablesec.blogspot.com/2025/08/omen-improvements.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Advancing Multi-Organ Disease Care: A Hierarchical Multi-Agent Reinforcement Learning Framework
https://arxiv.org/abs/2409.04224
Vulnerability Management Program - How to implement SLA and its processes
https://www.reddit.com/r/netsec/comments/1mls6sj/vulnerability_management_program_how_to_implement/
Pentest Trick: Out of sight, out of mind with Windows Long File Names
https://www.reddit.com/r/netsec/comments/1mm72n1/pentest_trick_out_of_sight_out_of_mind_with/
OMEN Improvements
https://reusablesec.blogspot.com/2025/08/omen-improvements.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
Advancing Multi-Organ Disease Care: A Hierarchical Multi-Agent...
In healthcare, multi-organ system diseases pose unique and significant challenges as they impact multiple physiological systems concurrently, demanding complex and coordinated treatment...
Top Security News for Today
XSSHunter Express – Self-Hosted Blind XSS Payload Capture and Analysis
https://www.darknet.org.uk/2025/08/xsshunter-express-self-hosted-blind-xss-payload-capture-and-analysis/
Next-Level Fingerprinting: Tools, Logic, and Tactics
https://bishopfox.com/blog/next-level-fingerprinting-tools-logic-and-tactics
Automated Visualization Makeovers with LLMs
https://arxiv.org/abs/2508.05637
Request-Only Optimization for Recommendation Systems
https://arxiv.org/abs/2508.05640
A Humanoid Social Robot as a Teaching Assistant in the Classroom
https://arxiv.org/abs/2508.05646
Query-Aware Graph Neural Networks for Enhanced Retrieval-Augmented Generation
https://arxiv.org/abs/2508.05647
AquiLLM: a RAG Tool for Capturing Tacit Knowledge in Research Groups
https://arxiv.org/abs/2508.05648
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
XSSHunter Express – Self-Hosted Blind XSS Payload Capture and Analysis
https://www.darknet.org.uk/2025/08/xsshunter-express-self-hosted-blind-xss-payload-capture-and-analysis/
Next-Level Fingerprinting: Tools, Logic, and Tactics
https://bishopfox.com/blog/next-level-fingerprinting-tools-logic-and-tactics
Automated Visualization Makeovers with LLMs
https://arxiv.org/abs/2508.05637
Request-Only Optimization for Recommendation Systems
https://arxiv.org/abs/2508.05640
A Humanoid Social Robot as a Teaching Assistant in the Classroom
https://arxiv.org/abs/2508.05646
Query-Aware Graph Neural Networks for Enhanced Retrieval-Augmented Generation
https://arxiv.org/abs/2508.05647
AquiLLM: a RAG Tool for Capturing Tacit Knowledge in Research Groups
https://arxiv.org/abs/2508.05648
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Darknet - Hacking Tools, Hacker News & Cyber Security
xsshunter-express - Self-Hosted Blind XSS Payload Capture and Analysis
Self-hosted blind XSS hunter via Docker. Deploy xsshunter‑express in five minutes to capture stealthy XSS payloads with screenshots, DOM dumps, and full context.
Top Security News for Today
Automatic License Plate Readers Are Coming to Schools
https://www.schneier.com/blog/archives/2025/08/automatic-license-plate-readers-are-coming-to-schools.html
Building an Autonomous AI Pentester: What Worked, What Didn’t, and Why It Matters
https://www.reddit.com/r/netsec/comments/1mnaugi/building_an_autonomous_ai_pentester_what_worked/
11th August – Threat Intelligence Report
https://research.checkpoint.com/2025/11th-august-threat-intelligence-report/
Wikipedia’s operator loses challenge to UK Online Safety Act rules
https://therecord.media/wikipedia-loses-challenge-online-safety-act-uk
Finland charges captain of suspected Russian ‘shadow fleet’ tanker for subsea cable damage
https://therecord.media/finland-charges-captain-russia-ghost-fleet-undersea-cable
Two groups exploit WinRAR flaws in separate cyber-espionage campaigns
https://therecord.media/winrar-zero-day-exploited-romcom-paper-werewolf-goffee-hackers
Romance scam suspects extradited from Ghana, charged with more than $100 million in thefts
https://therecord.media/ghana-romance-scams-bec-suspects-extradited-us
Ransomware gang claims attack on St. Paul city government
https://therecord.media/ransomware-gang-behind-minnesota-attack
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Automatic License Plate Readers Are Coming to Schools
https://www.schneier.com/blog/archives/2025/08/automatic-license-plate-readers-are-coming-to-schools.html
Building an Autonomous AI Pentester: What Worked, What Didn’t, and Why It Matters
https://www.reddit.com/r/netsec/comments/1mnaugi/building_an_autonomous_ai_pentester_what_worked/
11th August – Threat Intelligence Report
https://research.checkpoint.com/2025/11th-august-threat-intelligence-report/
Wikipedia’s operator loses challenge to UK Online Safety Act rules
https://therecord.media/wikipedia-loses-challenge-online-safety-act-uk
Finland charges captain of suspected Russian ‘shadow fleet’ tanker for subsea cable damage
https://therecord.media/finland-charges-captain-russia-ghost-fleet-undersea-cable
Two groups exploit WinRAR flaws in separate cyber-espionage campaigns
https://therecord.media/winrar-zero-day-exploited-romcom-paper-werewolf-goffee-hackers
Romance scam suspects extradited from Ghana, charged with more than $100 million in thefts
https://therecord.media/ghana-romance-scams-bec-suspects-extradited-us
Ransomware gang claims attack on St. Paul city government
https://therecord.media/ransomware-gang-behind-minnesota-attack
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Automatic License Plate Readers Are Coming to Schools - Schneier on Security
Fears around children is opening up a new market for automatic license place readers.
Top Security News for Today
New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises
https://www.trendmicro.com/en_us/research/25/h/new-ransomware-charon.html
The “Incriminating Video” Scam
https://www.schneier.com/blog/archives/2025/08/the-incriminating-video-scam.html
Second ransomware attack in two months disrupts South Korean ticketing giant
https://therecord.media/yes24-second-ransomware-attack-kpop-ticketing-affected
Two Pwnie Awards, One Crucial Lesson: What Our OpenSSH Research Reveals About Cyber Defense in 2025
https://blog.qualys.com/qualys-insights/2025/08/12/two-pwnie-awards-one-crucial-lesson-what-our-openssh-research-reveals-about-cyber-defense-in-2025
New Charon ransomware targets Middle East public sector, aviation firms
https://therecord.media/charon-ransomware-targeting-middle-east-aviation
DEF CON volunteers step up to help water sector after China, Iran attack utilities
https://therecord.media/def-con-franklin-water-utility-cybersecurity-volunteers
Dow’s 125-year legacy: Innovating with AI to secure a long future
https://www.microsoft.com/en-us/security/blog/2025/08/12/dows-125-year-legacy-innovating-with-ai-to-secure-a-long-future/
Zero Click, One NTLM: Microsoft Security Patch Bypass (CVE-2025-50154)
https://www.reddit.com/r/netsec/comments/1mof7r5/zero_click_one_ntlm_microsoft_security_patch/
Microsoft and Adobe Patch Tuesday, August 2025 Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/08/12/microsoft-and-adobe-patch-tuesday-august-2025-security-update-review
Microsoft Patch Tuesday, August 2025 Edition
https://krebsonsecurity.com/2025/08/microsoft-patch-tuesday-august-2025-edition/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises
https://www.trendmicro.com/en_us/research/25/h/new-ransomware-charon.html
The “Incriminating Video” Scam
https://www.schneier.com/blog/archives/2025/08/the-incriminating-video-scam.html
Second ransomware attack in two months disrupts South Korean ticketing giant
https://therecord.media/yes24-second-ransomware-attack-kpop-ticketing-affected
Two Pwnie Awards, One Crucial Lesson: What Our OpenSSH Research Reveals About Cyber Defense in 2025
https://blog.qualys.com/qualys-insights/2025/08/12/two-pwnie-awards-one-crucial-lesson-what-our-openssh-research-reveals-about-cyber-defense-in-2025
New Charon ransomware targets Middle East public sector, aviation firms
https://therecord.media/charon-ransomware-targeting-middle-east-aviation
DEF CON volunteers step up to help water sector after China, Iran attack utilities
https://therecord.media/def-con-franklin-water-utility-cybersecurity-volunteers
Dow’s 125-year legacy: Innovating with AI to secure a long future
https://www.microsoft.com/en-us/security/blog/2025/08/12/dows-125-year-legacy-innovating-with-ai-to-secure-a-long-future/
Zero Click, One NTLM: Microsoft Security Patch Bypass (CVE-2025-50154)
https://www.reddit.com/r/netsec/comments/1mof7r5/zero_click_one_ntlm_microsoft_security_patch/
Microsoft and Adobe Patch Tuesday, August 2025 Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/08/12/microsoft-and-adobe-patch-tuesday-august-2025-security-update-review
Microsoft Patch Tuesday, August 2025 Edition
https://krebsonsecurity.com/2025/08/microsoft-patch-tuesday-august-2025-edition/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Trend Micro
New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises
We uncovered a campaign that makes use of Charon, a new ransomware family, and advanced APT-style techniques to target organizations with customized ransom demands.
Top Security News for Today
Alarm raised over 'high-severity' vulnerabilities in Matrix messaging protocol
https://therecord.media/matrix-messaging-protocol-high-severity-vulnerabilities
Pennsylvania attorney general says cyberattack knocked phone, email systems offline
https://therecord.media/pennsylvania-attorney-general-office-cyberattack
Estonians behind multimillion-dollar crypto fraud sentenced
https://therecord.media/estonians-behind-multimillion-dollar-crypto-fraud-sentenced
New York lawsuit against Zelle creator alleges features allowed $1 billion in thefts
https://therecord.media/zelle-lawsuit-new-york-state-scams-fraud
Curly threat actor found targeting sensitive organizations in Georgia, Moldova
https://therecord.media/curly-threat-actor-targeting-moldova
AI Applications in Cybersecurity
https://www.schneier.com/blog/archives/2025/08/ai-applications-in-cybersecurity.html
Best Kickass (KAT) Alternatives & Live Torrent Trackers in 2025 – Public, Private, and Legal Picks
https://www.darknet.org.uk/2025/08/best-kickass-alternatives-live-torrent-trackers-in-2025-public-private-and-legal-picks/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Alarm raised over 'high-severity' vulnerabilities in Matrix messaging protocol
https://therecord.media/matrix-messaging-protocol-high-severity-vulnerabilities
Pennsylvania attorney general says cyberattack knocked phone, email systems offline
https://therecord.media/pennsylvania-attorney-general-office-cyberattack
Estonians behind multimillion-dollar crypto fraud sentenced
https://therecord.media/estonians-behind-multimillion-dollar-crypto-fraud-sentenced
New York lawsuit against Zelle creator alleges features allowed $1 billion in thefts
https://therecord.media/zelle-lawsuit-new-york-state-scams-fraud
Curly threat actor found targeting sensitive organizations in Georgia, Moldova
https://therecord.media/curly-threat-actor-targeting-moldova
AI Applications in Cybersecurity
https://www.schneier.com/blog/archives/2025/08/ai-applications-in-cybersecurity.html
Best Kickass (KAT) Alternatives & Live Torrent Trackers in 2025 – Public, Private, and Legal Picks
https://www.darknet.org.uk/2025/08/best-kickass-alternatives-live-torrent-trackers-in-2025-public-private-and-legal-picks/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Alarm raised over 'high-severity' vulnerabilities in Matrix messaging protocol
An urgent patch has been released for two bugs affecting the Matrix messaging protocol used by some governments for secure communications.
Top Security News for Today
N/A
N/A
Taming Shadow IT: What Security Teams Can Do About Unapproved Apps and Extensions
https://www.tripwire.com/state-of-security/taming-shadow-it-what-security-teams-can-do-about-unapproved-apps-and-extensions
LLM Coding Integrity Breach
https://www.schneier.com/blog/archives/2025/08/llm-coding-integrity-breach.html
Tens of thousands of Italian hotel guests may be hit by cyber heist
https://therecord.media/italy-hotel-guests-possible-data-breach-ids
Russia curbs WhatsApp, Telegram calls to counter cybercrime
https://therecord.media/russia-restricts-voice-calls-whatsapp-telegram-cybercrime
Hackers reportedly compromise Canadian House of Commons through Microsoft vulnerability
https://therecord.media/hackers-compromise-canada-house-of-commons
FCC’s data breach reporting rules for telecoms are upheld in appeals court
https://therecord.media/fcc-data-breach-reporting-rule-held-up-appeals-court
Norway police believe pro-Russian hackers were behind April dam sabotage
https://therecord.media/norway-police-suspect-pro-russian-hackers-dam-sabotage
Turkish crypto exchange BTCTurk warns of security incident after $49 million leaves platform
https://therecord.media/turkish-crypto-exchange-warns-cyber-incident
US updates sanctions on Russian cryptocurrency exchange Garantex
https://therecord.media/treasury-department-renews-sanctions-garantex-grinex
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
N/A
N/A
Taming Shadow IT: What Security Teams Can Do About Unapproved Apps and Extensions
https://www.tripwire.com/state-of-security/taming-shadow-it-what-security-teams-can-do-about-unapproved-apps-and-extensions
LLM Coding Integrity Breach
https://www.schneier.com/blog/archives/2025/08/llm-coding-integrity-breach.html
Tens of thousands of Italian hotel guests may be hit by cyber heist
https://therecord.media/italy-hotel-guests-possible-data-breach-ids
Russia curbs WhatsApp, Telegram calls to counter cybercrime
https://therecord.media/russia-restricts-voice-calls-whatsapp-telegram-cybercrime
Hackers reportedly compromise Canadian House of Commons through Microsoft vulnerability
https://therecord.media/hackers-compromise-canada-house-of-commons
FCC’s data breach reporting rules for telecoms are upheld in appeals court
https://therecord.media/fcc-data-breach-reporting-rule-held-up-appeals-court
Norway police believe pro-Russian hackers were behind April dam sabotage
https://therecord.media/norway-police-suspect-pro-russian-hackers-dam-sabotage
Turkish crypto exchange BTCTurk warns of security incident after $49 million leaves platform
https://therecord.media/turkish-crypto-exchange-warns-cyber-incident
US updates sanctions on Russian cryptocurrency exchange Garantex
https://therecord.media/treasury-department-renews-sanctions-garantex-grinex
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
Taming Shadow IT: What Security Teams Can Do About Unapproved Apps and Extensions
Combat shadow IT risks with visibility, control, and governance. Learn how to manage unapproved apps, extensions, and AI tools effectively.
Top Security News for Today
Scammers turn to ‘ghost-tapping’ retail fraud to launder funds
https://therecord.media/scammers-ghost-tapping-retail-fraud-launder-cash
Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme
https://krebsonsecurity.com/2025/08/mobile-phishers-target-brokerage-accounts-in-ramp-and-dump-cashout-scheme/
UK telecom provider Colt says outages were due to cyber incident
https://therecord.media/uk-colt-outages-cyber-incident
Trojan Horses Embedded in .svg Files
https://www.schneier.com/blog/archives/2025/08/trojans-embedded-in-svg-files.html
Friday Squid Blogging: Squid-Shaped UFO Spotted Over Texas
https://www.schneier.com/blog/archives/2025/08/friday-squid-blogging-squid-shaped-ufo-spotted-over-texas.html
Vulnerability Discovery with LLM-Powered Patch Diffing
https://bishopfox.com/blog/vulnerability-discovery-with-llm-powered-patch-diffing
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Scammers turn to ‘ghost-tapping’ retail fraud to launder funds
https://therecord.media/scammers-ghost-tapping-retail-fraud-launder-cash
Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme
https://krebsonsecurity.com/2025/08/mobile-phishers-target-brokerage-accounts-in-ramp-and-dump-cashout-scheme/
UK telecom provider Colt says outages were due to cyber incident
https://therecord.media/uk-colt-outages-cyber-incident
Trojan Horses Embedded in .svg Files
https://www.schneier.com/blog/archives/2025/08/trojans-embedded-in-svg-files.html
Friday Squid Blogging: Squid-Shaped UFO Spotted Over Texas
https://www.schneier.com/blog/archives/2025/08/friday-squid-blogging-squid-shaped-ufo-spotted-over-texas.html
Vulnerability Discovery with LLM-Powered Patch Diffing
https://bishopfox.com/blog/vulnerability-discovery-with-llm-powered-patch-diffing
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Scammers turn to ‘ghost-tapping’ retail fraud to launder funds
A new report described how criminals use “ghost-tapping” — when stolen payment card details are uploaded onto a burner phone and used in-person to purchase goods.
Top Security News for Today
Securing Agentic AI: Threat Modeling and Risk Analysis for Network Monitoring Agentic AI System
https://arxiv.org/abs/2508.10043
Elastic EDR 0-day: Microsoft-signed driver can be weaponized to attack its own host
https://www.reddit.com/r/netsec/comments/1mryiha/elastic_edr_0day_microsoftsigned_driver_can_be/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securing Agentic AI: Threat Modeling and Risk Analysis for Network Monitoring Agentic AI System
https://arxiv.org/abs/2508.10043
Elastic EDR 0-day: Microsoft-signed driver can be weaponized to attack its own host
https://www.reddit.com/r/netsec/comments/1mryiha/elastic_edr_0day_microsoftsigned_driver_can_be/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
Securing Agentic AI: Threat Modeling and Risk Analysis for Network...
When combining Large Language Models (LLMs) with autonomous agents, used in network monitoring and decision-making systems, this will create serious security issues. In this research, the MAESTRO...
Top Security News for Today
How Exposed TeslaMate Instances Leak Sensitive Tesla Data
https://www.reddit.com/r/netsec/comments/1msre41/how_exposed_teslamate_instances_leak_sensitive/
How Exposed TeslaMate Instances Leak Sensitive Tesla Data
https://www.reddit.com/r/netsec/comments/1msrpi6/how_exposed_teslamate_instances_leak_sensitive/
LostMyPassword – Dual Use Password Recovery and Credential Dumping Tool
https://www.darknet.org.uk/2025/08/lostmypassword-dual-use-password-recovery-and-credential-dumping-tool/
Securing Agentic AI: Threat Modeling and Risk Analysis for Network Monitoring Agentic AI System
https://securelist.com/pipemagic/117270/
A Rose by Any Other Name Would Smell as Sweet: Categorical Homotopy Theory for Large Language Models
https://arxiv.org/abs/2508.10043
A2HCoder: An LLM-Driven Coding Agent for Hierarchical Algorithm-to-HDL Translation
https://arxiv.org/abs/2508.10903
PersonaTwin: A Multi-Tier Prompt Conditioning Framework for Generating and Evaluating Personalized Digital Twins
https://arxiv.org/abs/2508.10904
Uncovering Latent Connections in Indigenous Heritage: Semantic Pipelines for Cultural Preservation in Brazil
https://arxiv.org/abs/2508.10906
Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824
https://arxiv.org/abs/2508.10911
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How Exposed TeslaMate Instances Leak Sensitive Tesla Data
https://www.reddit.com/r/netsec/comments/1msre41/how_exposed_teslamate_instances_leak_sensitive/
How Exposed TeslaMate Instances Leak Sensitive Tesla Data
https://www.reddit.com/r/netsec/comments/1msrpi6/how_exposed_teslamate_instances_leak_sensitive/
LostMyPassword – Dual Use Password Recovery and Credential Dumping Tool
https://www.darknet.org.uk/2025/08/lostmypassword-dual-use-password-recovery-and-credential-dumping-tool/
Securing Agentic AI: Threat Modeling and Risk Analysis for Network Monitoring Agentic AI System
https://securelist.com/pipemagic/117270/
A Rose by Any Other Name Would Smell as Sweet: Categorical Homotopy Theory for Large Language Models
https://arxiv.org/abs/2508.10043
A2HCoder: An LLM-Driven Coding Agent for Hierarchical Algorithm-to-HDL Translation
https://arxiv.org/abs/2508.10903
PersonaTwin: A Multi-Tier Prompt Conditioning Framework for Generating and Evaluating Personalized Digital Twins
https://arxiv.org/abs/2508.10904
Uncovering Latent Connections in Indigenous Heritage: Semantic Pipelines for Cultural Preservation in Brazil
https://arxiv.org/abs/2508.10906
Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824
https://arxiv.org/abs/2508.10911
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: How Exposed TeslaMate Instances Leak Sensitive Tesla Data
Explore this post and more from the netsec community
Top Security News for Today
Plagued by Cyberattacks: Indian Healthcare Sector in Critical Condition
https://www.tripwire.com/state-of-security/plagued-cyberattacks-indian-healthcare-sector-critical-condition
Eavesdropping on Phone Conversations Through Vibrations
https://www.schneier.com/blog/archives/2025/08/eavesdropping-on-phone-conversations-through-vibrations.html
Workday hit by social engineering data breach targeting its CRM platform
https://therecord.media/workday-social-engineering-data-breach
Intel Outside: Hacking every Intel employee and various internal websites
https://www.reddit.com/r/netsec/comments/1mtnqme/intel_outside_hacking_every_intel_employee_and/
Cryptomining group Kinsing expands operations to Russia, researchers warn
https://therecord.media/cryptomining-group-kinsing-hits-russia
“Vibe Hacking”: Abusing Developer Trust in Cursor and VS Code Remote Development
https://www.reddit.com/r/netsec/comments/1mtpvuu/vibe_hacking_abusing_developer_trust_in_cursor/
Casino gaming company Bragg says hackers accessed ‘internal computer environment’
https://therecord.media/casino-gaming-company-cyber-incident-bragg
Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app: Microsoft
https://therecord.media/ransomware-gang-masking-pipemagic-backdoor
Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
https://www.microsoft.com/en-us/security/blog/2025/08/18/dissecting-pipemagic-inside-the-architecture-of-a-modular-backdoor-framework/
CTF stats, mobile wallet attacks & magstripe demos – Payment Village @ DEF CON 33
https://www.reddit.com/r/netsec/comments/1mtw68x/ctf_stats_mobile_wallet_attacks_magstripe_demos/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Plagued by Cyberattacks: Indian Healthcare Sector in Critical Condition
https://www.tripwire.com/state-of-security/plagued-cyberattacks-indian-healthcare-sector-critical-condition
Eavesdropping on Phone Conversations Through Vibrations
https://www.schneier.com/blog/archives/2025/08/eavesdropping-on-phone-conversations-through-vibrations.html
Workday hit by social engineering data breach targeting its CRM platform
https://therecord.media/workday-social-engineering-data-breach
Intel Outside: Hacking every Intel employee and various internal websites
https://www.reddit.com/r/netsec/comments/1mtnqme/intel_outside_hacking_every_intel_employee_and/
Cryptomining group Kinsing expands operations to Russia, researchers warn
https://therecord.media/cryptomining-group-kinsing-hits-russia
“Vibe Hacking”: Abusing Developer Trust in Cursor and VS Code Remote Development
https://www.reddit.com/r/netsec/comments/1mtpvuu/vibe_hacking_abusing_developer_trust_in_cursor/
Casino gaming company Bragg says hackers accessed ‘internal computer environment’
https://therecord.media/casino-gaming-company-cyber-incident-bragg
Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app: Microsoft
https://therecord.media/ransomware-gang-masking-pipemagic-backdoor
Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
https://www.microsoft.com/en-us/security/blog/2025/08/18/dissecting-pipemagic-inside-the-architecture-of-a-modular-backdoor-framework/
CTF stats, mobile wallet attacks & magstripe demos – Payment Village @ DEF CON 33
https://www.reddit.com/r/netsec/comments/1mtw68x/ctf_stats_mobile_wallet_attacks_magstripe_demos/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
Plagued by Cyberattacks: Indian Healthcare Sector in Critical Condition
India’s healthcare sector faces 8,600+ weekly cyberattacks. Explore the risks, real-world impact, and defense strategies.
Top Security News for Today
GodRAT – New RAT targeting financial institutions
https://securelist.com/godrat/117119/
Zero-Day Exploit in WinRAR File
https://www.schneier.com/blog/archives/2025/08/zero-day-exploit-in-winrar-file.html
UK ‘agrees to drop’ demand over Apple iCloud encryption
https://therecord.media/uk-agrees-drop-apple-encryption
Drug development company Inotiv reports ransomware attack to SEC
https://therecord.media/drug-development-innotiv-ransomware-sec
North Korea-linked hackers target embassies in Seoul in new espionage campaign
https://therecord.media/north-korean-hackers-target-foreign-embassies
Business Council of New York State says nearly 50,000 had data leaked in February cyberattack
https://therecord.media/new-york-business-council-data-breach
How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories
https://www.reddit.com/r/netsec/comments/1mumb6z/how_we_exploited_coderabbit_from_a_simple_pr_to/
Trivial C# Random Exploitation
https://www.reddit.com/r/netsec/comments/1muf1om/trivial_c_random_exploitation/
Oregon Man Charged in ‘Rapper Bot’ DDoS Service
https://krebsonsecurity.com/2025/08/oregon-man-charged-in-rapper-bot-ddos-service/
Darknet Communications in 2025 – From IRC Forums to Telegram Crime Networks
https://www.darknet.org.uk/2025/08/darknet-communications-in-2025-from-irc-forums-to-telegram-crime-networks/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
GodRAT – New RAT targeting financial institutions
https://securelist.com/godrat/117119/
Zero-Day Exploit in WinRAR File
https://www.schneier.com/blog/archives/2025/08/zero-day-exploit-in-winrar-file.html
UK ‘agrees to drop’ demand over Apple iCloud encryption
https://therecord.media/uk-agrees-drop-apple-encryption
Drug development company Inotiv reports ransomware attack to SEC
https://therecord.media/drug-development-innotiv-ransomware-sec
North Korea-linked hackers target embassies in Seoul in new espionage campaign
https://therecord.media/north-korean-hackers-target-foreign-embassies
Business Council of New York State says nearly 50,000 had data leaked in February cyberattack
https://therecord.media/new-york-business-council-data-breach
How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories
https://www.reddit.com/r/netsec/comments/1mumb6z/how_we_exploited_coderabbit_from_a_simple_pr_to/
Trivial C# Random Exploitation
https://www.reddit.com/r/netsec/comments/1muf1om/trivial_c_random_exploitation/
Oregon Man Charged in ‘Rapper Bot’ DDoS Service
https://krebsonsecurity.com/2025/08/oregon-man-charged-in-rapper-bot-ddos-service/
Darknet Communications in 2025 – From IRC Forums to Telegram Crime Networks
https://www.darknet.org.uk/2025/08/darknet-communications-in-2025-from-irc-forums-to-telegram-crime-networks/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
Guess Who Would Be Stupid Enough To Rob The Same Vault Twice? Pre-Auth RCE Chains in Commvault - watchTowr Labs
https://arxiv.org/abs/2508.13214
Subverting AIOps Systems Through Poisoned Input Data
https://www.schneier.com/blog/archives/2025/08/subverting-aiops-systems-through-poisoned-input-data.html
NATO's Cybersecurity Spending Proposals’ Impact on the Industry
https://www.tripwire.com/state-of-security/natos-cybersecurity-spending-proposals-impact-industry
At least three UK organizations hit by SharePoint zero-day hacking campaign
https://therecord.media/organizations-united-kingdom/sharepoint
Major Belgian telecom firm says cyberattack compromised data on 850,000 accounts
https://therecord.media/belgian-telecom-says-cyberattack-compromised-data-on-850000
Russian investment platform confirms cyberattack by pro-Ukraine hackers
https://therecord.media/russia-cyberattack-investment-platform-ukraine
Feds charge administrator of ‘sophisticated’ DDoS-for-hire botnet
https://therecord.media/feds-charge-botnet-admin
Engineered to Fail: The DNA of Negligent Defenses Operations
https://www.reddit.com/r/netsec/comments/1mvijcg/engineered_to_fail_the_dna_of_negligent_defenses/
Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware
https://www.trendmicro.com/en_us/research/25/h/warlock-ransomware.html
Google Unveils Enhanced Tools to Empower Defenders and Safeguard AI Progress
https://www.reddit.com/r/netsec/comments/1mvpbds/google_unveils_enhanced_tools_to_empower/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Guess Who Would Be Stupid Enough To Rob The Same Vault Twice? Pre-Auth RCE Chains in Commvault - watchTowr Labs
https://arxiv.org/abs/2508.13214
Subverting AIOps Systems Through Poisoned Input Data
https://www.schneier.com/blog/archives/2025/08/subverting-aiops-systems-through-poisoned-input-data.html
NATO's Cybersecurity Spending Proposals’ Impact on the Industry
https://www.tripwire.com/state-of-security/natos-cybersecurity-spending-proposals-impact-industry
At least three UK organizations hit by SharePoint zero-day hacking campaign
https://therecord.media/organizations-united-kingdom/sharepoint
Major Belgian telecom firm says cyberattack compromised data on 850,000 accounts
https://therecord.media/belgian-telecom-says-cyberattack-compromised-data-on-850000
Russian investment platform confirms cyberattack by pro-Ukraine hackers
https://therecord.media/russia-cyberattack-investment-platform-ukraine
Feds charge administrator of ‘sophisticated’ DDoS-for-hire botnet
https://therecord.media/feds-charge-botnet-admin
Engineered to Fail: The DNA of Negligent Defenses Operations
https://www.reddit.com/r/netsec/comments/1mvijcg/engineered_to_fail_the_dna_of_negligent_defenses/
Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware
https://www.trendmicro.com/en_us/research/25/h/warlock-ransomware.html
Google Unveils Enhanced Tools to Empower Defenders and Safeguard AI Progress
https://www.reddit.com/r/netsec/comments/1mvpbds/google_unveils_enhanced_tools_to_empower/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
Too Easily Fooled? Prompt Injection Breaks LLMs on Frustratingly...
Large Language Models (LLMs) have recently demonstrated strong emergent abilities in complex reasoning and zero-shot generalization, showing unprecedented potential for LLM-as-a-judge applications...