WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices
Sat, 30 Aug 2025 10:06:00 +0530
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks.
The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal researchers on the
https://thehackernews.com/2025/08/whatsapp-issues-emergency-update-for.html
Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution
Fri, 29 Aug 2025 22:52:00 +0530
Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution.
The flaws, per watchTowr Labs, are listed below –
CVE-2025-53693 – HTML cache poisoning through unsafe reflections
CVE-2025-53691 – Remote code execution (RCE) through insecure deserialization
CVE-2025-53694 –
https://thehackernews.com/2025/08/researchers-warn-of-sitecore-exploit.html
Webinar: Learn How to Unite Dev, Sec, and Ops Teams With One Shared Playbook
Fri, 29 Aug 2025 21:12:00 +0530
Picture this: Your team rolls out some new code, thinking everything’s fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs millions.
Scary, right? In 2025, the average data breach hits businesses with a whopping $4.44 million bill globally. And guess what? A big
https://thehackernews.com/2025/08/webinar-why-top-teams-are-prioritizing.html
In Other News: Iranian Ships Hacked, Verified Android Developers, AI Used in Attacks
Fri, 29 Aug 2025 14:26:07 +0000
Noteworthy stories that might have slipped under the radar: communications of dozens of Iranian ships disrupted, only apps from verified developers will run on Android devices, and AI used across multiple phases of malicious attacks.
The post In Other News: Iranian Ships Hacked, Verified Android Developers, AI Used in Attacks appeared first on SecurityWeek.
https://www.securityweek.com/in-other-news-iranian-ships-hacked-verified-android-developers-ai-used-in-attacks/
VerifTools Fake ID Operation Dismantled by Law Enforcement
Fri, 29 Aug 2025 14:18:29 +0000
Authorities say VerifTools sold fake driver’s licenses and passports worldwide, enabling fraudsters to bypass KYC checks and access online accounts.
The post VerifTools Fake ID Operation Dismantled by Law Enforcement appeared first on SecurityWeek.
https://www.securityweek.com/veriftools-fake-id-operation-dismantled-by-law-enforcement/
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Fri, 29 Aug 2025 18:52:00 +0530
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts.
The campaign used “compromised websites to redirect visitors to malicious infrastructure designed to trick users into authorizing attacker-controlled devices through Microsoft’s device code
https://thehackernews.com/2025/08/amazon-disrupts-apt29-watering-hole.html
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
Fri, 29 Aug 2025 18:42:00 +0530
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia.
“Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage or login
https://thehackernews.com/2025/08/abandoned-sogou-zhuyin-update-server.html
Google Confirms Workspace Accounts Also Hit in Salesforce–Salesloft Drift Data Theft Campaign
Fri, 29 Aug 2025 12:40:57 +0000
Google says the same OAuth token compromise that enabled Salesforce data theft also let hackers access a small number of Workspace accounts via the Salesloft Drift integration.
The post Google Confirms Workspace Accounts Also Hit in Salesforce–Salesloft Drift Data Theft Campaign appeared first on SecurityWeek.
https://www.securityweek.com/google-confirms-workspace-accounts-also-hit-in-salesforce-salesloft-drift-data-theft-campaign/
TransUnion Data Breach Impacts 4.4 Million
Fri, 29 Aug 2025 12:36:02 +0000
The credit reporting firm did not name the third-party application involved in the incident, only noting that it was used for its US consumer support operations.
The post TransUnion Data Breach Impacts 4.4 Million appeared first on SecurityWeek.
https://www.securityweek.com/transunion-data-breach-impacts-4-4-million/
Nevada Confirms Ransomware Attack Behind Statewide Service Disruptions
Fri, 29 Aug 2025 12:28:45 +0000
State officials confirm ransomware forced office closures, disrupted services, and led to data theft, as Nevada works with CISA and law enforcement to restore critical systems.
The post Nevada Confirms Ransomware Attack Behind Statewide Service Disruptions appeared first on SecurityWeek.
https://www.securityweek.com/nevada-confirms-ransomware-attack-behind-statewide-service-disruptions/
US Sanctions Russian National, Chinese Firm Aiding North Korean IT Workers
Fri, 29 Aug 2025 12:17:52 +0000
US Treasury sanctions Russian and Chinese entities tied to North Korea’s use of fake IT workers, who exploited stolen identities, AI, and malware to funnel millions back to Pyongyang.
The post US Sanctions Russian National, Chinese Firm Aiding North Korean IT Workers appeared first on SecurityWeek.
https://www.securityweek.com/us-sanctions-russian-national-chinese-firm-aiding-north-korean-it-workers/
Ransomware Group Exploits Hybrid Cloud Gaps, Gains Full Azure Control in Enterprise Attacks
Fri, 29 Aug 2025 12:10:40 +0000
Storm-0501 has been leveraging cloud-native capabilities for data exfiltration and deletion, without deploying file-encrypting malware.
The post Ransomware Group Exploits Hybrid Cloud Gaps, Gains Full Azure Control in Enterprise Attacks appeared first on SecurityWeek.
https://www.securityweek.com/ransomware-group-exploits-hybrid-cloud-gaps-gains-full-azure-control-in-enterprise-attacks/
Can Your Security Stack See ChatGPT? Why Network Visibility Matters
Fri, 29 Aug 2025 16:00:00 +0530
Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions improve efficiency across tasks, they also present new data leak prevention for generative AI challenges. Sensitive information may be shared through chat prompts, files uploaded for AI-driven summarization, or browser plugins that bypass familiar security controls.
https://thehackernews.com/2025/08/can-your-security-stack-see-chatgpt-why.html
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Fri, 29 Aug 2025 15:28:00 +0530
Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software.
The high-severity issue, which is yet to be assigned a CVE identifier, has been addressed in Passwordstate 9.9 (Build 9972), released August 28, 2025.
The Australian company said it fixed a ”
https://thehackernews.com/2025/08/click-studios-patches-passwordstate.html
FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available
Fri, 29 Aug 2025 15:14:00 +0530
The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to the public internet.
FreePBX is an open-source private branch exchange (PBX) platform widely used by businesses, call centers, and service providers to manage voice communications. It’s built on top
https://thehackernews.com/2025/08/freepbx-servers-targeted-by-zero-day.html
Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain
Fri, 29 Aug 2025 14:35:00 +0530
Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called VerifTools that peddled fraudulent identity documents to cybercriminals across the world.
To that end, two marketplace domains (verif[.]tools and veriftools[.]net) and one blog have been taken down, redirecting site visitors to a splash page stating the action was undertaken by
https://thehackernews.com/2025/08/feds-seize-64m-veriftools-fake-id.html
Google Warns Salesloft Drift Breach Impacts All Drift Integrations Beyond Salesforce
Fri, 29 Aug 2025 12:54:00 +0530
Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than previously thought, stating it impacts all integrations.
“We now advise all Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised,” Google Threat Intelligence Group (GTIG) and
https://thehackernews.com/2025/08/google-warns-salesloft-oauth-breach.html
China’s Salt Typhoon Hacked Critical Infrastructure Globally for Years
Thu, 28 Aug 2025 13:56:14 +0000
China-linked APT ‘Salt Typhoon’ exploited known router flaws to maintain persistent access across telecom, government, and military networks, giving Beijing’s intelligence services global surveillance reach.
The post China’s Salt Typhoon Hacked Critical Infrastructure Globally for Years appeared first on SecurityWeek.
https://www.securityweek.com/chinas-salt-typhoon-hacked-critical-infrastructure-globally-for-years/
CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry
Thu, 28 Aug 2025 12:02:04 +0000
CrowdStrike says the acquisition will bring valuable technology to enhance its Falcon Next-Gen SIEM.
The post CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry appeared first on SecurityWeek.
https://www.securityweek.com/crowdstrike-to-acquire-onum-to-fuel-falcon-next-gen-siem-with-real-time-telemetry/
Webinar Today: Ransomware Defense That Meets Evolving Compliance Mandates
Thu, 28 Aug 2025 11:05:58 +0000
Join this live discussion to learn how organizations can strengthen ransomware defenses while staying ahead of tightening compliance requirements.
The post Webinar Today: Ransomware Defense That Meets Evolving Compliance Mandates appeared first on SecurityWeek.
https://www.securityweek.com/webinar-today-ransomware-defense-that-meets-evolving-compliance-mandates/