Black Arrow Cyber Threat Intelligence Briefing 08 August 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
This week, we start with insights into the evolving tactics of attackers. A study has shown how AI can plan and execute complex cyber attacks without human intervention, while other attackers are using stolen credentials and vulnerabilities to gain access to managed service providers. Social engineering attacks have surged over the past year, with attackers able to access their target’s corporate systems within 5 minutes. Once they are in, the attackers are expanding their tactics beyond encryption and exfiltration, and victims continue to pay the ransom demands.
We also report that the UK is third most targeted country globally, behind the US and Canada, and we highlight the challenges facing small and medium sized business in particular. We also highlight that cyber incidents do not only happen as part of an attack; they also occur when data is vulnerable due to mismanaged systems and accesses. As all these risks increase, we also highlight the potential value of cyber insurance as part of a robust and planned cyber security strategy
Top Cyber Stories of the Last Week
AI Can Plan and Execute Cyber Attacks Without Human Intervention
A recent study from Carnegie Mellon University, in collaboration with Anthropic, has demonstrated the growing capabilities of AI in cyber security. The research showed that large language models (LLMs) can autonomously plan and execute complex cyber attacks, such as replicating the 2017 Equifax breach, without any human intervention. The AI functioned as the planner, delegating tasks to sub-agents, and managed to deploy malware and extract data. While this work was conducted in a controlled environment, it raises significant concerns about the potential for AI-driven cyber attacks. These developments signal a shift towards more autonomous and adaptive threats.
Ransomware Gangs Attacking Managed Service Providers with Stolen Login Credentials and Vulnerabilities
Ransomware groups Akira and Lynx are increasingly targeting managed service providers (MSPs) and small businesses, exploiting stolen credentials and vulnerabilities. These groups have compromised over 365 organisations, with Akira evolving into one of the top 10 ransomware operations, focusing on MSPs to access extensive client networks. Both groups utilise techniques such as credential-based attacks, file encryption, and data theft, to extort ransoms. They share similarities with the notorious Conti ransomware, indicating potential code reuse. The attacks also involve evasion tactics such as disabling security software and targeting backup systems to ensure successful encryption.
https://cybersecuritynews.com/akira-and-lynx-ransomware/
Hackers Uses Social Engineering Attack to Gain Remote Access in 5 Minutes
A recent cyber attack investigation demonstrated how threat actors compromised corporate systems in under five minutes using social engineering and trusted business tools. Hackers impersonated IT support to gain remote access via QuickAssist, then deployed malicious PowerShell scripts to install a remote access tool and harvest credentials. The attack, which leveraged legitimate Windows tools, highlights the growing risk of social engineering tactics in bypassing security. The incident underscores the need for improved user training and prompt incident response to mitigate the impact of such rapid breaches.
https://cybersecuritynews.com/hacked-in-300-seconds/
Social Engineering Attacks Surged This Past Year
Palo Alto Networks’ latest report reveals that social engineering attacks have become the leading method for cyber attacks over the past year, with 36% of the incident response cases traced back to this tactic. These attacks, used by a variety of groups, including financially motivated cyber criminals and nation-state operatives, often target employees with system-wide access, such as help desk staff and administrators. Social engineering is particularly effective in compromising sensitive data, with 60% of such attacks leading to data exposure. The report highlights that these attacks have spiked in frequency, especially from groups like Scattered Spider and North Korean operatives.
https://cyberscoop.com/social-engineering-top-attack-vector-unit-42/
Ransomware Actors Expand Tactics Beyond Encryption and Exfiltration
A recent Barracuda report reveals that ransomware actors have expanded their tactics beyond data encryption and exfiltration. Other common activities included wiping backups or deleting shadow copies of files (37%), installing additional malware or payloads (29%), infecting multiple endpoints such as computers or servers (26%), and threatening partners, shareholders, or customers (22%). Attackers also threatened to alert the authorities or the press (21%) and even threatened staff (16%). Only a quarter (24%) of incidents involved data encryption. Data was stolen and either leaked or retained in 54% of cases. These multidimensional tactics increase pressure on victims to pay.
https://www.infosecurity-magazine.com/news/ransomware-expand-encryption/
Cyber Criminals Are Getting Personal, and It’s Working
Cyber criminals are increasingly personalising their attacks, with phishing kits becoming harder to detect and reverse-engineer. A key tactic involves using custom-made kits, driven by AI, to scale campaigns. Email-based attacks continue to rise, with business email compromise (BEC) becoming a prominent threat. Lumma Stealer malware is the most prevalent, often delivered through common file attachments or cloud services. Financial lures and urgency-based messages remain the top tactics used to trick victims, with cyber criminals employing sophisticated methods to bypass detection. The growing use of AI is enabling more targeted and scalable phishing efforts.
https://www.helpnetsecurity.com/2025/08/07/email-attacks-q2-2025/
Ransomware Victims Are Still Paying Up, Some More Than Once
A recent report from Semperis reveals that ransomware attacks remain a significant threat, with 81% of US firms and 78% globally targeted in the past year. Attackers succeed in over half of cases, and many companies pay ransoms multiple times. The majority of payments range between $500,000 and $1 million, but some companies face repeated attacks. The report highlights the growing risk of identity infrastructure breaches, including Active Directory and Okta, which enable attackers to persist and escalate their reach. Organisations are urged to automate defences, secure identity systems, and prepare comprehensive ransomware-response plans.
SMBs Struggle with Alert Overload, Cloud Blind Spots and Insider Threats
TrustLayer’s 2025 UK Cyber Resilience Report reveals a growing challenge for UK SMBs in managing cyber security. With shrinking budgets and rising alert volumes, organisations struggle to protect against email, cloud, and insider threats. The report highlights critical gaps, including limited cloud visibility, outdated security tools, and insider risks, with nearly one in three data breaches originating from employees. Additionally, alert overload is leading to stress and burnout in security teams. TrustLayer recommends streamlining security tools, automating processes, and focusing on human-centric operations to build a more resilient, efficient cyber security strategy.
Britons Face Cyber-Attack Surge as UK Becomes Most Targeted Country in Europe
The UK has seen a significant rise in cyber attacks, making it the third most targeted country globally, behind the US and Canada. According to a NordVPN report, there has been a 7% increase in malware incidents, totalling 103 million, with the UK having the highest malware concentration per user in Europe. Cyber criminals often use trusted brands like Google, Amazon, and Yahoo to deceive users into exposing sensitive data. Malware now includes a wide range of threats, from data theft to device hijacking. The rise in online scams and increasingly sophisticated techniques highlights growing cyber security risks for UK businesses and consumers.
Exposed Without a Breach - The Cost of Data Blindness
Data blindness, where sensitive information is exposed without traditional cyber attack methods, poses a significant risk to organisations. This occurs when misconfigured systems, overpermissioned users, and unmonitored data flows leave critical data vulnerable. Traditional tools fail to account for modern data environments, where information is scattered across cloud platforms, third-party services, and AI-generated content. As a result, visibility gaps lead to unnoticed breaches, with the consequences often as severe as a traditional cyber attack. To mitigate this, organisations must adopt continuous, real-time data visibility, ensuring sensitive data is always monitored and aligned with business context.
https://securityaffairs.com/180813/security/exposed-without-a-breach-the-cost-of-data-blindness.html
Cyber Insurance Premiums Are Soaring — And So Are Your Risks
The global cyber insurance market is set to grow rapidly, doubling by 2030, driven by rising cyber risks such as ransomware and stringent regulatory requirements like GDPR and NIS2. As cyber attacks become more frequent and costly, businesses are increasingly relying on insurance as a safety net. Insurers are adjusting by incorporating real-time threat intelligence to price policies more accurately. Firms should consider the appropriateness of their cyber insurance to protect client data and manage cyber risks effectively. It is critical for firms to review their policies and ensure adequate coverage.
https://abovethelaw.com/2025/08/cyber-insurance-premiums-are-soaring-and-so-are-your-risks/
Governance, Risk and Compliance
CISOs say they're prepared, their data says otherwise - Help Net Security
Why 90% of cyber leaders are feeling the heat - Help Net Security
Cybersecurity must be a top priority for businesses from beginning to end | TechRadar
Mind the overconfidence gap: CISOs and staff don’t see eye to eye on security posture | CSO Online
75 percent of cybersecurity leaders don’t trust their own data - BetaNews
The Heat Wasn't Just Outside: Cyber Attacks Spiked in Summer 2025
Summer: Why cybersecurity must be strengthened as vacations abound | CSO Online
Cybersecurity Incident Response Needs A War Room, Not A Playbook
Prioritizing Cybersecurity: Essential for Business Survival Against AI Threats
Threats
Ransomware, Extortion and Destructive Attacks
Nearly one-third of ransomware victims are hit multiple times, even after paying hackers | IT Pro
New EDR killer tool used by eight different ransomware groups
Ransomware groups shift to quadruple extortion to maximize pressure - Help Net Security
75% of UK business leaders are willing to risk criminal penalties to pay ransoms | IT Pro
Ransomware is up, zero-days are booming, and your IP camera might be next - Help Net Security
Ransomware goes cloud native to target your backup infrastructure | CSO Online
Ransomware Actors Expand Tactics Beyond Encryption and Exfiltration - Infosecurity Magazine
On the Rise: Ransomware Victims, Breaches, Infostealers
This devious ransomware is able to hijack your system to turn off Microsoft Defender | TechRadar
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
Ransomware Surges as Attempts Spike 146%
Nimble 'Gunra' Ransomware Evolves With Linux Variant
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Study: 78% of Companies Targeted with Ransomware
Ransomware-as-a-Service Economy - Trends, Targets & Takedowns
Ransomware attacks: The evolving extortion threat to US financial institutions | CSO Online
Akira ransomware abuses CPU tuning tool to disable Microsoft Defender
Royal and BlackSuit ransomware gangs hit over 450 US companies
Qilin Ransomware Affiliate Panel Login Credentials Exposed Online – DataBreaches.Net
SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others
Countering the Threat of Ransomware as a Service
Why we shouldn’t just repeat ransomware groups’ claims, Sunday edition – DataBreaches.Net
Authorities seize BlackSuit ransomware gang's servers | TechCrunch
Ransomware Victims
Ransomware attacks cripple government services across Dutch Caribbean islands | NL Times
Ransomware plunges insurance company into bankruptcy | Fortra
SBM investigates alleged cyber incident amid claims of reputational threat - NEWS.MC - Monaco News
Phishing & Email Based Attacks
Cybercriminals are getting personal, and it's working - Help Net Security
Attackers exploit link-wrapping services to steal Microsoft 365 logins
Phishers Abuse M365 'Direct Send' to Spoof Internal Users
Mozilla warns Firefox add-on devs of new phishing attacks • The Register
Other Social Engineering
Cybercriminals are getting personal, and it's working - Help Net Security
Social engineering attacks surged this past year, Palo Alto Networks report finds | CyberScoop
Hackers Uses Social Engineering Attack to Gain Remote Access in 300 Seconds
Gen Z in the Crosshairs: Cybercriminals Shift Focus to Young, Digital-Savvy Workers - SecurityWeek
QR Code Quishing Attacks Surge 50%: Protect Against Data Theft
CrowdStrike investigated 320 North Korean IT worker cases in the past year | CyberScoop
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
Cisco Victim of Voice Phishing Attack, Customer Data Stolen
How not to hire a North Korean IT spy | CSO Online
Indeed recruiter text scam: I responded to one of the “job” messages. It got weird quickly.
Fraud, Scams and Financial Crime
Experts Alarmed by UK Government’s Companies House ID Checks - Infosecurity Magazine
Scammers abusing WhatsApp group invites | Cybernews
Fraud controls don’t guarantee consumer trust - Help Net Security
Indeed recruiter text scam: I responded to one of the “job” messages. It got weird quickly.
AI Fuels Record Number of Fraud Cases - Infosecurity Magazine
Nigerian accused of hacking tax preparation businesses extradited to US | CyberScoop
Artificial Intelligence
9 things you shouldn't use AI for at work | ZDNET
Your employees uploaded over a gig of files to GenAI tools last quarter - Help Net Security
CrowdStrike: Threat Actors Increasingly Lean on AI Tools
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
Russian Cyber Threat Group Uses AI-Guided Malware
Financial sector faced most AI-powered cyberattacks: survey
Rising Mobile Browser Attacks: AI Threats and Key Defenses
AI Guardrails Under Fire: Cisco's Jailbreak Demo Exposes AI Weak Points - SecurityWeek
Cybersecurity Pros Say IoT, Large Language Models Are Risk Areas of Concern
AI can write your code, but nearly half of it may be insecure - Help Net Security
Security Researchers Just Hacked ChatGPT Using A Single 'Poisoned' Document
AI Fuels Record Number of Fraud Cases - Infosecurity Magazine
Vibe Coding: When Everyone’s a Developer, Who Secures the Code? - SecurityWeek
NIST seeks to avoid reinventing the wheel with AI security guidance
Prioritizing Cybersecurity: Essential for Business Survival Against AI Threats
What's keeping risk leaders up at night? AI, tariffs, and cost cuts - Help Net Security
42% of Developers Using AI Say Their Codebase is Now Mostly AI-Generated
Anthropic wants to stop AI models from turning evil - here's how | ZDNET
Claude Vulnerabilities Let Attackers Execute Unauthorized Commands With its Own Help
Gemini AI Promptware Attack Exploits Calendar Invites to Hijack Smart Homes
Malware
On the Rise: Ransomware Victims, Breaches, Infostealers
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
Russian Cyber Threat Group Uses AI-Guided Malware
SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others
Staggering 800% Rise in Infostealer Credential Theft - Infosecurity Magazine
New 'Shade BIOS' Technique Beats Every Kind of Security
New Undectable Plague Malware Attacking Linux Servers to Gain Persistent SSH Access
Antivirus vendors fail to spot persistent Linux backdoor • The Register
Python-powered malware grabs 200K passwords, credit cards • The Register
CISA releases malware analysis for Sharepoint Server attack • The Register
Fake WhatsApp developer libraries hide destructive data-wiping code
Wave of 150 crypto-draining extensions hits Firefox add-on store
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
Mobile
Rising Mobile Browser Attacks: AI Threats and Key Defenses
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
Google addresses six vulnerabilities in August’s Android security update | CyberScoop
PlayPraetor Android RAT expands rapidly across Spanish and French-speaking regions
France orders officials to drop foreign messaging apps over cybersecurity fears
Internet of Things – IoT
Ransomware is up, zero-days are booming, and your IP camera might be next - Help Net Security
Cybersecurity Pros Say IoT, Large Language Models Are Risk Areas of Concern
The humble printer highlights overlooked security flaws | CIO Dive
Gemini AI Promptware Attack Exploits Calendar Invites to Hijack Smart Homes
Data Breaches/Leaks
On the Rise: Ransomware Victims, Breaches, Infostealers
Legal aid cyber-attack has pushed sector towards collapse, say lawyers | Legal aid | The Guardian
Google says hackers stole its customers' data by breaching its Salesforce database | TechCrunch
Exposed Without a Breach: The Cost of Data Blindness
Cisco Victim of Voice Phishing Attack, Customer Data Stolen
Top MoD civil servant to leave in wake of Afghan data breach - BBC News
Average global data breach cost now $4.44 million - Help Net Security
Swipe Right for a Cyberattack: Dating Sites, EV Chargers, and Sex Toys
No, 16 Billion New User Credentials Weren’t Leaked—but the Risk Remains | Proofpoint US
Allianz faces fresh lawsuit as cyberattack exposes 1.4 million records | Insurance Business America
Bouygues Telecom Data Breach Exposes 6.4 Million Customer Records - Infosecurity Magazine
Air France and KLM disclosed data breaches following the hack of a third-party platform
Chanel and Pandora latest retailers to be hit by cyber attacks | Retail Week
Pandora confirms data breach amid ongoing Salesforce data theft attacks
Allianz Life cyberattack gets worse as company confirms Social Security numbers stolen | TechRadar
Lovense flaws expose emails and allow account takeover
PBS confirms data breach after employee info leaked on Discord servers
Despite data breaches like the Tea app, companies see little consequence - The Washington Post
Florida prison exposes visitor contact info to every inmate • The Register
Organised Crime & Criminal Actors
Cybercriminals are getting personal, and it's working - Help Net Security
Why the Old Ways Are Still the Best for Most Cybercriminals
From fake CAPTCHAs to RATs: Inside 2025's cyber deception threat trends - Help Net Security
Python-powered malware grabs 200K passwords, credit cards • The Register
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally
Nigerian accused of hacking tax preparation businesses extradited to US | CyberScoop
Countering the Threat of Ransomware as a Service
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
Wave of 150 crypto-draining extensions hits Firefox add-on store
Insider Risk and Insider Threats
Your employees uploaded over a gig of files to GenAI tools last quarter - Help Net Security
CrowdStrike investigated 320 North Korean IT worker cases in the past year | CyberScoop
Laptop Farm: What It Is & How It's Used, Explained
How not to hire a North Korean IT spy | CSO Online
Insurance
Cyber Insurance Premiums Are Soaring — And So Are Your Risks - Above the Law
Supply Chain and Third Parties
Air France and KLM disclosed data breaches following the hack of a third-party platform
Chanel and Pandora latest retailers to be hit by cyber attacks | Retail Week
Pandora confirms data breach amid ongoing Salesforce data theft attacks
Cloud/SaaS
Google says hackers stole its customers' data by breaching its Salesforce database | TechCrunch
Attackers exploit link-wrapping services to steal Microsoft 365 logins
Ransomware goes cloud native to target your backup infrastructure | CSO Online
Phishers Abuse M365 'Direct Send' to Spoof Internal Users
How the UK's cloud strategy was hijacked by a hyperscaler duopoly | Computer Weekly
New Microsoft Exchange Vulnerability Puts Hybrid Cloud Environments at - Infosecurity Magazine
Outages
Identity and Access Management
Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking
Encryption
Encryption Made for Police and Military Radios May Be Easily Cracked | WIRED
Linux and Open Source
New Linux backdoor Plague bypasses auth via malicious PAM module
New Undectable Plague Malware Attacking Linux Servers to Gain Persistent SSH Access
Antivirus vendors fail to spot persistent Linux backdoor • The Register
New malware avoids antivirus detection, unleashes a "plague" on your devices | TechRadar
Nimble 'Gunra' Ransomware Evolves With Linux Variant
Foreign adversaries are trying to weaponize open-source software, report finds - Nextgov/FCW
Lansweeper finds Linux is growing on business endpoints • The Register
Yes, you need a firewall on Linux - here's why and which to use | ZDNET
Passwords, Credential Stuffing & Brute Force Attacks
Attackers exploit link-wrapping services to steal Microsoft 365 logins
Python-powered malware grabs 200K passwords, credit cards • The Register
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally
Staggering 800% Rise in Infostealer Credential Theft - Infosecurity Magazine
Hackers Steal 1.8 Billion Credentials, 9 Billion Data Records
Social Media
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
Amnesty slams X for 'central role' in fueling UK violence • The Register
Instagram lets you see your friends' locations now, and vice versa - here's how | ZDNET
Malvertising
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others
Regulations, Fines and Legislation
Europe’s Cybersecurity Puzzle: NIS2 Progress in 30 Pieces | McDermott Will & Schulte - JDSupra
75% of UK business leaders are willing to risk criminal penalties to pay ransoms | IT Pro
The VPNs allowing youngsters to bypass UK age verification rules
One Week of the Online Safety Act: Cyber Experts Weigh In - IT Security Guru
'Can I see some ID?' As online age verification spreads, so do privacy concerns | CBC News
The Cyber Security and Resilience Bill | Technology Law Dispatch
CISA, USCG make example out of organization they audited • The Register
Former and current officials clash over CISA’s role in US cyber defenses at Black Hat - Nextgov/FCW
Senate confirms national cyber director pick Sean Cairncross | CyberScoop
Annual ODPA report highlights local Data Law adequacy - Bailiwick Express News Guernsey
Illumina Settles Allegations of Cyber Vulnerabilities in Genomic Sequencing for $9.8M
America Is Blinding Itself - by Mark Hertling - The Bulwark
US Agencies Fail IT Security Audits, Jeopardizing National Security
DoD Secretary Hegseth Draws A Line: Cybersecurity No Longer Optional
Models, Frameworks and Standards
Europe’s Cybersecurity Puzzle: NIS2 Progress in 30 Pieces | McDermott Will & Schulte - JDSupra
The Cyber Security and Resilience Bill | Technology Law Dispatch
NIST seeks to avoid reinventing the wheel with AI security guidance
NCSC Updates Cyber Assessment Framework to Build UK CNI Resilience - Infosecurity Magazine
DoD Secretary Hegseth Draws A Line: Cybersecurity No Longer Optional
Careers, Working in Cyber and Information Security
How CISOs are training the next generation of cyber leaders | CSO Online
The Five Steps to Increase UK Cyber Resilience Detailed | SC Media UK
5 hard truths of a career in cybersecurity — and how to navigate them | CSO Online
Law Enforcement Action and Take Downs
Details emerge on BlackSuit ransomware takedown | CyberScoop
Nigerian accused of hacking tax preparation businesses extradited to US | CyberScoop
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
NATO condemns Russian cyber activities
Europe must adapt to Russia's hybrid cyber war
Pro-Iran Hackers Aligned Cyber with Kinetic War Aims - Infosecurity Magazine
Iranian hackers were more coordinated, aligned during Israel conflict than it seemed | CyberScoop
DoD Secretary Hegseth Draws A Line: Cybersecurity No Longer Optional
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
Microsoft caught in crossfire of U.S.-China cyber war - Cryptopolitan
Nation State Actors
China
Foreign adversaries are trying to weaponize open-source software, report finds - Nextgov/FCW
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
China’s botched Great Firewall upgrade invites attacks • The Register
Chinese Nation-State Hackers Breach Southeast Asian Telecoms
DoD Secretary Hegseth Draws A Line: Cybersecurity No Longer Optional
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
Microsoft caught in crossfire of U.S.-China cyber war - Cryptopolitan
Why an explosive fight erupted over the UK's new Chinese embassy - BBC News
Chinese cyberattack on US nuclear agency highlights importance of cyber hygiene | The Strategist
Nvidia says its chips have no 'backdoors' after China raises concerns | Fox Business
China Says US Exploited Old Microsoft Flaw for Cyberattacks - Bloomberg
Russia
NATO condemns Russian cyber activities
Europe must adapt to Russia's hybrid cyber war
Russian Cyber Threat Group Uses AI-Guided Malware
DoD Secretary Hegseth Draws A Line: Cybersecurity No Longer Optional
Ukrainian drone attacks are causing blackouts and shutdowns for Russian mobile internet | TechRadar
Iran
Pro-Iran Hackers Aligned Cyber with Kinetic War Aims - Infosecurity Magazine
Iranian hackers were more coordinated, aligned during Israel conflict than it seemed | CyberScoop
North Korea
CrowdStrike investigated 320 North Korean IT worker cases in the past year | CyberScoop
Laptop Farm: What It Is & How It's Used, Explained
Foreign adversaries are trying to weaponize open-source software, report finds - Nextgov/FCW
Tools and Controls
Cyber Insurance Premiums Are Soaring — And So Are Your Risks - Above the Law
AI can write your code, but nearly half of it may be insecure - Help Net Security
New EDR killer tool used by eight different ransomware groups
75 percent of cybersecurity leaders don’t trust their own data - BetaNews
One Week of the Online Safety Act: Cyber Experts Weigh In - IT Security Guru
Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking
Ransomware goes cloud native to target your backup infrastructure | CSO Online
Exposed Without a Breach: The Cost of Data Blindness
The humble printer highlights overlooked security flaws | CIO Dive
What's keeping risk leaders up at night? AI, tariffs, and cost cuts - Help Net Security
Fraud controls don’t guarantee consumer trust - Help Net Security
Akira ransomware abuses CPU tuning tool to disable Microsoft Defender
Mind the overconfidence gap: CISOs and staff don’t see eye to eye on security posture | CSO Online
CISOs say they're prepared, their data says otherwise - Help Net Security
Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks
Vibe Coding: When Everyone’s a Developer, Who Secures the Code? - SecurityWeek
China’s botched Great Firewall upgrade invites attacks • The Register
Cybersecurity Incident Response Needs A War Room, Not A Playbook
Yes, you need a firewall on Linux - here's why and which to use | ZDNET
Reports Published in the Last Week
Other News
Man-in-the-Middle Attack Prevention Guide
MacOS Under Attack: How Organizations Can Counter Rising Threats
Strengthening the UK's data center infrastructure | TechRadar
Councils are the weak link in UK cyber defences
Cyberattacks Making Consumers More Cautious About Online Shopping
Energy companies are blind to thousands of exposed services - Help Net Security
UK Boosts Cybersecurity Budget to Shield Critical Infrastructure
UK Ministry of Defence to bolster troops’ cyber skills | Cybernews
Monaco fights back after cybercriminals target national icons - NEWS.MC - Monaco News
Why blow up satellites when you can just hack them? • The Register
Vulnerability Management
Ransomware is up, zero-days are booming, and your IP camera might be next - Help Net Security
The Critical Flaw in CVE Scoring
Exposed Without a Breach: The Cost of Data Blindness
Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks
AI Beats Hackers to a Zero-Day Cybersecurity Discovery, Twice
Microsoft’s Update Mistake—45% Of All Windows Users Now At Risk
US Agencies Fail IT Security Audits, Jeopardizing National Security
Vulnerabilities
New Microsoft Exchange Vulnerability Puts Hybrid Cloud Environments at Risk- Infosecurity Magazine
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
Google fixed two Qualcomm bugs that were actively exploited in the wild
Android's August 2025 Update Patches Exploited Qualcomm Vulnerability - SecurityWeek
Enterprise Secrets Exposed by CyberArk Conjur Vulnerabilities - SecurityWeek
Google addresses six vulnerabilities in August’s Android security update | CyberScoop
CISA releases malware analysis for Sharepoint Server attack • The Register
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Apple iOS 18.6 Update Patches 29 Security Flaws, Fixes Exploited WebKit Bug
Adobe issues emergency fixes for AEM Forms zero-days after PoCs released
Millions of Dell PCs with Broadcom chips open to attack • The Register
New Ghost Calls tactic abuses Zoom and Microsoft Teams for C2 operations
RCE Flaw in AI Coding Tool Poses Software Supply Chain Risk
Vibe coding tool Cursor allows persistent code execution • The Register
Trend Micro fixes two actively exploited Apex One RCE flaws
Akira ransomware abuses CPU tuning tool to disable Microsoft Defender
Proton fixes Authenticator bug leaking TOTP secrets in logs
Critical Vulnerabilities Found in NVIDIA's Triton Inference Server - Infosecurity Magazine
Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC - SecurityWeek
Microsoft caught in crossfire of U.S.-China cyber war - Cryptopolitan
China: US spies used Microsoft Exchange 0-day to steal info • The Register
Nvidia Patches Critical RCE Vulnerability Chain
CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.