Cyber Security Week in Review: August 29, 2025
In brief: FreePBX zero-day, Citrix releases updates to fix an actively exploited flaw, the Salt Typhoon APT officially linked to Chinese companies, and more.
Cybersecurity News - Page 45
US, UK, and allies link global Salt Typhoon hacking campaign to Chinese tech firms
Using known flaws, attackers gained access to networks, altered security settings, created covert tunnels, and deployed custom tools to steal communications data.
New phishing campaign uses legitimate software to take over devices
Hackers are abusing ScreenConnect to launch follow-up attacks, such as stealing accounts and spreading phishing emails across organizations.
Researchers discover first AI-powered ransomware
PromptLock dynamically crafts its attack logic using hard-coded prompts fed into the AI model.
Citrix fixes critical NetScaler flaw, one actively exploited
There are no workarounds, so users are strongly advised to upgrade immediately.
Salesforce customers targeted in data theft campaign via compromised Drift integration
The attackers were focused on harvesting credentials, specifically searching for AWS access keys, passwords, and Snowflake tokens.
ZipLine campaign targets supply chain manufacturers with MixShell malware
Unlike typical phishing attacks, the threat actors behind ZipLine initiate contact through companies’ public “Contact Us” forms.
New phishing campaign uses fake voicemails to spread malware
The files install UpCrypter, which helps hackers deploy RATs like PureHVNC, DCRat, and Babylon RAT.
Researchers warn of major spike in scans targeting Microsoft RDWA and RDP Web Client portals
Nearly 1,971 unique IP addresses were involved in what appears to be a coordinated reconnaissance campaign.
China-linked hackers target Southeast Asian diplomats
The attackers hijack web traffic by manipulating captive portal behavior to deliver the Staticplugin malware downloader.
Showing elements 441 - 450