This month in security with Tony Anscombe – August 2025 edition
From Meta shutting down millions of WhatsApp accounts linked to scam centers all the way to attacks at water facilities...
linked
This month in security with Tony Anscombe – August 2025 edition
From Meta shutting down millions of WhatsApp accounts linked to scam centers all the way to attacks at water facilities...
Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns
A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to...
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that...
FIN7 Utilizes Anubis Backdoor to Take Control of Windows Systems via Compromised SharePoint Sites
The financially driven threat group identified as FIN7 has associated with a Python-created backdoor known as Anubis (distinguishable from an...
Latest SparrowDoor Backdoor Versions Discovered in Incidents on U.S. and Mexican Entities
It has been discovered that the renowned Chinese hacker group, FamousSparrow, has been associated with a digital assault aimed at...
RedCurl Changes Focus from Spying to Ransomware by Introducing the Inaugural QWCrypt Implementation
The Russian-speaking group known as RedCurl has transitioned to a ransomware operation, indicating a shift in the techniques employed by...
Aquatic Panda – APT Connected to China: Extensive 10-Month Operation, Targeting 7 Worldwide Objectives, 5 Varieties of Malicious Software
The sophisticated cyber-attack group associated with China, famously known as Aquatic Panda, has been implicated in a "worldwide spying initiative"...
CISA Alerts Regarding Ongoing Exploitation in GitHub Action Supply Chain Breach
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning on Tuesday about a security vulnerability related to the...
Colombian Entities Vulnerable Overridden by Blind Eagle Through NTLM Vulnerability, Remote Access Trojans and GitHub-Based Offensives
Blind Eagle, a malicious actor, has been attributed to a sequence of continuous offensives launched towards Colombian establishments as well...
Adhesive werewolf exploits undisclosed insertion to disseminate Lumma Stealer in Russia and Belarus
Sticky Werewolf, the malicious actor, has been associated with precise strikes mainly in Russia and Belarus, intending to distribute the...
Recent Attack by Space Pirates on Russian IT Enterprises Using Fresh LuckyStrike Agent Malware
A notorious group known as Space Pirates has initiated a harmful operation targeting Russian IT entities by employing a newly...
Bybit Breach Attributed to Secure{Pocket} Supply Chain Breach Exploited by North Korean Cybercriminals
The Federal Bureau of Investigation (FBI) in the United States officially connected the unprecedented $1.5 billion Bybit breach to threat...
Targeted Developer Attacks: Lazarus Group Utilizes Marstech1 JavaScript Implant
Marstech1, an undisclosed JavaScript implant, has been deployed by the notorious Lazarus Group in malicious activities aimed at developers. SecurityScorecard...
PowerShell and Dropbox Utilized by North Korean APT43 in Focused Cyberattacks on South Korea
An affiliated threat entity connected to North Korea has been identified in an active operation aimed at South Korean enterprises,...
