Top News

• Phishers turn 1Password’s Watchtower into a blind spot

"A convincing fake breach alert nearly tricked a Malwarebytes employee into giving away their 1Password credentials."

Link

TLP¹ : Green

• XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

"Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts."

Link

TLP¹ : Green

• Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

"Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software to facilitate the deployment of Medusa ransomware."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Security Firm Exposes Role of Beijing Research Institute in China’s Cyber Operations

"Recorded Future has uncovered ties between the Beijing Institute of Electronics Technology and Application (BIETA) and China’s Ministry of State Security (MSS), the country’s primary civilian intelligence service."

Link

TLP¹ : Green

• LinkedIn sues ProAPIs for using 1M fake accounts to scrape user data

"LinkedIn has filed a lawsuit against Delaware company ProAPIs Inc. and its founder and CTO, Rehmat Alam, for allegedly scraping legitimate data through more than a million fake accounts."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Discord discloses third-party breach affecting customer support data

"Discord reported a data breach at a third-party customer service provider that exposed user data, including contact details, IPs, and billing info."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• 13-year-old Critical Redis RCE Vulnerability Let Attackers Gain Full Access to Host System

"A 13-year-old critical remote code execution (RCE) vulnerability in Redis, dubbed RediShell, allows attackers to gain full access to the underlying host system."

Link

TLP¹ : Green

• Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

"CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider (aka Cl0p), and that the first known exploitation occurred on August 9, 2025."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

"For years, security leaders have treated artificial intelligence as an "emerging" technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just how outdated that mindset has become."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Rapid7 Details Cisco ASA Zero-Day Exploit Chain (CVE-2025-20362 & CVE-2025-20333)

"Security researchers at Rapid7 have published a detailed technical analysis uncovering how a pair of zero-day vulnerabilities in Cisco Secure Firewall ASA and FTD software were exploited in-the-wild to achieve unauthenticated remote code execution."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp