ICYMI: 2025-08-27
Latest Headlines
Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks
Someone Created First AI-Powered Ransomware Using OpenAI’s gpt-oss:20b Model
Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectors
ShadowSilk Hits 35 Organizations in Central Asia and APAC Using Telegram Bots
Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra
Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect
Hundreds of Salesforce Customers Hit by Widespread Data Theft Campaign
Nevada State Offices Closed Following Disruptive Cyberattack
Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime
28,000+ Citrix Servers Exposed to Active 0-Day RCE Vulnerability Exploited in the Wild
PoC Exploit Released for CrushFTP 0-day Vulnerability (CVE-2025-54309)
How ClickFix and Multi-Stage Phishing Frameworks Are Breaking Enterprise Defenses
NVIDIA NeMo AI Curator Enables Code Execution and Privilege Escalation
CISA releases New ICS Advisories Surrounding Vulnerabilities and Exploits
New Zip Slip Vulnerability Allows Attackers to Manipulate ZIP Files During Decompression
Spotify Launches Direct Message Feature for Music Sharing, What are the Risks Associated?
Experimental PromptLock ransomware uses AI to encrypt, steal data
IT system supplier cyberattack impacts 200 municipalities in Sweden
Global Salt Typhoon hacking campaigns linked to Chinese tech firms
Over 28,000 Citrix devices vulnerable to new exploited RCE flaw
Why zero trust is never ‘done’ and is an ever-evolving process
Healthcare Services Group data breach impacts 624,000 people
– MTZ