ICYMI: 2025-09-05
Latest Headlines
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation
TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations
SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild
VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages
Defense Department Scrambles to Pretend It’s Called the War Department
Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool
FireCompass Raises $20 Million for Offensive Security Platform
In Other News: Scammers Abuse Grok, US Manufacturing Attacks, Gmail Security Claims Debunked
North Korean Hackers Targeted Hundreds in Fake Job Interview Attacks
More Cybersecurity Firms Hit by Salesforce-Salesloft Drift Breach
New Report Claims Microsoft Used China-Based Engineers For SharePoint Support and Bug Fixing
143,000 Malware Files Attacked Android and iOS Device Users in Q2 2025
SafePay Ransomware Claiming Attacks Over 73 Victim Organizations in a Single Month
TAG-150 Hackers Deploying Self-Developed Malware Families to Attack Organizations
Threats Actors Weaponize ScreenConnect Installers to Gain Initial Access to Organizations
Wealthsimple Data Breach Exposes Personal Information of Some Users
Hackers Weaponize Fake Microsoft Teams Site to Deploy Odyssey macOS Stealer
North Korean Threat Actors Reveal Their Tactics in Replacing Infrastructure With New Assets
10 Best Internal Network Penetration Testing Companies in 2025
Microsoft now enforces MFA on Azure Portal sign-ins for all tenants
EU fines Google $3.5 billion for anti-competitive ad practices
Microsoft gives US students a free year of Microsoft 365 Personal
Don’t let outdated IGA hold back your security, compliance, and growth
– MTZ