🚨 1,209 cybercriminals arrested across 18 African countries.

• $97.4 million recovered
• 88,000 victims
• 11,432 malicious infrastructures dismantled

From crypto fraud to ransomware, Operation Serengeti shows the global fight against cybercrime is heating up.

Read → https://thehackernews.com/2025/08/interpol-arrests-1209-cybercriminals.html

Why are we still delivering pentest results like it’s 2010?

Static PDFs. Email attachments. Weeks of delay.

Automation flips the script: findings delivered in real time, workflows auto-tracked. This is the future of pentest delivery.

See how → https://thehackernews.com/2025/08/automation-is-redefining-pentest.html

🛑 WARNING: A phishing email with a RAR file can hijack your Linux system—without opening the file’s content.

The malware? Hidden in the file name itself.

No macros. No hidden content. Just a filename that executes Bash.

This trick slips past antivirus scans.

Here’s how it works ↓ https://thehackernews.com/2025/08/linux-malware-delivered-via-malicious.html

⚠️ Cyberattacks are shifting gears.

➟ One crew hijacks GeoServer (CVE-2024-36401) to quietly sell your internet bandwidth.

➟ Another builds PolarEdge, a 40k-device botnet hidden in firewalls & routers.

➟ And “Gayfemboy” — a Mirai offshoot — spreads across industries to fuel DDoS.

Different names. Same trend: stealth, scale, and profit.

Details → https://thehackernews.com/2025/08/geoserver-exploits-polaredge-and.html

⚠️ A “hacking tool” on Go isn’t what it seems.

The package pretends to brute-force SSH—but secretly sends stolen logins to a Telegram bot controlled by a Russian actor.

The package is still on pkg.go.dev.

Full report → https://thehackernews.com/2025/08/malicious-go-module-poses-as-ssh-brute.html

A “Meeting Notice.pdf” lands in your inbox. You open it. Firefox pops up with a real doc.

Nothing feels wrong.

But behind the scenes? Malware is already stealing govt data.

That’s APT36’s latest trick to target Indian govt systems → https://thehackernews.com/2025/08/transparent-tribe-targets-indian-govt.html

The bad news didn’t wait:

💥 Password managers cracked
⚠️ Zero-days exploited live
☁️ Clouds breached
🤖 AI risks emerging
🌐 Governments cracking down

This week’s cyber recap is unmissable → https://thehackernews.com/2025/08/weekly-recap-password-manager-flaws.html

Enterprises are catching just 1 in 7 attacks.

The rest? Slipping by undetected.

The 2025 Blue Report exposes the hidden detection gap putting critical data at risk.

See what’s missing → https://thehackernews.com/2025/08/why-siem-rules-fail-and-how-to-fix-them.html

🚨 A new phishing wave is hitting global industries.

Fake voicemails & purchase orders are luring victims into downloading UpCrypter—a stealthy malware loader that drops RATs like PureHVNC & DarkCrystal, giving attackers full control.

Details here ↓ https://thehackernews.com/2025/08/phishing-campaign-uses-upcrypter-in.html

🚨 Critical flaw in Docker Desktop (CVE-2025-9074, 9.3/10) lets a malicious container escape and hijack the host.

On Windows, attackers can mount the full C:\ drive, read sensitive files, even escalate to admin. macOS safer—but not safe.

Patch now (v4.44.3). Details → https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html

⚠️ ALERT: Chinese hackers hijacked Wi-Fi portals to spy on diplomats—using fake Adobe updates signed with valid certificates.

The attack drops a PlugX backdoor that steals files, logs keystrokes & runs remote commands.

Here’s how it works ↓ https://thehackernews.com/2025/08/unc6384-deploys-plugx-via-captive.html

CISA just flagged 3 new actively exploited flaws—two in Citrix Session Recording, one in Git.

The Git bug (CVE-2025-48384) can let attackers run arbitrary code just by cloning a repo. Proof-of-concept exploit is already out.

Here’s what you need to know ↓ https://thehackernews.com/2025/08/cisa-adds-three-exploited.html

🛑 Important: Google is locking down Android.

Starting Sept 2026, every app — even outside the Play Store — must come from a verified developer.

No more anonymous sideloads. No quick comebacks for malware gangs.

First up: Brazil, Indonesia, Singapore, Thailand.

Full story ↓ https://thehackernews.com/2025/08/google-to-verify-all-android-developers.html

📢 Google & Workday both confirmed breaches this summer — attackers slipped in through social engineering, not software flaws.

The group behind it, ShinyHunters, used phone scams + fake apps to access Salesforce data.

Here’s what actually happened ↓ https://thehackernews.com/expert-insights/2025/08/shinyhunters-data-breach-vs-saas-why.html

🚨 A new Android banking trojan just leveled up: HOOK now locks victims’ screens with ransomware-style extortion demands.

Worse? It can also steal your banking logins, crypto wallets, PIN codes—and even stream your screen.

Here’s how it works ↓ https://thehackernews.com/2025/08/hook-android-trojan-adds-ransomware.html

🚨 Over 100 hacked WordPress sites are being used in a new campaign called ShadowCaptcha — luring visitors with fake CAPTCHA checks that drop info-stealers, ransomware, and crypto miners.

The trick? Copy-pasted commands from your clipboard turn into attacks.

Here’s what you need to know ↓ https://thehackernews.com/2025/08/shadowcaptcha-exploits-wordpress-sites.html

Hackers are hijacking “Contact Us” forms to breach supply chain giants.

Weeks of fake NDAs and polite emails → a booby-trapped ZIP delivers MixShell, stealth malware built to stay hidden.

This isn’t phishing as you know it.

Learn more ↓ https://thehackernews.com/2025/08/mixshell-malware-delivered-via-contact.html

🚨 Cyberattacks are faster than ever.

For the 5th year straight, Gartner named SentinelOne a Leader in Endpoint Protection—thanks to AI that detects threats 63% faster and auto-rolls back ransomware.

Details → https://thehackernews.com/2025/07/ai-driven-trends-in-endpoint-security.html

🚨 New 5G attack discovered.

Researchers built Sni5Gect, a tool that can hijack the 5G handshake, crash phones, or silently downgrade them to 4G — no fake cell tower needed.

Here’s the full story → https://thehackernews.com/2025/08/new-sni5gect-attack-crashes-phones-and.html

🚨 Citrix just patched 3 critical NetScaler flaws—one (CVE-2025-7775) is already under active attack.

Hackers can hijack systems (RCE) or crash them. No workarounds, only updates.

Admins need to move fast.

Full details here → https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html

⚠️ Cyber researchers just exposed 5 attack clusters tied to hacking group Blind Eagle—targeting Colombia’s government, banks, and critical sectors since 2024.

They’re using cracked RATs, fake bank portals, and even Discord & Google Drive to deliver malware.

Details → https://thehackernews.com/2025/08/blind-eagles-five-clusters-target.html