🚨 Brazil hit by two cyber threats:

1️⃣ Hackers using AI-built fake gov sites to steal IDs + cash via PIX.
2️⃣ Efimer Trojan spreading via fake legal emails, torrents & WordPress hacks — swapping crypto wallets + stealing funds.

How both attacks work → https://thehackernews.com/2025/08/ai-tools-fuel-brazilian-phishing-scam.html

🚨 14 new flaws in CyberArk & HashiCorp vaults can let hackers steal corporate secrets without a password — some bugs sat undetected for 9 years.

Researchers warn attackers could chain them for full remote takeover.

Full story → https://thehackernews.com/2025/08/cyberark-and-hashicorp-flaws-enable.html

🔥 GPT-5 jailbroken: “Echo Chamber” + storytelling tricked it into giving banned instructions.

Related zero-click prompt injections can exfiltrate data from Google Drive, Jira, Microsoft Copilot Studio, and even hijack smart homes.

Details → https://thehackernews.com/2025/08/researchers-uncover-gpt-5-jailbreak-and.html

⚡ Lenovo webcams can be hacked into remote BadUSB weapons.

Flawed firmware checks let attackers send or infect a camera to inject keystrokes, survive wipes, and spread to other hosts.

Here’s how the “BadCam” exploit works → https://thehackernews.com/2025/08/linux-based-lenovo-webcams-flaw-can-be.html

Hackers can bypass Windows login, steal cryptographic keys, and hide inside some Dell laptops even after a full OS reinstall — “ReVault” flaws hit 100+ models.

Sometimes, they don’t even need your password.

Details → https://thehackernews.com/2025/08/researchers-reveal-revault-attack.html

🔥 Windows had a hole [CVE-2025-49760] in its core RPC system that let attackers pretend to be trusted services—like hijacking DNS, but inside your OS.

The wild part? Even Windows Defender’s ID could be spoofed.

Here’s how the EPM poisoning attack worked ↓ https://thehackernews.com/2025/08/researchers-detail-windows-epm.html

Hackers can now hijack Microsoft Domain Controllers into a global DDoS botnet—no malware, no creds, no trace.

At DEF CON, researchers revealed “Win-DDoS”: a flaw that can weaponize tens of thousands of public DCs to flood targets, crash systems, or trigger BSODs—remotely.

Here’s how it works → https://thehackernews.com/2025/08/new-win-ddos-flaws-let-attackers-turn.html

🛑 ALERT - Stop what you’re doing & update WinRAR.

A zero-day (CVE-2025-8088) is under active attack—booby-trapped archives can drop malware into Windows startup & hijack your PC.

Linked to Russian group “Paper Werewolf”

Update to v7.13 now. Details → https://thehackernews.com/2025/08/winrar-zero-day-under-active.html

🔒 96% less remediation work. 📈 Stronger security.

One method is letting CISOs, CFOs & security teams speak the same language—business risk.

Here’s how orgs are protecting what truly drives revenue ↓ https://thehackernews.com/2025/08/6-lessons-learned-focusing-security.html

🚨 Weekly Cybersecurity Recap is live!

WinRAR flaws, NVIDIA Triton risks, EDR bypass attacks, ransomware surge… and dozens more threats you need to know about.

🔗 Full roundup → https://thehackernews.com/2025/08/weekly-recap-badcam-attack-winrar-0-day.html

🚨 Critical flaw in Erlang/OTP’s SSH (CVE-2025-32433) is being actively exploited — no credentials needed, full remote code execution possible.

Targets? Mostly OT networks — healthcare, agriculture, media, and high-tech sectors hit hardest.

Here’s why it’s a global threat ↓ https://thehackernews.com/2025/08/researchers-spot-surge-in-erlangotp-ssh.html

🚨 Police, military, and critical infrastructure radios worldwide are vulnerable — again.

Researchers just found new TETRA flaws letting attackers replay calls, brute-force “secure” comms, and inject fake voice/data — even on encrypted networks. No full fixes yet.

Here’s what’s at stake ↓ https://thehackernews.com/2025/08/new-tetra-radio-encryption-flaws-expose.html

🚨 WARNING: Dutch cyber watchdog confirms: a Citrix zero-day (CVE-2025-6543) was exploited for months before disclosure—hitting critical orgs, leaving hidden web shells, and erasing traces.

Patches are out. If you run NetScaler, act now.

Full story → https://thehackernews.com/2025/08/dutch-ncsc-confirms-active-exploitation.html

New research by Pentera builds on Wiz’s IngressNightmare and reveals critical injection vulnerabilities in the widely used ingress-nginx Kubernetes controller.

Pentera’s team uncovered additional attack vectors that exploit common configuration oversights - going beyond the four originally disclosed CVEs. These newly discovered injection points can allow attackers to bypass security controls, execute arbitrary code, and pivot deeper into Kubernetes clusters.

👉 Join experts live on August 20 at 11:00 AM ET for a technical deep dive into the full scope of these vulnerabilities and their real-world impact: https://thn.news/IngressNightmare-webinar

Read the full research report 👉 https://thn.news/cyberattacks-explained

🇷🇺 New Threat: Curly COMrades hacked govt & energy networks in Georgia & Moldova — stealing credentials & hiding for months.

Their secret weapon? Hijacking Windows’ own components to run commands as SYSTEM… and no one notices.

Find details here → https://thehackernews.com/2025/08/new-curly-comrades-apt-using-ngen-com.html

Identity attacks are evolving, but are your IR playbooks keeping up? Join Push Security's Josh Gideon on August 13th & 14th as he dives into the new challenges facing incident responders in the cloud. Don't miss out on a step-by-step walkthrough of how security teams are using browser telemetry to supercharge their security investigations.

Register here: https://thn.news/identity-attacks-webinar-tg

🚨 Your browser is now your biggest insider threat.

🤖 GenAI prompts
⚠️ Risky extensions
💻 Unmanaged devices

All leaking data in-session.

🥊 Enterprise Browser vs. Secure Extension — 9 brutal rounds.

Who wins? → https://thehackernews.com/2025/08/the-ultimate-battle-enterprise-browsers.html

⚠️ Two of the most dangerous hacker groups — ShinyHunters & Scattered Spider — are joining forces.

They’ve hit Salesforce users worldwide, and signs show their next big target: banks & financial firms.

Here’s why this alliance is bad news ↓ https://thehackernews.com/2025/08/cybercrime-groups-shinyhunters.html

🚨 780+ malicious IPs just launched a coordinated brute-force attack on Fortinet SSL VPNs — shifting mid-campaign to hit FortiManager.

Researchers warn this pattern often precedes a new CVE disclosure within weeks.

Read → https://thehackernews.com/2025/08/fortinet-ssl-vpns-hit-by-global-brute.html

🚨 Over a year after the XZ Utils backdoor was exposed, 35 infected Docker images are still live on Docker Hub — some built on top of each other, quietly spreading the malware.

They can let attackers bypass SSH auth & run root commands.

Full story → https://thehackernews.com/2025/08/researchers-spot-xz-utils-backdoor-in.html