Hackers can now hijack Microsoft Domain Controllers into a global DDoS botnet—no malware, no creds, no trace.

At DEF CON, researchers revealed “Win-DDoS”: a flaw that can weaponize tens of thousands of public DCs to flood targets, crash systems, or trigger BSODs—remotely.

Here’s how it works → https://thehackernews.com/2025/08/new-win-ddos-flaws-let-attackers-turn.html

🛑 ALERT - Stop what you’re doing & update WinRAR.

A zero-day (CVE-2025-8088) is under active attack—booby-trapped archives can drop malware into Windows startup & hijack your PC.

Linked to Russian group “Paper Werewolf”

Update to v7.13 now. Details → https://thehackernews.com/2025/08/winrar-zero-day-under-active.html

🔒 96% less remediation work. 📈 Stronger security.

One method is letting CISOs, CFOs & security teams speak the same language—business risk.

Here’s how orgs are protecting what truly drives revenue ↓ https://thehackernews.com/2025/08/6-lessons-learned-focusing-security.html

🚨 Weekly Cybersecurity Recap is live!

WinRAR flaws, NVIDIA Triton risks, EDR bypass attacks, ransomware surge… and dozens more threats you need to know about.

🔗 Full roundup → https://thehackernews.com/2025/08/weekly-recap-badcam-attack-winrar-0-day.html

🚨 Critical flaw in Erlang/OTP’s SSH (CVE-2025-32433) is being actively exploited — no credentials needed, full remote code execution possible.

Targets? Mostly OT networks — healthcare, agriculture, media, and high-tech sectors hit hardest.

Here’s why it’s a global threat ↓ https://thehackernews.com/2025/08/researchers-spot-surge-in-erlangotp-ssh.html

🚨 Police, military, and critical infrastructure radios worldwide are vulnerable — again.

Researchers just found new TETRA flaws letting attackers replay calls, brute-force “secure” comms, and inject fake voice/data — even on encrypted networks. No full fixes yet.

Here’s what’s at stake ↓ https://thehackernews.com/2025/08/new-tetra-radio-encryption-flaws-expose.html

🚨 WARNING: Dutch cyber watchdog confirms: a Citrix zero-day (CVE-2025-6543) was exploited for months before disclosure—hitting critical orgs, leaving hidden web shells, and erasing traces.

Patches are out. If you run NetScaler, act now.

Full story → https://thehackernews.com/2025/08/dutch-ncsc-confirms-active-exploitation.html

New research by Pentera builds on Wiz’s IngressNightmare and reveals critical injection vulnerabilities in the widely used ingress-nginx Kubernetes controller.

Pentera’s team uncovered additional attack vectors that exploit common configuration oversights - going beyond the four originally disclosed CVEs. These newly discovered injection points can allow attackers to bypass security controls, execute arbitrary code, and pivot deeper into Kubernetes clusters.

👉 Join experts live on August 20 at 11:00 AM ET for a technical deep dive into the full scope of these vulnerabilities and their real-world impact: https://thn.news/IngressNightmare-webinar

Read the full research report 👉 https://thn.news/cyberattacks-explained

🇷🇺 New Threat: Curly COMrades hacked govt & energy networks in Georgia & Moldova — stealing credentials & hiding for months.

Their secret weapon? Hijacking Windows’ own components to run commands as SYSTEM… and no one notices.

Find details here → https://thehackernews.com/2025/08/new-curly-comrades-apt-using-ngen-com.html

Identity attacks are evolving, but are your IR playbooks keeping up? Join Push Security's Josh Gideon on August 13th & 14th as he dives into the new challenges facing incident responders in the cloud. Don't miss out on a step-by-step walkthrough of how security teams are using browser telemetry to supercharge their security investigations.

Register here: https://thn.news/identity-attacks-webinar-tg

🚨 Your browser is now your biggest insider threat.

🤖 GenAI prompts
⚠️ Risky extensions
💻 Unmanaged devices

All leaking data in-session.

🥊 Enterprise Browser vs. Secure Extension — 9 brutal rounds.

Who wins? → https://thehackernews.com/2025/08/the-ultimate-battle-enterprise-browsers.html

⚠️ Two of the most dangerous hacker groups — ShinyHunters & Scattered Spider — are joining forces.

They’ve hit Salesforce users worldwide, and signs show their next big target: banks & financial firms.

Here’s why this alliance is bad news ↓ https://thehackernews.com/2025/08/cybercrime-groups-shinyhunters.html

🚨 780+ malicious IPs just launched a coordinated brute-force attack on Fortinet SSL VPNs — shifting mid-campaign to hit FortiManager.

Researchers warn this pattern often precedes a new CVE disclosure within weeks.

Read → https://thehackernews.com/2025/08/fortinet-ssl-vpns-hit-by-global-brute.html

🚨 Over a year after the XZ Utils backdoor was exposed, 35 infected Docker images are still live on Docker Hub — some built on top of each other, quietly spreading the malware.

They can let attackers bypass SSH auth & run root commands.

Full story → https://thehackernews.com/2025/08/researchers-spot-xz-utils-backdoor-in.html

🚨 New RANSOMWARE ALERT: “Charon” is hitting Middle East gov & aviation targets—using nation-state-level tactics to dodge defenses & lock files fast.

It mimics a China-linked APT, sideloads malicious DLLs, and even packs a driver to kill EDR (likely still in testing).

Read → https://thehackernews.com/2025/08/charon-ransomware-hits-middle-east.html

⚡ Microsoft patched 111 flaws — including a zero-day in Windows Kerberos that could let attackers seize entire Active Directory domains.

Some bugs score 10/10 severity. Others hit Azure OpenAI, Microsoft 365 Copilot, & Edge.

Read: https://thehackernews.com/2025/08/microsoft-august-2025-patch-tuesday.html

Your Salesforce scans aren’t telling you everything.

Automated tools show what’s already there.

Only human-led penetration testing shows what could happen — uncovering hidden attack paths your scanners miss.

Here’s why most teams remain exposed → https://thehackernews.com/expert-insights/2025/08/the-second-layer-of-salesforce-security.html

🛑 Hackers are now using AI to deepfake your CFO’s voice, create perfect fake identities, and break into systems at machine speed.

The frontline isn’t your 🛡️ firewall anymore. It’s your login screen.

⚡ Join this free WEBINAR to see how to protect your business before it’s too late → https://thehackernews.com/2025/08/webinar-what-next-wave-of-ai.html

🚨 Active Exploit Alert → A critical FortiSIEM flaw (CVSS 9.8) lets attackers run code without logging in — and hackers are already using it.

No clear signs if you’ve been hit. Update now or risk silent compromise.

Full details → https://thehackernews.com/2025/08/fortinet-warns-about-fortisiem.html

Advance your skills in strategic security design with Georgetown’s Online Certificate in Cybersecurity Strategy.

Learn more → https://thn.news/cybersecurity-strategy-gt-ig