⚡ Chinese hackers are burrowing into Taiwan’s web infrastructure — using custom open-source tools to stay hidden for years.

They’re exploiting unpatched servers, planting stealth VPNs, and launching Cobalt Strike for full control.

Here’s how the campaign works → https://thehackernews.com/2025/08/taiwan-web-servers-breached-by-uat-7237.html

👨‍💻 Hackers are abusing a Windows flaw (CVE-2025-26633) to drop malware—masquerading as IT staff on Microsoft Teams and tricking users with rogue MSC files.

The group? EncryptHub, a Russian crew blending social engineering with zero-days.

Details → https://thehackernews.com/2025/08/russian-group-encrypthub-exploits-msc.html

🚨 The ERMAC V3.0 Android banking trojan just had its entire source code leaked—backend, panels, builder, exfil servers.

It still targets 700+ apps, from banking to crypto, and even ships with default creds.

Read ↓ https://thehackernews.com/2025/08/ermac-v30-banking-trojan-source-code.html

20% of breaches in 2025 started with unpatched software.

And patch management? It’s broken.

With SaaS sprawl + BYOD, IT teams can’t keep up. Shadow apps and personal devices are a hacker’s dream.

Here’s what needs to change ↓ https://thehackernews.com/expert-insights/2025/08/why-traditional-approaches-to-patch.html

🚨 New supply-chain attacks hit open-source repos.

• PyPI: termncolor & colorinal delivered multi-stage malware with Windows & Linux backdoors.

• npm: fake packages posed as dev tools & job tests, stealing iCloud Keychain, browser data, wallets.

Details → https://thehackernews.com/2025/08/malicious-pypi-and-npm-packages.html

🚨 Compliance isn’t optional. Fail GDPR, HIPAA, or PCI DSS → massive fines, lawsuits, even shutdowns.

The scary part? Most don’t even know where they’re failing.

Here’s how Wazuh helps fix it:
✅ Real-time alerts
✅ Compliance dashboards
✅ Active response

Read this now → https://thehackernews.com/2025/08/wazuh-for-regulatory-compliance.html

46% of security leaders lose sleep over growing regulatory complexity.

Move beyond checkbox compliance and turn GRC into a strategic advantage with this new Tines guide.

What's in the guide:
🔸 Common challenges for security and compliance teams today
🔸 Four areas where GRC teams can leverage workflow orchestration and automation for immediate impact
🔸 Case study stories from Druva, Path AI, and more

Get the full guide here: https://thn.news/automating-grc-guide

⚡ Cybersecurity isn’t failing in one big breach—it’s leaking everywhere.

This week’s signals show just how fast cracks turn into collapse:

– NFC trojan stealing cards via “tap-to-pay” 🎴
– Active exploits in N-able N-central
– Espionage ops in Georgia & Moldova
– Docker Hub images still hiding the XZ backdoor
– U.S. expands crypto sanctions
– Hackers rushing to weaponize new CVEs

Each story points to one truth: hesitation = risk.

Read full RECAP → https://thehackernews.com/2025/08/weekly-recap-nfc-fraud-curly-comrades-n.html

⚠️ Hackers just weaponized a new Windows flaw (CVE-2025-29824) to drop the PipeMagic backdoor—fueling RansomExx attacks.

The bait? Fake ChatGPT apps and Chrome updates.
Still active. Still evolving.

Details here → https://thehackernews.com/2025/08/microsoft-windows-vulnerability.html

That copyright email in your inbox? It might not be legal trouble—it might be malware.

The “Noodlophile” attack hides in fake copyright notices, abuses Telegram, and slips past security tools.

If your brand lives on social media—you’re a target.

Here’s how it works ↓ https://thehackernews.com/2025/08/noodlophile-malware-campaign-expands.html

⚡ Microsoft warns: PipeMagic isn’t malware—it’s a framework for stealth attacks. Storm-2460 is hitting IT, finance & real estate worldwide.

Details → https://thehackernews.com/2025/08/microsoft-windows-vulnerability.html

⚡ PyPI just killed a major supply chain threat.

Over 1,800 email addresses tied to expired domains have been unverified—closing a loophole attackers used to hijack Python packages.

It’s a win, but not a cure-all.

👉 Full story ↓ https://thehackernews.com/2025/08/pypi-blocks-1800-expired-domain-emails.html

Russia’s Secret Blizzard just did something scarier than phishing → They hacked the root of trust—bypassing MFA and silently stealing “secure” traffic.

When TLS itself is broken, FIDO and MFA collapse.

How to defend against state-level attacks ↓ https://thehackernews.com/expert-insights/2025/08/how-to-defend-against-root-of-trust.html

The U.K. just dropped its demand that Apple build a backdoor into iCloud.

That order would’ve opened Americans’ encrypted data to governments—and hackers.

The plan’s dead. But the fight over encryption isn’t.

Here’s what happened → https://thehackernews.com/2025/08/uk-government-drops-apple-encryption.html

🚨 Hackers are chaining two SAP flaws (CVSS 10.0 + 9.1) to bypass login and fully take over systems.

Ransomware crews + China-linked spies are already using it in the wild.

SAP patched in April/May—but attackers were exploiting since March.

Details here → https://thehackernews.com/2025/08/public-exploit-for-chained-sap-flaws.html

🚨 60% of breaches in 2024 came from one source: people.

Not because employees are careless—because security is confusing, complex, and built for auditors, not humans. Until culture is fixed, tech alone won’t save you.

Here’s how to change that ↓ https://thehackernews.com/2025/08/why-your-security-culture-is-critical.html

🚨 New RAT alert: Hackers are hitting trading firms with GodRAT—a backdoor hidden inside fake financial docs sent over Skype.

It steals files, passwords, and even drops more malware.

Built on 20-year-old Gh0st RAT code, but deadlier.

Full details → https://thehackernews.com/2025/08/new-godrat-trojan-targets-trading-firms.html

Hackers are breaking into Linux cloud servers using a 2-year-old bug in Apache ActiveMQ.

The twist? After sneaking in, they patch the flaw themselves—locking out rivals and hiding from defenders.

Full story here → https://thehackernews.com/2025/08/apache-activemq-flaw-exploited-to.html

🚨 A 22-year-old from Oregon built a DDoS-for-hire botnet so massive it launched 370,000+ attacks across 80 countries.

Powered by 95,000 hacked devices, “RapperBot” could blast traffic at 6 Tbps—enough to cripple major platforms.

The FBI just shut it down.

Full story → https://thehackernews.com/2025/08/doj-charges-22-year-old-for-running.html

🚨 Nearly half of AI-generated code snippets contain exploitable bugs.

Worse? Developers trust them blindly—introducing SQL injections, hardcoded secrets, and overly permissive cloud configs at scale.

AI isn’t just coding faster—it’s coding insecurely.

Full story ↓ https://thehackernews.com/expert-insights/2025/08/ais-hidden-security-debt.html