🚨 Webinar: Automating Google Workspace Security Policies 🚨

Manual enforcement is impossible — scripts break, alerts pile up, and approvals drag on. Join Google Cloud Security and Zenphi experts to see how human-in-the-loop automation keeps IT in control while enforcing policies consistently.

🕒 When: August 27, 10 AM PT
👉 Register Here to Join Live or Get the Replay: https://thn.news/google-workspace-policies

What You’ll Learn:
📤 Block Gmail Forwarding to Personal Accounts – detect & disable instantly, log for audit.
👀 Shadow IT Monitoring – track OAuth apps & Chrome extensions without endless checks.
👋 Automated Offboarding – revoke access, clear permissions, and document the process.
💡 Bonus: Get exclusive access to the latest Google Cloud Security Trends Report.

🔥 Nearly half of orgs failed password-cracking tests in 2025 (up from last year).

Once inside? Attackers succeed in 98% of cases using valid accounts—slipping past defenses unnoticed.

The weakest link isn’t malware. It’s your passwords.

Read the report → https://thehackernews.com/2025/08/weak-passwords-and-compromised-accounts.html

Hackers are luring people with fake CAPTCHA pages—then tricking them into copy-pasting malware.

The result: a new backdoor, CORNFLAKE.V3, that steals credentials, hides behind Cloudflare, and won’t go away once it’s in.

Here’s how the attack works → https://thehackernews.com/2025/08/cybercriminals-deploy-cornflakev3.html

🚨 Four new Commvault flaws just dropped — and they can be chained for pre-auth remote code execution.

Attackers could seize control before you even log in.

Worst part? One chain works if the default admin password was never changed.

Patch now. Details here → https://thehackernews.com/2025/08/pre-auth-exploit-chains-found-in.html

A Houston software dev just got 4 years in prison.

Why? He built a hidden kill switch that locked out thousands of coworkers the moment his account was disabled.

The sabotage cost his company hundreds of thousands.

Details ↓ https://thehackernews.com/2025/08/ex-developer-jailed-four-years-for.html

Three China-backed hacking groups are tearing into cloud & telecom networks worldwide.

🐼 Murky Panda → hijacked cloud partners to backdoor Entra ID
🐼 Genesis Panda → burrowed deep into CSP accounts
🐼 Glacial Panda → raided telecom networks in 11 countries .

Different methods.
Same mission: espionage.

Details here → https://thehackernews.com/2025/08/chinese-hackers-murky-genesis-and.html

🚨 1,209 cybercriminals arrested across 18 African countries.

• $97.4 million recovered
• 88,000 victims
• 11,432 malicious infrastructures dismantled

From crypto fraud to ransomware, Operation Serengeti shows the global fight against cybercrime is heating up.

Read → https://thehackernews.com/2025/08/interpol-arrests-1209-cybercriminals.html

Why are we still delivering pentest results like it’s 2010?

Static PDFs. Email attachments. Weeks of delay.

Automation flips the script: findings delivered in real time, workflows auto-tracked. This is the future of pentest delivery.

See how → https://thehackernews.com/2025/08/automation-is-redefining-pentest.html

🛑 WARNING: A phishing email with a RAR file can hijack your Linux system—without opening the file’s content.

The malware? Hidden in the file name itself.

No macros. No hidden content. Just a filename that executes Bash.

This trick slips past antivirus scans.

Here’s how it works ↓ https://thehackernews.com/2025/08/linux-malware-delivered-via-malicious.html

⚠️ Cyberattacks are shifting gears.

➟ One crew hijacks GeoServer (CVE-2024-36401) to quietly sell your internet bandwidth.

➟ Another builds PolarEdge, a 40k-device botnet hidden in firewalls & routers.

➟ And “Gayfemboy” — a Mirai offshoot — spreads across industries to fuel DDoS.

Different names. Same trend: stealth, scale, and profit.

Details → https://thehackernews.com/2025/08/geoserver-exploits-polaredge-and.html

⚠️ A “hacking tool” on Go isn’t what it seems.

The package pretends to brute-force SSH—but secretly sends stolen logins to a Telegram bot controlled by a Russian actor.

The package is still on pkg.go.dev.

Full report → https://thehackernews.com/2025/08/malicious-go-module-poses-as-ssh-brute.html

A “Meeting Notice.pdf” lands in your inbox. You open it. Firefox pops up with a real doc.

Nothing feels wrong.

But behind the scenes? Malware is already stealing govt data.

That’s APT36’s latest trick to target Indian govt systems → https://thehackernews.com/2025/08/transparent-tribe-targets-indian-govt.html

The bad news didn’t wait:

💥 Password managers cracked
⚠️ Zero-days exploited live
☁️ Clouds breached
🤖 AI risks emerging
🌐 Governments cracking down

This week’s cyber recap is unmissable → https://thehackernews.com/2025/08/weekly-recap-password-manager-flaws.html

Enterprises are catching just 1 in 7 attacks.

The rest? Slipping by undetected.

The 2025 Blue Report exposes the hidden detection gap putting critical data at risk.

See what’s missing → https://thehackernews.com/2025/08/why-siem-rules-fail-and-how-to-fix-them.html

🚨 A new phishing wave is hitting global industries.

Fake voicemails & purchase orders are luring victims into downloading UpCrypter—a stealthy malware loader that drops RATs like PureHVNC & DarkCrystal, giving attackers full control.

Details here ↓ https://thehackernews.com/2025/08/phishing-campaign-uses-upcrypter-in.html

🚨 Critical flaw in Docker Desktop (CVE-2025-9074, 9.3/10) lets a malicious container escape and hijack the host.

On Windows, attackers can mount the full C:\ drive, read sensitive files, even escalate to admin. macOS safer—but not safe.

Patch now (v4.44.3). Details → https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html

⚠️ ALERT: Chinese hackers hijacked Wi-Fi portals to spy on diplomats—using fake Adobe updates signed with valid certificates.

The attack drops a PlugX backdoor that steals files, logs keystrokes & runs remote commands.

Here’s how it works ↓ https://thehackernews.com/2025/08/unc6384-deploys-plugx-via-captive.html

CISA just flagged 3 new actively exploited flaws—two in Citrix Session Recording, one in Git.

The Git bug (CVE-2025-48384) can let attackers run arbitrary code just by cloning a repo. Proof-of-concept exploit is already out.

Here’s what you need to know ↓ https://thehackernews.com/2025/08/cisa-adds-three-exploited.html

🛑 Important: Google is locking down Android.

Starting Sept 2026, every app — even outside the Play Store — must come from a verified developer.

No more anonymous sideloads. No quick comebacks for malware gangs.

First up: Brazil, Indonesia, Singapore, Thailand.

Full story ↓ https://thehackernews.com/2025/08/google-to-verify-all-android-developers.html

📢 Google & Workday both confirmed breaches this summer — attackers slipped in through social engineering, not software flaws.

The group behind it, ShinyHunters, used phone scams + fake apps to access Salesforce data.

Here’s what actually happened ↓ https://thehackernews.com/expert-insights/2025/08/shinyhunters-data-breach-vs-saas-why.html