Latest Intelligence
PipeMagic Backdoor Resurfaces as Part of Play Ransomware Attack Chain
The article discusses the resurgence of the PipeMagic backdoor, which is being used in conjunction with the Play ransomware attack chain. Attackers are exploiting a zero-day vulnerability in Windows Common Log File System (CLFS) to gain system-level privileges on compromised systems. Read Original »
New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code
A new remote access trojan named GodRAT is targeting financial institutions, particularly trading and brokerage firms. The malware is distributed through malicious .SCR files disguised as financial documents via Skype messenger. Read Original »
10 Major GitHub Risk Vectors Hidden in Plain Sight
The article highlights overlooked risk vectors associated with GitHub that organizations need to address to safeguard against supply chain attacks. By recognizing these risks, companies can continue to benefit from GitHub's innovations while enhancing their security posture. Read Original »
Microsoft Dissects PipeMagic Modular Backdoor
PipeMagic is a modular malware framework that masquerades as a ChatGPT application, allowing attackers to maintain persistent access and flexibility. Microsoft has analyzed this backdoor to understand its capabilities and implications for cybersecurity. Read Original »
Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution
A new exploit has been discovered that combines two critical security flaws in SAP NetWeaver, allowing attackers to bypass authentication and execute remote code. This poses significant risks to organizations, including potential system compromise and data theft. Read Original »
'DripDropper' Hackers Patch Their Own Exploit
Hackers are exploiting a two-year-old vulnerability in Apache ActiveMQ to gain unauthorized access to Linux systems, where they install malware and subsequently patch the exploited flaw. This unusual behavior poses significant security risks as it complicates detection and remediation efforts. Read Original »
Australia’s TPG Telecom Investigating iiNet Hack
TPG Telecom has reported a cybersecurity incident involving unauthorized access to an iiNet order management system. The company is currently investigating the breach to determine the extent of the compromise. Read Original »
Gabbard Says UK Scraps Demand for Apple to Give Backdoor Access to Data
The UK has decided to abandon its request for Apple to provide backdoor access to encrypted user data stored in the cloud. This decision reflects ongoing debates about privacy and security in the context of technology companies and government access to data. Read Original »
Siemens Desigo CC Product Family and SENTRON Powermanager
Siemens has reported a vulnerability in the Desigo CC product family and SENTRON Powermanager, specifically a least privilege violation that could allow privilege escalation. Users are advised to update the WIBU CodeMeter to mitigate the risk associated with this vulnerability. Read Original »
CISA Releases Four Industrial Control Systems Advisories
CISA has released four advisories related to vulnerabilities in Industrial Control Systems (ICS) as of August 19, 2025. These advisories highlight security issues and provide guidance on mitigations for affected products. Read Original »
Siemens Mendix SAML Module
The Siemens Mendix SAML Module has a critical vulnerability due to improper verification of cryptographic signatures, allowing unauthenticated remote attackers to hijack accounts in specific SSO configurations. Users are advised to update to the latest versions to mitigate the risk associated with this vulnerability. Read Original »
Gambling Tech Firm Bragg Discloses Cyberattack
Bragg Gaming Group reported that hackers gained access to its internal systems over the weekend. Fortunately, the cyberattack did not impact the company's operations. Read Original »
Secure AI Use Without the Blind Spots
The article emphasizes the urgent need for companies to establish clear and enforceable AI policies to mitigate risks associated with AI usage. It highlights the importance of addressing potential blind spots in AI security to ensure safe and responsible implementation. Read Original »
Hacktivist Sentenced to 20 Months of Prison in UK
Al-Tahery Al-Mashriky, a member of the Yemen Cyber Army, has been sentenced to 20 months in prison for his involvement in hacking and defacing multiple websites as part of hacktivist activities. This case highlights the legal consequences of cyber activism and the ongoing challenges in cybersecurity. Read Original »
U.K. Government Drops Apple Encryption Backdoor Order After U.S. Civil Liberties Pushback
The U.K. government has dropped its initiative to compel Apple to introduce a backdoor in its encryption systems, which would have allowed access to the encrypted data of U.S. citizens. This decision follows pushback from U.S. civil liberties advocates and collaboration between U.S. intelligence officials and their U.K. counterparts. Read Original »