Cisco Talos unveiled several critical cybersecurity developments at Black Hat USA 2025, including a new multi-stage malware campaign named PS1Bot and groundbreaking research on AI guardrail bypasses and embedded chip vulnerabilities.

A persistent malvertising campaign active throughout 2025 is delivering PS1Bot, a modular multi-stage malware framework written in PowerShell and C#. PS1Bot is designed for stealth and flexibility.

Researchers uncovered multiple critical vulnerabilities in Dell ControlVault3 and ControlVault3 Plus firmware, including CVE-2025-25215, CVE-2025-24922, and CVE-2025-24919.

Researchers have disclosed multiple vulnerabilities across WWBN AVideo, MedDream PACS Premium, and Eclipse ThreadX FileX. These include cross-site scripting (XSS), race conditions, privilege escalation, and buffer overflow issues.

Researchers identified five critical vulnerabilities in Bloomberg’s Comdb2 version 8.1, an open-source clustered database system. These flaws can be exploited remotely to cause denial-of-service (DoS) conditions via specially crafted TCP packets.

A sophisticated Malware-as-a-Service (MaaS) operation has been identified leveraging the Emmenhtal loader and Amadey malware to distribute a variety of payloads. The campaign targets Ukrainian entities and utilizes public GitHub repositories.

Researchers have discovered four critical vulnerabilities—two in Asus Armoury Crate and two in Adobe Acrobat Reader. These vulnerabilities have been patched by their respective vendors.

Microsoft’s July 2025 Patch Tuesday addresses 132 vulnerabilities, including 14 marked as critical. These span across Windows services, Microsoft Office, SharePoint, Hyper-V, and SQL Server.

Two critical vulnerabilities in the ASUS AsIO3.sys driver (CVE-2025-1533 and CVE-2025-3464) allow local privilege escalation to SYSTEM level. These flaws affect ASUS Armory Crate and AI Suite applications.

PylangGhost is tailored for Windows, while the Golang version targets MacOS. The threat actors target professionals in cryptocurrency and blockchain industries, mostly in India, using fake job interviews.