A recent campaign orchestrated by the EncryptHub threat group combines social engineering tactics with exploitation of CVE-2025-26633 to deliver malicious payloads. Attackers impersonate Brave Support to deceive users.

The most common initial access vectors included: VPN accounts – 23.5% Domain user accounts – 19.9% Remote Desktop Protocol (RDP) – 16.7% Such access enables threat actors to perform lateral movement, defense evasion, and data exfiltration.

Findings indicate that Siri and related services may transmit sensitive user data to Apple servers beyond what is disclosed in Apple’s privacy policies, raising questions about user consent, data handling transparency, and more.

ScarCruft, a North Korean state-sponsored cyber-espionage group, has taken the unusual step of deploying a new ransomware named VCD in its latest campaign. ScarCruft used phishing emails with malicious archive attachments to gain initial access.

Researchers have uncovered critical vulnerabilities in end-to-end encryption (E2EE) used in TETRA-based radios, which are widely deployed by police, military, and intelligence agencies globally.

A newly leaked trove of data has exposed the inner workings of North Korea’s covert IT worker operations, revealing how the regime systematically places skilled developers in remote jobs worldwide to generate revenue for its weapons programs.

Context corruption is the most critical threat to agentic AI systems. LLMs are unreliable at distinguishing between legitimate and malicious instructions. Attackers can inject malicious prompts that alter the agent’s behavior.

A new post-exploitation C2 evasion technique, dubbed Ghost Calls, has emerged, leveraging TURN servers used by popular conferencing platforms like Zoom and Microsoft Teams to tunnel malicious traffic through trusted infrastructure.

A recent surge in cyber operations by pro-Iran hacking groups has been observed in alignment with a 12-day kinetic conflict against Israel. They targeted critical infrastructure, public entities, and individuals through a variety of techniques.

Crypto ATMs have seen a dramatic rise in deployment across the United States. According to data cited by FinCEN from Coin ATM Radar, the number of reported Bitcoin ATMs in the U.S. increased from 4,250 in early 2020 to 30,647 as of August 4, 2025.