Malicious Screen Connect Campaign Abuses AI-Themed Lures for Xworm Delivery

A recent investigation uncovered a deceptive malware campaign leveraging fake AI-themed content to distribute a malicious ScreenConnect installer. This installer is pre-configured to deliver the Xworm malware.

Google Big Sleep AI Tool Finds Critical Chrome Vulnerability

Google has patched a critical vulnerability (CVE-2025-9478) in the Chrome browser. The flaw, a use-after-free issue in the ANGLE graphics library, could allow attackers to execute malicious code via crafted web content.

GitLab security advisory (AV25-549)

GitLab has issued a security advisory (AV25-549) on August 28, 2025, following the disclosure of multiple vulnerabilities on August 27, 2025. These vulnerabilities affect both GitLab Community Edition (CE) and Enterprise Edition (EE).

Passwordstate dev urges users to patch auth bypass vulnerability

Click Studios has issued an urgent advisory for users of its Passwordstate password manager to patch a high-severity authentication bypass vulnerability. Passwordstate is used by over 370,000 IT professionals across 29,000 organizations globally.

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158

Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex issued a fix earlier this month, Censys warned.

FreePBX servers hacked via zero-day, emergency fix released

In an advisory posted to the FreePBX forums, the Sangoma FreePBX Security Team warned that since August 21, hackers have been exploiting a zero-day vulnerability in exposed FreePBX administrator control panels.

HPE security advisory (AV25-544)

Hewlett Packard Enterprise (HPE) has issued Security Advisory AV25-544 on August 26, 2025, addressing multiple vulnerabilities in HPE Compute Scale-up Server 3200 systems. These vulnerabilities affect systems running versions prior to v1.60.88.

Researchers flag code that uses AI systems to carry out ransomware attacks

Researchers have identified PromptLock, the first known AI-powered ransomware, written in Golang. This malware leverages prompt injection attacks on large language models (LLMs) to execute ransomware functions.

Velociraptor incident response tool abused for remote access

Threat actors have been observed abusing the legitimate Velociraptor digital forensics and incident response (DFIR) tool to establish remote access and execute further malicious payloads.

AI browsers could leave users penniless: A prompt injection warning

The rise of AI-powered and agentic browsers introduces a new class of cybersecurity threats—prompt injection attacks. These attacks exploit the language-processing capabilities of LLMs embedded in browsers.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags