A new malware campaign involving the Efimer Trojan has been observed targeting cryptocurrency users and WordPress site administrators. Efimer is a ClipBanker-type Trojan that steals and replaces cryptocurrency wallet addresses.

On August 8, 2025, Juniper Networks issued Security Advisory AV25-491 to address multiple vulnerabilities in Juniper Secure Analytics (JSA). These vulnerabilities affect versions 7.5.0 up to but not including 7.5.0 UP12 IF03.

A new clickjacking campaign is exploiting adult content websites hosted on blogspot[.]com to distribute a Trojan that manipulates Facebook interactions. This campaign leverages malicious SVG files containing obfuscated JavaScript.

Researchers revealed critical vulnerabilities in satellite and ground station software that could allow attackers to hijack or disable space assets. Exploitation of these bugs could allow attackers to take full control of satellite systems and more.

A sophisticated cybercriminal operation led by the VexTrio group has been uncovered, involving the distribution of fraudulent mobile applications through the Google Play Store and Apple App Store.

The vulnerability (CVE-2025-53786) allows attackers to manipulate user credentials, escalate privileges, and impersonate hybrid users. It also exposes Entra ID, potentially compromising cloud-based identity services.

Security researchers have demonstrated a groundbreaking indirect prompt injection attack against Google’s Gemini AI, showing how malicious calendar invites can trigger real-world actions in smart homes.

Researchers have disclosed multiple vulnerabilities across WWBN AVideo, MedDream PACS Premium, and Eclipse ThreadX FileX. These include cross-site scripting (XSS), race conditions, privilege escalation, and buffer overflow issues.

UAC-0099, a threat actor group, is actively targeting Ukrainian defense and government entities using a sophisticated malware delivery chain. The campaign leverages phishing emails with double-archived HTA files to deploy the MATCHBOIL loader.

A new wave of sophisticated EDR killer tools, often packed with HeartCrypt, is being deployed by multiple ransomware groups to disable endpoint defenses and facilitate ransomware execution.