CyberNews: 20/08/2025 Edition

Published by Dunateo on 2025-08-20

Today’s roundup

Summary

The following key cybersecurity incidents highlight elevated threats and new vulnerabilities.
North Korea used GitHub to spear‑phish 19 diplomatic staff via convincing meeting invites from March‑July 2025.
A 22‑year‑old Oregon man, Ethan Foltz, ran a botnet‑for‑hire 370,000 DDoS attacks; DOJ charged him on Aug. 20, 2025.
Warlock ransomware exploited a SharePoint toolShell flaw, gaining persistence in unpatched on‑prem SharePoint, and was seen globally.
Pharmaceutical research firm Inotiv suffered a Qilin ransomware attack on Aug. 8, 2025, encrypting systems and stealing ~176 GB of data.
A chained exploit for SAP NetWeaver (CVE‑2025‑31324 & CVE‑2025‑42999) bypasses auth, enables RCE, and was patched in April 2025.
Amazon Q Developer for VS Code contains invisible prompt injection via Unicode tags, allowing arbitrary code execution; a patch was released Aug. 8,2025.
Guardio Labs demonstrated PromptFix, a new AI browser prompt injection that tricks AI models using fake CAPTCHAs.
A Belgian telecom customer data breach exposed 850,000 accounts, leaking names, phone numbers and SIM details.
The surge in ransomware across Europe acted as a warning for US defenders, urging layered defenses and swift patching.
New quishing techniques split QR codes or embed malicious ones, expanding phishing vectors.