CyberNews: 26/08/2025 Edition

Published by Dunateo on 2025-08-26

Today’s roundup

Summary

The following updates highlight significant threats, vulnerabilities, and incidents impacting enterprises and critical infrastructure.
Hook Android Trojan variant now deploys full‑screen ransomware overlays to coerce payments and expands to 107 remote commands, increasing its attack surface.
Google will require identity verification for all Android developers, including non‑Play Store channels, to curb malicious app distribution.
CISA added three actively exploited CVEs—CVE‑2024‑8068 in Citrix Session Recording, CVE‑2024‑8069, and CVE‑2024‑8070 in Git—to its KEV catalog, signaling real‑world exploitation.
A cyber incident disrupted Maryland’s state transport operations; all pre‑scheduled trips are still honored, indicating a mitigated but visible impact on critical infrastructure.
Tech manufacturer Data I/O faced a ransomware breach that forced certain systems offline, causing operational disruption and highlighting the ongoing threat to manufacturing firms.