SecurityWeek Briefing.

"OneFlip:  An emerging threat to AI that could make vehicles crash and facial recognition fail."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 25 August 2025, 1948 UTC.

Content and Source via email subscription from https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Ffeeds.feedburner.com%2FSecurityweek

Please check subscription link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

SecurityWeek

90K followers36 articles per week

#security#tech

47

Today

OneFlip: An Emerging Threat to AI that Could Make Vehicles Crash and Facial Recognition Fail

by Kevin Townsend / 2h

Researchers unveil OneFlip, a Rowhammer-based attack that flips a single bit in neural network weights to stealthily backdoor AI systems without degrading performance. The post appeared first on SecurityWeek .

Pakistani Hackers Back at Targeting Indian Government Entities

by Ionut Arghire / 6h

Pakistani state-sponsored hacking group APT36 is targeting Linux systems in a fresh campaign aimed at Indian government entities. The post appeared first on SecurityWeek .

Aspire Rural Health System Data Breach Impacts Nearly 140,000

Data breaches at Premier Health Aspire

•

by Eduard Kovacs / 7h

Aspire Rural Health System was targeted last year by the BianLian ransomware group, which claimed to have stolen sensitive data. The post appeared first on SecurityWeek .

Chip Programming Firm Data I/O Hit by Ransomware

by Eduard Kovacs / 7h

Data I/O has disclosed a ransomware attack that disrupted the company’s operations, including communications, shipping and production. The post appeared first on SecurityWeek .

Anatsa Android Banking Trojan Now Targeting 830 Financial Apps

Anatsa malware targets Android banking users

•

by Ionut Arghire / 8h

The Anatsa Android banking trojan has expanded its target list to new countries and more cryptocurrency applications. The post appeared first on SecurityWeek .

CISA Requests Public Feedback on Updated SBOM Guidance

CISA seeks comments on SBOM guide

•

by Ionut Arghire / 9h

CISA has updated the Minimum Elements for a Software Bill of Materials (SBOM) guidance and is seeking public comment. The post appeared first on SecurityWeek .

Yesterday

SASE Company Netskope Files for IPO

Netskope files for US IPO

•

by Eduard Kovacs / 10h

Netskope has an annual recurring revenue of more than $707 million, but it’s still not profitable, reporting a net loss of $170 million in H1. The post appeared first on SecurityWeek .

Arch Linux Project Responding to Week-Long DDoS Attack

2 TTPs

•

by Ionut Arghire / 11h

•

Arch AUR faces DDoS disruptions

The Arch Linux Project has been targeted in a DDoS attack that disrupted its website, repository, and forums. The post appeared first on SecurityWeek .

Farmers Insurance Data Breach Impacts Over 1 Million People

Farmers Insurance data breach investigation

•

by Eduard Kovacs / 13h

Farmers New World Life Insurance and Farmers Group have filed separate data breach notifications with state authorities. The post appeared first on SecurityWeek .

Aug 22, 2025

Large Interpol Cybercrime Crackdown in Africa Leads to the Arrest of Over 1,200 Suspects

Interpol arrests 1209 African cybercriminals

•

by Associated Press / 3d

Dubbed Operation Serengeti 2.0, the operation took place between June and August. The post appeared first on SecurityWeek .

In Other News: McDonald’s Hack, 1,200 Arrested in Africa, DaVita Breach Grows to 2.7M

Healthcare data breaches affect millions

•

by SecurityWeek News / 3d

Noteworthy stories that might have slipped under the radar: cryptojacker sentenced to prison, ECC.fail Rowhammer attack, and Microsoft limits China’s access to MAPP. The post appeared first on SecurityWeek .

Chinese Silk Typhoon Hackers Targeting Multiple Industries in North America

by Ionut Arghire / 3d

Silk Typhoon was seen exploiting n-day and zero-day vulnerabilities for initial access to victim systems. The post appeared first on SecurityWeek .

Developer Who Hacked Former Employer’s Systems Sentenced to Prison

by Ionut Arghire / 3d

Davis Lu was sentenced to four years in prison for installing malicious code on employer’s systems and for deleting encrypted data. The post appeared first on SecurityWeek .

Aug 21, 2025

CPAP Medical Data Breach Impacts 90,000 People

CPAP Medical data breach investigation

•

by Eduard Kovacs / 3d

CPAP Medical Supplies and Services has disclosed a data breach resulting from an intrusion that occurred in December 2024. The post appeared first on SecurityWeek .

AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure

by Eduard Kovacs / 3d

AWS has addressed a vulnerability that could have been leveraged to bypass Trusted Advisor’s S3 bucket permissions check. The post appeared first on SecurityWeek .

Hundreds Targeted in New Atomic macOS Stealer Campaign

by Ionut Arghire / 3d

Between June and August, over 300 entities were targeted with the Atomic macOS Stealer via malvertising. The post appeared first on SecurityWeek .

MITRE Updates List of Most Common Hardware Weaknesses

by Ionut Arghire / 3d

MITRE has updated the list of Most Important Hardware Weaknesses to align it with evolving hardware security challenges. The post appeared first on SecurityWeek .

Telecom Firm Colt Confirms Data Breach as Ransomware Group Auctions Files

Colt telco suffers cyberattack

•

by Eduard Kovacs / 4d

Colt Technology Services is working on restoring systems disrupted by a ransomware attack that involved data theft. The post appeared first on SecurityWeek .

Scattered Spider Hacker Sentenced to Prison

by Ionut Arghire / 4d

Noah Urban was sentenced to 10 years in prison for his role in the notorious cybercriminal operation known as Scattered Spider. The post appeared first on SecurityWeek .

Password Managers Vulnerable to Data Theft via Clickjacking

Password managers vulnerable to clickjacking

•

by Eduard Kovacs / 4d

A researcher has tested nearly a dozen password managers and found that they were all vulnerable to clickjacking attacks. The post appeared first on SecurityWeek .

Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI

by Ionut Arghire / 4d

Russian state-sponsored hackers tracked as Static Tundra continue to target Cisco devices affected by CVE-2018-0171. The post appeared first on SecurityWeek .

Orange Belgium Data Breach Impacts 850,000 Customers

by Ionut Arghire / 4d

Orange Belgium says hackers accessed data pertaining to 850,000 customer accounts during a July cyberattack. The post appeared first on SecurityWeek .

Aug 20, 2025

Apple Patches Zero-Day Exploited in Targeted Attacks

Apple patches actively exploited zero-days

•

by Ionut Arghire / 4d

Apple has rolled out iOS and macOS updates that resolve a zero-day vulnerability exploited in highly targeted attacks. The post appeared first on SecurityWeek .

Europol Says Qilin Ransomware Reward Fake

Europol offers reward for Qilin hackers

•

by Eduard Kovacs / 4d

A $50,000 reward from Europol for two members of the Qilin ransomware group is a ‘scam’, according to the law enforcement agency. The post appeared first on SecurityWeek .

GPT-5 Has a Vulnerability: Its Router Can Send You to Older, Less Safe Models

by Kevin Townsend / 5d

Instead of GPT-5 Pro, your query could be quietly redirected to an older, weaker model, opening the door to jailbreaks, hallucinations, and unsafe outputs. The post appeared first on SecurityWeek .

Slow and Steady Security: Lessons from the Tortoise and the Hare

by Joshua Goldfarb / 5d

By focusing on fundamentals, enterprises can avoid the distraction of hype and build security programs that are consistent, resilient, and effective over the long run. The post appeared first on SecurityWeek .

Elastic Refutes Claims of Zero-Day in EDR Product

by Ionut Arghire / 5d

Elastic has found no evidence of a vulnerability leading to RCE after details and PoC of a Defend EDR bypass were published online. The post appeared first on SecurityWeek .

RapperBot Botnet Disrupted, American Administrator Indicted

Oregon man charged over RapperBot

•

by Ionut Arghire / 5d

The US Department of Justice has announced the takedown of the RapperBot botnet and charges against its American administrator. The post appeared first on SecurityWeek .

Seemplicity Raises $50 Million for Exposure Management Platform

by Eduard Kovacs / 5d

Seemplicity announced a Series B funding round that will be used to create AI agents for its exposure management solution. The post appeared first on SecurityWeek .

Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data

Workhorse software has critical vulnerabilities

•

by Eduard Kovacs / 5d

CERT/CC has disclosed the details of information exposure vulnerabilities in a Workhorse Software application after patches were released. The post appeared first on SecurityWeek .

Pharmaceutical Company Inotiv Confirms Ransomware Attack

by Ionut Arghire / 5d

Inotiv has notified the SEC that its business operations took a hit after hackers compromised and encrypted its internal systems. The post appeared first on SecurityWeek .

Aug 19, 2025

High-Severity Vulnerabilities Patched in Chrome, Firefox

Mozilla and Chrome patch vulnerabilities

•

by Ionut Arghire / 5d

Google and Mozilla have released patches for multiple high-severity vulnerabilities affecting Chrome and Firefox. The post appeared first on SecurityWeek .

Intel Employee Data Exposed by Vulnerabilities

Intel internal systems hacked data leaked

•

by Eduard Kovacs / 5d

A researcher said he found vulnerable internal services that exposed the information of 270,000 Intel employees. The post appeared first on SecurityWeek .

Microsoft Dissects PipeMagic Modular Backdoor

by Ionut Arghire / 6d

PipeMagic, which poses as a ChatGPT application, is a modular malware framework that provides persistent access and flexibility. The post appeared first on SecurityWeek .

Australia’s TPG Telecom Investigating iiNet Hack

iiNet data breach affects 280000

•

by Eduard Kovacs / 6d

TPG Telecom has disclosed a cybersecurity incident after discovering unauthorized access to an iiNet order management system. The post appeared first on SecurityWeek .

Gabbard Says UK Scraps Demand for Apple to Give Backdoor Access to Data

UK drops Apple backdoor mandate

•

by Associated Press / 6d

Britain abandoned its demand that Apple provide backdoor access to any encrypted user data stored in the cloud. The post appeared first on SecurityWeek .

Gambling Tech Firm Bragg Discloses Cyberattack

Bragg reports cybersecurity incident

•

by Ionut Arghire / 6d

Bragg Gaming Group says hackers accessed its internal systems over the weekend, but did not affect its operations. The post appeared first on SecurityWeek .

Hacktivist Sentenced to 20 Months of Prison in UK

UK hacker sentenced for cyberattacks

•

by Eduard Kovacs / 6d

Al-Tahery Al-Mashriky of the Yemen Cyber Army has been accused of hacking into and defacing many websites as part of hacktivist campaigns. The post appeared first on SecurityWeek .

New Exploit Poses Threat to SAP NetWeaver Instances

by Ionut Arghire / 6d

A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks. The post appeared first on SecurityWeek .