SecurityWeek’s cybersecurity information roundup gives a concise compilation of noteworthy tales that may have slipped beneath the radar.
We offer a useful abstract of tales that won’t warrant a whole article, however are nonetheless essential for a complete understanding of the cybersecurity panorama.
Every week, we curate and current a group of noteworthy developments, starting from the most recent vulnerability discoveries and rising assault methods to vital coverage modifications and trade reviews.
Listed here are this week’s tales:
Hackers disrupt the communications of dozens of Iranian ships
A hacking group referred to as Lab Dookhtegan allegedly disrupted the communication methods of 60 Iranian ships, together with 39 tankers and 25 cargo ships operated by Iranian maritime corporations NITC and IRISL, that are sanctioned by the US. By hacking the satellite tv for pc communications firm Fannava, the group allegedly disabled the central comms system named Falcon, and ran harmful instructions to erase core information, leaving the ships blind and deaf.
The Division of Vitality’s cybersecurity suggestions
The Division of Vitality has revealed a report (PDF) documenting actions taken by the division, together with the Nationwide Nuclear Safety Administration, to deal with cybersecurity weaknesses in its unclassified cybersecurity program, flagged through the fiscal 12 months 2024. The report discovered that solely 19 of 63 suggestions from earlier audits have been closed and that 44 prior suggestions remained open. 79 new suggestions had been issued through the fiscal 12 months.Commercial. Scroll to proceed studying.
Maryland investigating cyberattack
The Maryland Transit Administration (MTA) is investigating a cyberattack that impacted a few of its operation and knowledge methods, and name facilities. The MTA mentioned hackers accessed its methods, however didn’t share data on the scope of the incident. The assault was disclosed on August 25, simply earlier than Nevada introduced that hackers breached its state methods.
Atlassian, Chrome, Cisco patches
Atlassian launched safety updates that resolve eight vulnerabilities in its Bamboo, Bitbucket, and Crowd Knowledge Middle and Server merchandise. Cisco rolled out fixes for a dozen flaws throughout its merchandise, together with two high-severity bugs. Google up to date the Chrome browser to patch a essential use-after-free bug in ANGLE, tracked as CVE-2025-9478.
Hackers goal ScreenConnect tremendous admin credentials
Mimecast warns of a low-volume phishing marketing campaign aimed toward harvesting ScreenConnect administrator credentials. Energetic since at the least 2022, the marketing campaign has remained largely undetected, focusing on administrators, managers, and safety personnel that possess elevated privileges inside ScreenConnect environments. In a separate report, Irregular revealed that 900 organizations have been focused in phishing assaults deploying ScreenConnect for distant entry.
Google improves Android machine safety with developer verification
In an effort to enhance the safety of licensed Android units, Google would require that each one put in functions be registered by verified builders. Whereas this received’t require builders to distribute their functions by way of Google Play, it would stop the set up of functions that aren’t constructed by verified builders, primarily stopping malware infections. A brand new Android Developer Console can be accessible for builders who solely distribute outdoors of Google Play. The requirement will go into impact in Brazil, Indonesia, Singapore, and Thailand in September 2026.
Hackers weaponize AI for information exfiltration
Anthropic has noticed cybercriminals utilizing its Claude Code AI software to commit large-scale information theft and extortion. The software was used for reconnaissance, credential harvesting, community penetration, and for crafting ransom calls for. At the least 17 organizations throughout a number of sectors have been affected, Anthropic explains in its August 2025 risk intelligence report (PDF).
Phishing marketing campaign targets organizations with UpCrypter malware dropper
A brand new phishing marketing campaign depends on off-the-shelf instruments to ship convincing e mail messages that redirect customers to faux web sites distributing UpCrypter, which in flip deploys backdoors akin to PureHVNC, DCRat, and Babylon RAT, Fortinet reviews. Utilizing numerous mechanisms to evade detection, the financially motivated assaults have focused development, healthcare, manufacturing, retail, expertise, and different sectors.
ShadowSilk again at focusing on governments in Asia
A Kazakhstan-linked espionage group referred to as YoroTrooper is launching massive‑scale assaults towards authorities entities in Central Asia and the Asia-Pacific area. The exercise, tracked as ShadowSilk and energetic since at the least 2023, diminished after public publicity in January 2025, however recommenced on contemporary infrastructure in June 2025, Group-IB reviews. Greater than 35 victims have been recognized.
Essential vulnerabilities present in Securden Unified PAM
Rapid7 launched particulars on 4 vulnerabilities in Securden Unified PAM, together with two critical-severity bugs that permit attackers to bypass authentication (CVE-2025-53118), compromising passwords, secrets and techniques, and utility session tokens, and to add information to the server’s configuration and internet root directories (CVE-2025-53120), acquiring distant code execution. All 4 safety defects have been patched.
Associated: In Different Information: McDonald’s Hack, 1,200 Arrested in Africa, DaVita Breach Grows to 2.7M
Associated:In Different Information: Essential Zoom Flaw, Metropolis’s Water Threatened by Hack, $330 Billion OT Cyber Danger
