Threat Intelligence Executive Report – Volume 2025, Number 5
This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during July and August
Similar Posts
Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers
Bys sA Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET. The activity, which commenced in 2023, has been codenamed Operation RoundPress by the Slovak cybersecurity company. It…
Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval
Bys sCybersecurity researchers have disclosed a high-severity security flaw in the artificial intelligence (AI)-powered code editor Cursor that could result in remote code execution. The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to the fact that it exploits a quirk in the way the software handles modifications…
Insider Threats: The Overlooked Risks of Departing Employees and Sensitive Data Theft
Bys sJoe Lazzarotti of JacksonLewis has a post on one of my favorite topics: insider threats. Insider threats continue to present a significant challenge for organizations of all sizes. One particularly concerning scenario involves employees who leave an organization and impermissibly take or download sensitive company data. These situations can severely impact a business, especially when…
Oxfam Hong Kong data leak: charity violated data protection law
Bys sAmbrose Li reports: The local arm of international charity Oxfam violated the data protection law following a leak in July that potentially affected 550,000 people, Hong Kong’s privacy watchdog ruled in an investigation report on Thursday. […] “The privacy commissioner considered that Oxfam had not taken all practicable steps to ensure that the personal data…
Winning Against AI-Based Attacks Requires a Combined Defensive Approach
Bys sIf there’s a constant in cybersecurity, it’s that adversaries are always innovating. The rise of offensive AI is transforming attack strategies and making them harder to detect. Google’s Threat Intelligence Group, recently reported on adversaries using Large Language Models (LLMs) to both conceal code and generate malicious scripts on the fly, letting malware shape-shift in…
Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
Bys sAnother luxury brand has been hacked. This time it’s Cartier. And before your brain starts racing back to the recent disclosures of breaches involving Dior and Tiffany no, Cartier is not another luxury LVMH brands. Cartier is owned by Richemont. SecurityWeek reports: According to a notification sent to affected clients obtained by SecurityWeek, the compromised data…