CyberSecurity Updates

08 Aug

Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise

Information, News

Two different firms have tested the newly released GPT-5, and both find its security sadly lacking. After Grok-4 fell to a jailbreak in two days, GPT-5 fell in 24 hours to the same researchers. Separately, but almost simultaneously, red teamers from SPLX (formerly known as SplxAI) declare, “GPT-5’s raw model is nearly unusable for enterprise out of the box. Even OpenAI’s internal prompt layer leaves significant gaps, especially in Business Alignment.” NeuralTrust’s jailbreak employed a…

Read More
08 Aug

In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment

Information, News

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.  Here are this…

Read More
07 Aug

CISA Issues ED 25-02: Mitigate Microsoft Exchange Vulnerability

Attacks, Insights, Malware

Today, CISA issued Emergency Directive (ED) 25-02: Mitigate Microsoft Exchange Vulnerability in response to CVE-2025-53786, a vulnerability in Microsoft Exchange server hybrid deployments.   ED 25-02 directs all Federal Civilian Executive Branch (FCEB) agencies with Microsoft Exchange hybrid environments to implement required mitigations by 9:00 AM EDT on Monday, August 11, 2025.  This vulnerability presents significant risk to all organizations operating Microsoft Exchange hybrid-joined configurations that have not yet implemented the April 2025 patch guidance.…

Read More
07 Aug

ESET Threat Report H1 2025: ClickFix, infostealer disruptions, and ransomware deathmatch

Information

Threat actors are embracing ClickFix, ransomware gangs are turning on each other – toppling even the leaders – and law enforcement is disrupting one infostealer after another ESET Research 05 Aug 2025  •  , 1 min. read “It’s all fun and games until someone gets hurt” could well be the title of the latest ESET Threat Report, as cybercriminals play new mind games with their victims, wage full-on deathmatches among themselves, and become the hunted…

Read More
06 Aug

Who Got Arrested in the Raid on the XSS Crime Forum?

Information, Insights

On July 22, 2025, the European police agency Europol said a long-running investigation led by the French Police resulted in the arrest of a 38-year-old administrator of XSS, a Russian-language cybercrime forum with more than 50,000 members. The action has triggered an ongoing frenzy of speculation and panic among XSS denizens about the identity of the unnamed suspect, but the consensus is that he is a pivotal figure in the crime forum scene who goes by…

Read More
06 Aug

CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities

Attacks, Insights, Malware

CISA published a Malware Analysis Report (MAR) with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities: CVE-2025-49704 [CWE-94: Code Injection], CVE-2025-49706 [CWE-287: Improper Authentication], CVE-2025-53770 [CWE-502: Deserialization of Untrusted Data], and CVE-2025-53771 [CWE-287: Improper Authentication] Cyber threat actors have chained CVE-2025-49704 and CVE-2025-49706 (in an exploit chain publicly known as “ToolShell”) to gain unauthorized access to on-premises SharePoint servers. CISA analyzed six files including two Dynamic Link-Library (.DLL), one cryptographic key…

Read More
06 Aug

Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments

Attacks, Insights, Malware

Note: This Alert may be updated to reflect new guidance issued by CISA or other parties.  CISA is aware of the newly disclosed high-severity vulnerability, CVE-2025-53786, that allows a cyber threat actor with administrative access to an on-premise Microsoft Exchange server to escalate privileges by exploiting vulnerable hybrid-joined configurations. This vulnerability, if not addressed, could impact the identity integrity of an organization’s Exchange Online service.  While Microsoft has stated there is no observed exploitation as of…

Read More
02 Aug

Why the tech industry needs to stand firm on preserving end-to-end encryption

Information

Restricting end-to-end encryption on a single-country basis would not only be absurdly difficult to enforce, but it would also fail to deter criminal activity Tony Anscombe 01 Aug 2025  •  , 5 min. read The UK Government wants access, when requested, to the end-to-end encrypted messages and data for everyone in the UK. The reasons are to specifically tackle serious crimes, such as terrorism and child sex abuse. The UK Government is not alone in…

Read More
02 Aug

Is your phone spying on you? | Unlocked 403 cybersecurity podcast (S2E5)

Information

Here’s what you need to know about the inner workings of modern spyware and how to stay away from apps that know too much 01 Aug 2025 The world of espionage has gone digital. Rather than involving trench coats and secret missions, it’s now about silent cyberthreats that can turn phones into secret surveillance devices. In other words, today’s battleground is in people’s pockets, as malicious tools pose as everyday apps and can, in extreme…

Read More
01 Aug

This month in security with Tony Anscombe – July 2025 edition

Information

Here’s a look at cybersecurity stories that moved the needle, raised the alarm, or offered vital lessons in July 2025 31 Jul 2025 With another month behind us, it’s time for ESET Chief Security Evangelist Tony Anscombe to look at cybersecurity stories that made an impact and offered vital lessons in July 2025. Here’s Tony’s rundown of some of what stood out most over the past 30 or so days. attacks targeting on-premises Microsoft SharePoint…

Read More