1. Hacker Claims Russian Government Behind Kaseya Ransomware Attack
A hacker has claimed the Russian government was behind the infamous 2021 Kaseya ransomware attack.
The individual, reportedly part of the now-defunct REvil gang, stated in a recent interview that the Kremlin directed REvil’s activities, including the Kaseya attack, to demonstrate Russia’s cyber capabilities. The attack had caused global disruptions, impacting over 1,500 businesses through compromised software. The hacker also alleges that REvil operated under the protection of the Russian Federal Security Service (FSB), which intervened in internal disputes among gang members.
This revelation, if true, underscores the growing entanglement of state interests and cybercriminal operations, posing serious challenges for international cybersecurity cooperation.
🔗 Read the full article
2. Microsoft August 2025 Patch Tuesday Fixes 1 Zero-Day, 107 Vulnerabilities
Microsoft’s August 2025 Patch Tuesday update addresses 108 vulnerabilities, including one actively exploited zero-day.
The most critical of the patched issues include 27 remote code execution flaws, 23 elevation of privilege vulnerabilities, and 18 security feature bypass bugs. The actively exploited zero-day (CVE-2025-30591) affects the Microsoft Streaming Service Proxy, which could allow attackers to escalate privileges. While none of the vulnerabilities were rated as “Critical,” administrators are urged to patch immediately due to potential exploitation risks.
This patch cycle highlights the persistent volume of threats targeting Microsoft environments and the need for timely patch management in enterprise IT systems.
🔗 Read the full article
3. Fortinet Warns of Critical Vulnerabilities in FortiSIEM
Fortinet has issued a security advisory about multiple critical vulnerabilities affecting FortiSIEM, its security information and event management platform.
The most severe flaw, tracked as CVE-2024-23108 (CVSS 9.8), could allow remote attackers to execute arbitrary commands without authentication. Several other vulnerabilities, including command injection and privilege escalation issues, were also disclosed. Fortinet has released patches and recommends users update affected systems immediately to mitigate risk.
Given FortiSIEM’s role in monitoring and securing enterprise environments, these flaws represent a serious threat if left unpatched.
🔗 Read the full article
4. Over 17,000 Microsoft Servers Remain Unpatched Against Critical Vulnerabilities
Researchers report that over 17,000 Microsoft servers exposed to the internet are still unpatched against known critical vulnerabilities.
A recent analysis found that thousands of servers are still running outdated and vulnerable versions of Microsoft software, including Exchange Server and IIS. Many of these unpatched systems are susceptible to exploits that have been publicly known for months or even years. Experts warn that these servers are prime targets for ransomware and espionage operations.
This highlights a persistent issue in enterprise cybersecurity: failure to apply security patches in a timely manner, leaving organizations exposed to avoidable threats.
🔗 Read the full article
5. Manpower Staffing Agency Discloses Data Breach After RansomHub Attack
Global staffing firm ManpowerGroup has disclosed a data breach following a cyberattack by the RansomHub extortion group.
The company revealed that attackers gained unauthorized access to certain systems and stole sensitive data. RansomHub has claimed responsibility and posted samples of stolen information online, suggesting a large-scale breach. Manpower is working with law enforcement and cybersecurity experts to assess the impact and contain the breach.
This incident underscores the growing trend of ransomware groups targeting large, data-rich enterprises for extortion, with potential risks to both corporate operations and individual privacy.
🔗 Read the full article
6. ShinyHunters and Other Cybercrime Gangs Merge to Form Unified Operation
Notorious cybercrime gang ShinyHunters has reportedly merged with other threat actors to form a powerful collective called “Brotherhood of Thieves.”
This new entity is said to consolidate resources, tools, and stolen data from multiple criminal groups, significantly enhancing their capabilities. According to threat intelligence sources, the group plans to launch coordinated data breaches and extortion campaigns targeting major corporations. The merger reflects a trend of increased collaboration among cybercriminals to scale their operations and evade law enforcement.
The formation of this collective signals a concerning escalation in the sophistication and organization of cybercrime, demanding greater vigilance from security teams.
🔗 Read the full article