Svoboda Cybersecurity Brief August 05, 2025
Aug 05, 2025bulletproof VPN - stay anonymous
Thai hospital fined for repurposing patient records as snack bags
A private hospital in Thailand was fined 1.2 million baht (~$37,000) after patient paper records were discovered being repurposed as snack bags. The incident, one of five major cases announced by Thailand’s Personal Data Protection Committee, involved patient registry files being used as pouches for crispy crepes.
Source: DataBreaches.net
Dutch Prosecution Service reboots systems after cyberattack
The Dutch Public Prosecution Service began a phased system reboot after a cyberattack in July forced a full digital shutdown. External experts confirmed no data was stolen or altered, and email systems were restored first, followed by systems for criminal case procedures.
Source: DataBreaches.net
Salesforce data theft attacks target Chanel, other luxury brands
Chanel confirmed a breach impacting U.S. customers, exposing contact information, in a wave of Salesforce data theft attacks attributed to the ShinyHunters extortion group. The attackers exploit social engineering to compromise Salesforce credentials or trick employees into authorizing malicious OAuth apps.
Impact: Sensitive customer data exposed.
Mitigation: Enable MFA, enforce least privilege, and manage connected apps carefully.
Source: BleepingComputer
Proton Authenticator bug logged TOTP secrets in plaintext
Proton fixed a bug in its iOS Authenticator app that logged users’ TOTP secrets in plaintext in local debug logs. While logs weren’t transmitted remotely, sharing them could expose sensitive authentication codes.
Impact: Potential exposure of multi-factor authentication secrets.
Mitigation: Update to version 1.1.1 and avoid sharing logs.
Source: BleepingComputer
New Plague Linux malware maintains stealthy SSH access
A newly discovered Linux malware, “Plague,” evaded detection for over a year by using a malicious PAM module to bypass authentication and hide SSH session traces. The malware unsets environment variables and redirects command history to erase forensic traces.
Impact: Persistent unauthorized access and credential theft.
Mitigation: Monitor PAM modules and audit SSH session artifacts.
Source: BleepingComputer
NVIDIA Triton flaws let attackers hijack AI servers
Three vulnerabilities (CVE-2025-23319, CVE-2025-23320, CVE-2025-23334) in NVIDIA’s Triton Inference Server could be chained for remote code execution. Attackers could manipulate AI model responses or steal sensitive data by exploiting the Python backend.
Impact: Full server compromise and AI model theft.
Mitigation: Update to Triton version 25.07.
Source: The Hacker News
PlayPraetor Android Trojan infects 11,000 devices via fake Google Play pages
The PlayPraetor Trojan, distributed via fake Google Play pages and Meta ads, infected over 11,000 devices, primarily in Portugal, Spain, and France. The malware abuses accessibility services to steal banking credentials and cryptocurrency wallet data.
Impact: Financial fraud and data theft.
Mitigation: Avoid unofficial app stores and monitor device permissions.
Source: The Hacker News
Qilin ransomware affiliates dispute claims amid operational leaks
Qilin ransomware operators denied claims of a breach within their operation after reports surfaced about conflicts with affiliates. The group’s response highlights their concern over media coverage affecting their reputation.
Source: DataBreaches.net
Mozilla warns add-on developers of phishing campaign
Mozilla alerted Firefox Add-ons developers about a phishing campaign impersonating the AMO team, claiming accounts require updates to maintain developer access. Developers are urged to verify email authenticity and avoid clicking embedded links.
Source: BleepingComputer
Northwest Radiologists breach impacts 350,000 patients
Northwest Radiologists notified 350,000 Washington State residents after a January 2025 cyberattack exposed sensitive data, including SSNs, health records, and financial information. The radiology practice improved security and offered credit monitoring.
Source: SecurityWeek
Share this brief: https://svo.bz/oMTO
If you want to support us, you can donate here: Donate