Svoboda Cybersecurity Brief August 09, 2025
Aug 09, 2025bulletproof VPN - stay anonymous
Columbia University Cyberattack Exposes Data of 869,000
Columbia University disclosed a breach impacting 868,969 individuals, including students, applicants, and employees. Stolen data includes Social Security numbers, academic/financial records, and health information, though medical center records were unaffected. The attackers gained access on May 16, with the university detecting the incident during an IT outage on June 24.
Source: SecurityWeek
WinRAR Zero-Day Exploited for Malware Delivery
A WinRAR directory traversal vulnerability (CVE-2025-8088) allowed attackers to extract malicious files into system startup folders for persistence. The flaw was exploited in phishing campaigns delivering the RomCom malware, linked to Russian threat actors.
Impact: Remote code execution via auto-start executables.
Mitigation: Update to WinRAR 7.13; manually patch as auto-updates are unavailable.
Source: BleepingComputer
Royal/BlackSuit Ransomware Gang Extorted $370M from 450 US Orgs
The US DHS confirmed the ransomware group behind Royal and BlackSuit compromised over 450 organizations, primarily in healthcare, education, and government sectors. Operators collected $370M in ransoms before infrastructure seizures in July 2025.
Source: BleepingComputer
French Telecom Giant Bouygues Breach Impacts 6.4M Customers
Bouygues Telecom suffered a cyberattack exposing contact details, contract data, and IBANs of 6.4M customers. No passwords or payment data were stolen. This follows a similar attack on Orange in July.
Source: SecurityWeek
ShinyHunters Extorts Google After Salesforce Campaign
The ShinyHunters group sent Google an extortion demand after breaching its systems via Salesforce vulnerabilities. The group claims to have AI-generated voice calls to bypass law enforcement detection and plans further attacks.
Source: DataBreaches.net
GreedyBear Strikes with 150 Malicious Firefox Extensions
Over 150 malicious Firefox extensions impersonating crypto wallets (e.g., MetaMask, Exodus) stole $1M+ in assets. The campaign uses Extension Hollowing to evade reviews and exfiltrates credentials to attacker-controlled servers.
Source: The Hacker News
PyPI Tightens Security After Malicious Package Surge
PyPI will block ZIP-confusing wheel uploads starting February 2026 to prevent malicious payloads. The move follows findings that installer tools like uv handle ZIP extraction differently than standard libraries.
Source: The Hacker News
Leaked Credentials Spike 160% in 2025
Cyberint reported a 160% increase in leaked credentials year-over-year, with 14,000+ corporate exposures monthly. Attackers use infostealers and AI-phishing to exploit reused passwords and weak MFA.
Source: The Hacker News
Spartanburg County Hit by Third Cyberattack Since 2018
Spartanburg County, SC, disclosed a cybersecurity incident disrupting online services. This follows ransomware attacks in 2018 and 2023, though the current attack was contained by network software.
Source: DataBreaches.net
Pakistan Petroleum Thwarts Ransomware Attempt
Pakistan Petroleum Ltd. contained a ransomware attack on its IT systems, with no critical data compromised. The incident was detected on August 6 and involved an unidentified ransomware strain.
Source: DataBreaches.net
Share this brief: https://svo.bz/9NyK
If you want to support us, you can donate here: Donate