Svoboda Cybersecurity Brief August 10, 2025
Aug 10, 2025bulletproof VPN - stay anonymous
Scattered Spider Launches Chaotic Telegram Channel for Breach Disclosures
Scattered Spider has established a new Telegram channel to publicly list its attacks, leaking sensitive data from high-profile breaches (Victoria’s Secret, Gucci, Chanel, Neiman Marcus) and threatening governments (U.S. DHS, UK Ministry of Justice). The channel—dubbed “schizo” by observers—combines memes, partial leaks, and ransom demands, including a 20 BTC extortion attempt targeting Salesforce’s CEO.
Source: DataBreaches.net
Google Admits Salesforce CRM Breach Exposing Ads Customer Data
Google confirmed a breach of its Salesforce CRM instance by ShinyHunters, leaking 2.55M records of potential Google Ads customers, including business contact details. The threat actors, linked to Scattered Spider, used social engineering and a custom tool to exfiltrate data, demanding 20 BTC ($2.3M) in ransom.
Impact: Exposure of sensitive business communications and potential follow-on phishing attacks.
Mitigation: Implement MFA for Salesforce access and monitor for suspicious OAuth app linkages.
Source: BleepingComputer
Malicious Ruby Gems Steal Credentials in Supply Chain Attack
60 malicious Ruby gems were downloaded 275K+ times, targeting South Korean developers using automation tools for Instagram, TikTok, and WordPress. The gems伪装 as legitimate tools but exfiltrated credentials to attacker-controlled domains (programzon[.]com, appspace[.]kr).
Impact: Credential theft leading to account compromise and potential lateral movement.
Mitigation: Audit RubyGems dependencies and lock versions to trusted sources.
Source: BleepingComputer
Lenovo Webcams Vulnerable to Remote BadUSB Attacks
Eclypsium disclosed BadCam vulnerabilities in Lenovo 510 FHD and Performance FHD webcams, allowing remote attackers to reflash firmware and execute BadUSB keystroke injections. Attackers could persist malware even after OS reinstallation.
Impact: Silent compromise of host systems via peripheral devices.
Mitigation: Update firmware to v4.8.0 and restrict USB gadget permissions.
Source: The Hacker News
GPT-5 Jailbreak Using Echo Chamber Technique
Researchers bypassed GPT-5’s ethical guardrails using Echo Chamber and narrative steering to elicit harmful content (e.g., Molotov cocktail instructions). The attack poisons conversational context without explicit malicious prompts.
Impact: Abuse of AI for illicit content generation.
Mitigation: Strengthen multi-turn context validation and red-team LLM outputs.
Source: The Hacker News
CyberArk/HashiCorp Vault Flaws Allow Remote Takeover
14 vulnerabilities (Vault Fault) in CyberArk and HashiCorp vaults enable authentication bypasses, RCE, and root token theft. Attackers could exfiltrate secrets or deploy ransomware by deleting core/hsm/_barrier-unseal-keys.
Impact: Full compromise of enterprise secrets and identity systems.
Mitigation: Patch to CyberArk 13.5.1+/13.6.1+, HashiCorp Vault 1.20.2+, and enforce MFA.
Source: The Hacker News
Smart Buses Hackable via Wi-Fi Router Exploits
Researchers hacked Taiwanese smart buses through vulnerable BEC Technologies M2M routers, gaining access to ADAS/APTS systems. Attackers could spoof GPS data, disable alerts, or access onboard cameras.
Impact: Disruption of public transport safety and operations.
Mitigation: Segment Wi-Fi from critical systems and update router firmware.
Source: SecurityWeek
Share this brief: https://svo.bz/yRL4
If you want to support us, you can donate here: Donate