svoboda.center Logo svoboda.center

Svoboda Cybersecurity Brief September 02, 2025

Sep 02, 2025

bulletproof VPN - stay anonymous

Zscaler Data Breach Exposes Customer Information

Zscaler confirmed a data breach after attackers compromised its Salesloft Drift account, exposing customer names, email addresses, and company names. The breach occurred due to unauthorized access to a third-party system used for marketing communications.

Source: BleepingComputer

Russian APT29 Hackers Targeting Microsoft 365 Disrupted by Amazon

Amazon disrupted a Russian APT29 (Cozy Bear) campaign targeting Microsoft 365 users via phishing emails. The attackers used malicious links to harvest credentials, but AWS security measures blocked the infrastructure.

Source: BleepingComputer

Android Droppers Now Deliver SMS Stealers and Spyware

Recent Android dropper malware variants have expanded beyond banking trojans to deliver SMS stealers and spyware. Attackers exploit fake app installers and social engineering to bypass security checks.

Impact: Compromised devices risk data theft and unauthorized surveillance.
Mitigation: Install apps only from trusted sources, enable Google Play Protect, and monitor app permissions.

Source: The Hacker News

ScarCruft Deploys RokRAT Malware in South Korean Academic Attacks

North Korean threat actor ScarCruft used RokRAT malware in Operation HanKook Phantom, targeting South Korean academics via spear-phishing. The malware enables remote access and data exfiltration.

Source: The Hacker News

Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach

This week’s highlights include a WhatsApp zero-day exploit, a critical Docker vulnerability (CVE-2025-XXXX), and a Salesforce breach exposing customer data. Fake CAPTCHA scams and spyware apps were also reported.

Source: The Hacker News

Google Denies Claims of Major Gmail Security Warning

Google refuted rumors of a widespread Gmail security issue, stating its protections block 99.9% of phishing and malware. Users are advised to adopt Passkeys and follow anti-phishing best practices.

Source: DataBreaches.net

Browsers as Attack Surface: Rethinking Security Against Scattered Spider

The article discusses how Scattered Spider actors exploit browser vulnerabilities for credential theft. It calls for improved endpoint detection and zero-trust frameworks to counter these tactics.

Source: The Hacker News

Share this brief: https://svo.bz/vsv9

If you want to support us, you can donate here: Donate