#state-sponsored attacks

Interpol announced the results of Operation Serengeti 2.0, which dismantled large-scale cybercrime operations across Africa. Authorities arrested more than 1,200 suspects, shut down 11,432 malicious infrastructures, and recovered nearly $97 million from criminal networks.

Apple released security updates addressing CVE-2025-43300, a zero-day vulnerability confirmed to be exploited in targeted attacks. The Cybersecurity and Infrastructure Security Agency ordered US federal agencies to patch affected iPhones, iPads, and Mac devices by 11 September.

Healthcare provider DaVita confirmed that a ransomware group accessed and stole the personal and medical records of nearly 2.7 million patients. CPAP Medical Supplies separately disclosed a breach impacting 90,000 individuals, following an intrusion dating back to December 2024.

A new report from Acronis revealed a 70% increase in ransomware victims in the first half of 2025 compared with previous years. The study highlighted how major gangs, including Cl0p, are using artificial intelligence to automate attacks and maintain pressure on targets.

Cybersecurity researchers detailed expanded activity by China-linked groups Murky Panda and Silk Typhoon. The espionage campaigns exploited cloud trust relationships, zero-day, and n-day vulnerabilities to infiltrate telecommunications, technology, and professional services sectors across North America.

Separately, MITRE published an updated list of the most common hardware weaknesses, and Microsoft confirmed its August Windows security updates caused streaming issues with NewTek NDI software. AWS fixed a flaw in Trusted Advisor that could misreport S3 bucket exposure. Researchers also tracked new malware campaigns targeting Linux and macOS users through phishing, malvertising, and fake troubleshooting fixes.

Security researchers identified PromptLock, the first reported AI-powered ransomware. Google and Mandiant linked Salesforce data theft to OAuth token abuse through Salesloft Drift. Nevada and Sweden suffered major cyberattacks disrupting government services. Citrix and FreePBX issued emergency fixes for zero-day vulnerabilities. Western agencies accused Chinese firms of backing Salt Typhoon operations.

Russian state-sponsored group Static Tundra has been exploiting a long-unpatched Cisco IOS vulnerability to infiltrate critical infrastructure and other sectors worldwide. The FBI and Cisco Talos confirmed that espionage operations were actively targeting telecommunications, higher education, and manufacturing.

Apple issued emergency patches for a zero-day flaw in iOS and macOS exploited in highly sophisticated targeted attacks. Microsoft released out-of-band updates to fix recovery failures in Windows, while both Google and Mozilla addressed high-severity vulnerabilities in Chrome and Firefox.

The United States Department of Justice announced the takedown of the RapperBot botnet and indicted its administrator, a 22-year-old man accused of running a distributed denial-of-service-for-hire operation. Investigators revealed the botnet had infected thousands of internet-connected devices globally.

Ransomware remained a prominent threat. Warlock ransomware was observed exploiting vulnerable SharePoint systems to spread internationally, while pharmaceutical company Inotiv confirmed an attack that disrupted business operations. Trend Micro detailed complex attack chains used by Warlock operators to escalate compromise.

Major data breaches came to light across the telecommunications sector. A Belgian telecom disclosed that attackers accessed data on 850,000 customer accounts, while Australian provider iiNet admitted that a stolen credential exposed the personal details of 280,000 customers. Intel also suffered exposure of 270,000 employee records due to internal service vulnerabilities.

Enterprise risks were heightened by the release of a working exploit combining two critical SAP Netweaver flaws, already seen in real-world exploitation. Security researchers warned that the exploit had been circulated on cybercrime forums, amplifying the risk of large-scale abuse.

Today’s advisories highlight a surge of high-severity Linux kernel fixes across multiple distributions, alongside critical updates for Chrome, Firefox/Thunderbird, and WebKit. Actively exploited flaws were confirmed in Apple’s platforms and N-able’s RMM software, while Commvault vulnerabilities already have public exploit code. Cisco, Microsoft, and Adobe also issued significant security updates.

Twitter becomes the third social network to warn users of state-sponsored attacks, after Google and Facebook

From hacking by individuals to state sponsored cyber attacks, we have come a long way in cyber security. In fact, state sponsored cyber attacks are fast outpacing the traditional cyber criminals in today’s world. Facebook and Google have already started warning their users about nation sponsored cyber attacks and now Twitter became the third tech company to follow suit. Yesterday, a few Twitter…