August 2025 cybersecurity threats and malware analysis
ID: 729f1dbe-317d-552e-948f-c8888ef89082
STIX ID: report--729f1dbe-317d-552e-948f-c8888ef89082
Feed Name: Malware Patrol Blog
This digest compiles multiple mid‑August 2025 security reports highlighting active threats: a coordinated brute‑force campaign against Fortinet SSL VPNs; backdoors in Docker images linked to XZ Utils; a malvertising campaign delivering PS1Bot; a new FireWood Linux backdoor variant; Blue Locker ransomware hitting Pakistan’s oil and gas sector; PhantomCard NFC Android banking malware; CISA warnings for N‑able vulnerabilities; a critical Cisco RCE; BlackMatter ransomware activity; attackers patching exploited ActiveMQ vulnerabilities to hide presence; legal action against the “Rapper Bot” DDoS service; VPN app security weaknesses; CORNFLAKE.V3 backdoor campaigns; SDK misuse to monetize victim bandwidth; and Shamos infostealer distributed via the ClickFix social‑engineering technique.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.