(TLP:CLEAR) Supplemental Cyber Highlights – August 6, 2025
Created: Wednesday, August 6, 2025 - 14:22
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
- Iranian hackers were more coordinated, aligned during Israel conflict than it seemed | CyberScoop
- Pro-Iran Hackers Aligned Cyber with Kinetic War Aims | Infosecurity Magazine
- Parsons urges ICS/OT sector to swap generic TTXs for targeted drills using Five Critical Controls amid rising cyber threats | Industrial Cyber
IT Vulnerability Security Updates
- Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems | The Hacker News
- ‘Critical’ firmware-level vulnerabilities found in laptops commonly used by security specialists | The Record
- Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC | SecurityWeek
- Project AK47: Uncovering a Link to the SharePoint Vulnerability Attacks | Unit 42
- CVE-2025-54135, CVE-2025-54136: Frequently Asked Questions About Vulnerabilities in Cursor IDE (CurXecute and MCPoison) | Tenable
IT Malware, Threats & Risks
- ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections | The Hacker News
- When Good Accounts Go Bad: Exploiting Delegated Managed Service Accounts in Active Directory | Unit 42
- Chinese Smishing Campaigns Compromise up to 115 Million US Payment Cards | Infosecurity Magazine
- Unsolicited Packages Containing QR Codes Used to Initiate Fraud Schemes | FBI IC3
Ransomware
- Ransomware goes cloud native to target your backup infrastructure | CSO Online
- Ransomware groups shift to quadruple extortion to maximize pressure | Help Net Security
Cyber Resilience, General Awareness, & AI