<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/29/2025

SHARE

Top News

FBI cyber cop: Salt Typhoon pwned 'nearly every American'

China's Salt Typhoon cyberspies hoovered up information belonging to millions of people in the United States over the course of the years-long intrusion into telecommunications networks, according to a top FBI cyber official. "There's a good chance this espionage campaign has stolen information from nearly every American," Michael Machtinger, deputy assistant director for the FBI's cyber division, told The Register. READ MORE...


CISA, FBI, NSA Warn of Chinese 'Global Espionage System'

Government agencies from around the world, including the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the National Security Agency (NSA), shared a new advisory Wednesday warning of China's "global espionage system." The advisory details how state-backed threat actors, including Salt Typhoon, penetrate networks around the world, as well as how defenders can protect their own environments. READ MORE...

Breaches

TransUnion Data Breach Impacts 4.4 Million

Credit reporting firm TransUnion (NYSE: TRU) is notifying more than 4.4 million people that their personal information was compromised in a data breach. The incident occurred on July 28, 2025, and was discovered two days later, the company revealed in a filing with the Maine Attorney General's Office. According to TransUnion, the data breach involved personal information stored in a third-party application, including names, Social Security numbers, and dates of birth. READ MORE...

Hacking

Salesloft Drift compromised en masse, impacting all third-party integrations

Salesloft Drift customers are compromised in a much more expansive downstream attack spree than previously thought, potentially ensnaring any user that integrated the AI chat agent platform to another service. "We're telling organizations to treat any Drift integration into any platform as potentially compromised, so that increases the scope of victims," Mandiant Consulting CTO Charles Carmakal told CyberScoop. This expanded attack radius includes Google Workspace customers. READ MORE...

Software Updates

High-severity vulnerability in Passwordstate credential manager. Patch now.

The maker of Passwordstate, an enterprise-grade password manager for storing companies' most privileged credentials, is urging them to promptly install an update fixing a high-severity vulnerability that hackers can exploit to gain administrative access to their vaults. The authentication bypass allows hackers to create a URL that accesses an emergency access page for Passwordstate. From there, an attacker could pivot to the administrative section of the password manager. READ MORE...

Malware

Malware devs abuse Anthropic's Claude AI to build ransomware

Anthropic's Claude Code large language model has been abused by threat actors who used it in data extortion campaigns and to develop ransomware packages. The company says that its tool has also been used in fraudulent North Korean IT worker schemes and to distribute lures for Contagious Interview campaigns, in Chinese APT campaigns, and by a Russian-speaking developer to create malware with advanced evasion capabilities. READ MORE...


1,000+ Devs Lose Their Secrets to an AI-Powered Stealer

More than 1,000 developers were infected with malware this week, losing around 20,000 sensitive files to the public Web, thanks to a devilishly effective, rapid, and AI-assisted software supply chain compromise. Typically, when cyberattackers steal secret information from their victims, the process is deliberate and time-consuming. They spend a good deal of time studying their target's systems, dropping multiple stages of malware, and making sure they're not detected. READ MORE...

Information Security

VerifTools Fake ID Operation Dismantled by Law Enforcement

Law enforcement in the US and the Netherlands on Thursday announced the seizure of domains and servers associated with VerifTools, one of the largest marketplaces for fraudulent identification documents. As part of the operation, the FBI seized two domains and one blog associated with VerifTools, while the Dutch police seized two physical servers and 21 virtual servers hosted at a data center in Amsterdam. READ MORE...

On This Date

  • ...in 1833, King William IV gives his assent to an act of Parliament abolishing slavery throughout the British Empire.
  • ...in 1898, The Goodyear tire company is founded, in Akron, OH, earning the city its nickname: "Rubber City."
  • ...in 1958, United States Air Force Academy opens in Colorado Springs, CO.
  • ...in 1966, The Beatles perform their last paid concert at Candlestick Park in San Francisco.