Today’s security intelligence digest is led by a critical CVSS 10.0 vulnerability in Fortra’s GoAnywhere MFT, requiring immediate patching. We are also tracking a significant escalation in nation-state threats, as Russian APTs Turla and Gamaredon are now collaborating on attacks. Furthermore, new details have emerged on the Scattered Spider ransomware group, which has reportedly extorted over $115 million and breached a U.S. federal court system. Here is the essential information you need to secure your organization.
Top 5 Critical Security Alerts
- Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet: Fortra has patched a maximum severity (CVSS 10.0) command injection vulnerability in its GoAnywhere MFT software that requires immediate attention. Read more
- Two of the Kremlin’s most active hack groups are collaborating, ESET says: Russian FSB-affiliated APT groups Turla and Gamaredon are now collaborating, sharing tools and infrastructure to enhance their espionage attacks against Ukraine. Read more
- DOJ: Scattered Spider took $115 million in ransoms, breached a US court system: U.S. authorities revealed the Scattered Spider cybercrime group has extorted at least $115 million and successfully breached a federal court network. Read more
- CISA exposes malware kits deployed in Ivanti EPMM attacks: CISA has published a detailed analysis of malware kits being actively used to exploit vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) systems. Read more
- Critical Azure Entra ID Flaw Highlights Microsoft IAM Issues: A now-patched critical vulnerability in Azure Entra ID could have enabled catastrophic attacks, potentially granting access to every tenant in the system. Read more
Threat Intelligence
- The GoLaxy papers: Inside China’s AI persona army: Leaked documents from a Beijing-based firm named GoLaxy detail a sophisticated strategy for information warfare using an army of AI-generated online personas. Read more
- Two UK teens charged in connection to Scattered Spider ransomware attacks: Two teenagers in the UK have been arrested and charged for their alleged involvement with the prolific Scattered Spider ransomware group. Read more
- Threat landscape for industrial automation systems in Q2 2025: Kaspersky’s latest report details the malware and threats detected and blocked on Industrial Control System (ICS) computers during the second quarter of 2025. Read more
Security Breaches & Incidents
- Watchdog finds MrBeast improperly collected children’s data: An industry watchdog group has found that popular YouTuber MrBeast collected data from children without obtaining the required parental consent. Read more
Security Tools & Best Practices
- FBI warns of cybercriminals using fake FBI crime reporting portals: The FBI has issued a warning about malicious websites impersonating its Internet Crime Complaint Center (IC3) to deceive and victimize users. Read more
- Have I Been Pwned Demos Are Now Live!: Troy Hunt has launched a new platform for live demonstrations to help users better understand and utilize the Have I Been Pwned service. Read more
Cloud & Network Security
- SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers: The SystemBC malware is fueling a large-scale proxy network called REM Proxy, compromising approximately 1,500 VPS victims daily across 80 command-and-control servers. Read more
Security Standards & Frameworks
- Future of CVE Program in limbo as CISA, board members debate path forward: Disagreements between CISA and board members have created uncertainty about the future governance and operation of the essential CVE vulnerability program. Read more
Emerging Security Technologies
- ‘ShadowLeak’ ChatGPT Attack Allows Hackers to Invisibly Steal Emails: A newly discovered zero-click vulnerability in a ChatGPT agent, dubbed ‘ShadowLeak,’ could allow attackers to silently exfiltrate Gmail data via OpenAI’s infrastructure. Read more
- Notion 3.0 introduces AI “agents” for documents, workflows, and team automation: The latest version of Notion introduces AI agents capable of automating complex tasks, from document creation to managing multi-step team workflows. Read more
