End-of-Day report
Timeframe: Montag 18-08-2025 18:00 - Dienstag 19-08-2025 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
In mehreren Webportalen: Reihenweise fest kodierte Zugangsdaten bei Intel entdeckt
Ein Forscher hat in Webportalen von Intel gravierende Sicherheitslücken gefunden. Teilweise standen Passwörter clientseitig im Code.
https://www.golem.de/news/in-mehreren-webportalen-reihenweise-fest-kodierte-zugangsdaten-bei-intel-entdeckt-2508-199304.html
GodRAT - New RAT targeting financial institutions
Kaspersky experts analyze GodRAT, a new Gh0st RAT-based tool attacking financial firms. It is likely a successor of the AwesomePuppet RAT connected to the Winnti group.
https://securelist.com/godrat/117119/
The State of Ransomware in Retail 2025
361 IT and cybersecurity leaders reveal the ransomware realities for retail businesses today.
https://news.sophos.com/en-us/2025/08/19/the-state-of-ransomware-in-retail-2025/
493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds
Scam compounds in Cambodia, Myanmar, and Laos have conned people out of billions. New research shows they may be linked to child sextortion crimes too.
https://www.wired.com/story/child-sextorition-scam-compounds-southeast-asia/
Marokko zerrt deutsche Zeitungen wegen Spyware-Berichten vor den BGH
Marokko steht unter Verdacht, die Spyware Pegasus gegen Anwälte, Journalisten und Politiker eingesetzt zu haben. Deutsche Medien berichteten, Marokko ist sauer.
https://www.heise.de/news/Marokko-zieht-gegen-deutsche-Spyware-Berichterstattung-vor-BGH-10544635.html
Angriffe auf N-able N-central laufen, mehr als 1000 Systeme ungepatcht
Noch mehr als tausend Instanzen von des RMM N-able N-central sind für kritische Lücken anfällig. Die werden bereits attackiert.
https://www.heise.de/news/Angriffe-auf-N-able-N-central-laufen-mehr-als-1000-Systeme-ungepatcht-10547498.html
Kostenlos 10.000.000 Robux bekommen? Achtung, Fake-Angebot!
Die Online-Spieleplattform -Roblox- ist besonders bei Kindern und Jugendlichen beliebt - und grundsätzlich kostenlos. Um bestimmte Funktionen und Inhalte freizuschalten, braucht es aber eine In-Game-Währung namens -Robux-. Und die ist wiederum nur gegen echtes Geld erhältlich. Kriminelle versuchen deshalb, User mit dem Versprechen von kostenlosen -Robux- in die Falle zu locken.
https://www.watchlist-internet.at/news/robux-fake-angebot/
Fashionable Phishing Bait: GenAI on the Hook
GenAI-created phishing campaigns misuse tools ranging from website builders to text generators in order to create more convincing and scalable attacks.
https://unit42.paloaltonetworks.com/genai-phishing-bait/
Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app: Microsoft
Hackers are disguising a powerful strain of malware as a ChatGPT desktop application in preparation for ransomware attacks, Microsoft said.
https://therecord.media/ransomware-gang-masking-pipemagic-backdoor
UK -agrees to drop- demand over Apple iCloud encryption, US intelligence head claims
The United Kingdom is backing down from a controversial legal demand targeting Apple, U.S. Director of National Intelligence Tulsi Gabbard claimed on social media.
https://therecord.media/uk-agrees-drop-apple-encryption
Trend Micro Unmasks Global "Task Scam" Industry
Trend Micro today released new research revealing the mechanics and scale of a rapidly growing fraud model known as "task scams": sophisticated online job scams that lure victims into repetitive digital tasks and systematically strip them of funds through escalating deposit demands.
https://newsroom.trendmicro.com/2025-08-19-Trend-Micro-Unmasks-Global-Task-Scam-Industry
Fake Copyright Notices Drop New Noodlophile Stealer Variant
Morphisec warns of a new Noodlophile Stealer variant spread via fake copyright phishing emails, using Dropbox links ..
https://hackread.com/phishing-scam-fake-copyright-notice-noodlophile-stealer/
How Indirect Prompt Injections Exploit Context, Format, and Salience
A breakdown of indirect prompt injection attacks using real-world cases (emails, code comments, diagrams). Introduces the CFS model (Context, Format, Salience) to explain what makes some payloads more likely to succeed.
https://www.fogel.dev/prompt_injection_cfs_framework
Trivial C# Random Exploitation
Exploiting random number generators requires math, right? Thanks to C#-sRandom, that is not necessarily the case! I ran into an HTTP 2.0 web serviceissuing password reset tokens from a custom encoding of (new Random()).Next(min, max) output. This led to a critical account takeover.Exploitation did not require scripting, math or libraries. Just several clicksin Burp. While I ..
https://blog.doyensec.com/2025/08/19/trivial-exploit-on-C-random.html
Vulnerabilities
Security Vulnerabilities fixed in Firefox 142
https://www.mozilla.org/en-US/security/advisories/mfsa2025-64/