Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe.
From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted backups and secure areas were put to the test.
Keep reading for the full list of the biggest cyber news from this week—clearly explained and easy to follow.
âš¡ Threat of the Week
Motex Lanscope Flaw Exploited to Drop Gokcpdoor — A suspected Chinese cyber espionage actor known as Tick has been attributed to a target campaign that has leveraged a recently disclosed critical security flaw in Motex Lanscope Endpoint Manager (CVE-2025-61932, CVSS score: 9.3) to infiltrate target networks and deploy a backdoor called Gokcpdoor. Sophos, which disclosed details of the activity, said it was “limited to sectors aligned with their intelligence objectives.”
🔔 Top News
- TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves — A low-cost physical side-channel attack has been found to break the confidentiality and security guarantees offered by modern Trusted Execution Environments (TEEs) from Intel and AMD, enabling full extraction of cryptographic keys and subversion of secure attestation mechanisms. The attack, codenamed TEE.fail, exploits deterministic encryption and DDR5 bus interposition to successfully bypass protections in Intel’s SGX and TDX, as well as AMD’s SEV-SNP, by eavesdropping on memory transactions using a homemade logic analyzer setup built for under $1,000. That having said, the attack requires physical access to the target as well as root-level privileges for Kernel driver modification.
- Russian Hackers Target Ukraine With Stealth Tactics — Suspected Russian hackers breached Ukrainian networks this summer using ordinary administrative tools to steal data and remain undetected, researchers have found. According to a report by Broadcom-owned Symantec and Carbon Black, the attackers targeted a large Ukrainian business services company and a local government agency in two separate incidents earlier this year. What makes these attacks notable is that the hackers deployed little custom malware and instead relied heavily on living-off-the-land tactics, i.e., using legitimate software already present in the victims’ networks, to carry out their malicious actions. The targeted organizations were not named, and it remains unclear what information, if any, was stolen.
- N. Korea Targets Web3 Sector with GhostCall and GhostHire — The North Korea-affiliated threat actor BlueNoroff, also known under aliases APT38 and TA444, has resurfaced with two new campaigns dubbed GhostCall and GhostHire, targeting executives, Web3 developers, and blockchain professionals. The campaigns rely on social…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
