A critical security flaw has been discovered in Apache Tomcat’s HTTP/2 implementation. This vulnerability allows attackers to conduct malicious denial-of-service (DoS) attacks on web servers. The vulnerability, tracked under CVE-2025-48989 and dubbed the “Made You Reset” attack, affects several versions of the popular Java servlet container dj and poses significant risks to web applications worldwide. The security flaw, classified as severe, affects Apache Tomcat versions 11.0.0-M1 to 11.0.9, 10.1.0-M1 to 10.1.43, and 9.0.0.M1 to 9.0.107. Risk Factors Details Affected Products – Apache Tomcat 11.0.0-M1 to 11.0.9- Apache Tomcat 10.1.0-M1 to 10.1.43- Apache Tomcat 9.0.0.M1 to 9.0.107 – Older EOL releases (potentially affected)

After the closure of the Darcula phishing platform and the Magic Cat software used by scammers, the Magic Mouse solution has gained popularity among criminals. According to Mnemonic specialists, Magic Mouse already contributes to the theft of data from at least 650,000 bank cards per month. We recently discussed the work of Darcula and the investigation conducted by Mnemonic experts. This Phishing-as-a-Service (PHAaS) platform has targeted Android and iPhone users in over 100 countries. The criminal service used 20,000 domains imitating well-known brands to steal credentials. According to analysts, Darcula operators were responsible for the theft of 884,000 bank cards, and hacker

GreyNoise detected two major waves of attacks on Fortinet devices in early August 2025. The first, a brute-force attack targeting Fortinet’s SSL VPN on August 3, was followed by an abrupt change to FortiManager on August 5, with a new traffic signature. Researchers warn that such spikes in activity precede the publication of critical vulnerabilities 80% of the time. According to GreyNoise, the August 3 spike involved dictionary-based login attempts on the FortiOS SSL VPN. The JA4+ network fingerprint, which uses TLS fingerprinting to classify encrypted traffic, indicated a possible match with activity observed in June. This traffic came from a residential

Version 17.4 of the Whonix distribution, designed to ensure greater anonymity online, has been released. The system is based on Debian GNU/Linux and transmits all traffic via Tor. The source code is public and released under the GPLv3 license. The new virtual machine images in OVA format for VirtualBox are available for download : with Xfce (2.3 GB) and console (1.5 GB). Whonix is based on a two-component scheme. Whonix-Gateway acts as a network gateway, allowing connections only through Tor, while Whonix-Workstation acts as an isolated work environment. Both systems are included in the same image, but run on different virtual machines.

Analysts at Binarly have found at least 35 images on Docker Hub still infected with a backdoor that penetrated xz Utils last year. Researchers warned that this could potentially put users, organizations, and their data at risk. Binarly explains that many CI/CD pipelines, developers, and production systems pull images directly from Docker Hub, using them as the basis for their containers. If these images are compromised, every new build will inherit the vulnerability or malicious code. Recall that a backdoor in the popular xz Utils package was accidentally discovered in 2024, and the incident received a lot of attention. As a result,

Huawei has unveiled a new software tool that speeds up large AI models by distributing data more efficiently across different types of memory. This could help China reduce its dependence on expensive, high-bandwidth memory chips, now almost entirely controlled by foreign suppliers. The development is called Unified Cache Manager (UCM). This is an algorithm that places data by taking into account the latency of different memory levels, from high-speed HBM to standard RAM and SSD. According to Zhou Yuefeng, Huawei’s vice president of storage systems, the technology has reduced inference latency by 90% and increased system throughput by 22 times. These results

The U.S. Department of Justice has indicted four Ghanaian nationals for their involvement in a massive international fraud ring that stole over $100 million through romance scams and attacks that compromised corporate communications. According to investigators, the criminal group operated in the United States from 2016 to May 2023, targeting both individuals and companies, and was structured hierarchically. The defendants held high-ranking positions in the organization, known as the “Sakawa Boys,” or “Game Boys.” All four were extradited from Ghana and brought to the United States on August 7. Two of them were “presidents,” coordinators who managed the fraud and distributed the

Three serious vulnerabilities in Microsoft Office that could allow attackers to execute remote code on affected systems have been addressed by Microsoft with the release of crucial security updates. These vulnerabilities, tracked under CVE-2025-2025-53731, 53740, and 53730-2025, pose risks to organizations and users worldwide. Both CVE-2025-53731 and CVE-2025-53740 have received critical severity ratings with CVSS base scores of 8.4, while CVE-2025-53730, which affects Microsoft Office Visio has been classified as important with a CVSS score of 7.8. These bugs stem from use-after-free memory corruption issues, classified as CWE-416 in the Common Weakness Enumeration database. These vulnerabilities share a standard attack pattern in

Elon Musk has announced that his company xAI is preparing to sue Apple. The reason is manipulation of App Store rankings, which, he claims, puts OpenAI’s ChatGPT in a more advantageous position than its competitors. According to Musk, this is a direct violation of antitrust laws. “Apple’s behavior, such that no AI company other than OpenAI has managed to reach the top spot in the App Store, constitutes a clear violation of antitrust rules. We at xAI will take immediate legal action.” The billionaire has not provided any evidence to support the allegations. Representatives from Apple, OpenAI, and xAI also declined to

The job search process has been profoundly altered by artificial intelligence, prompting many companies to revive a more traditional approach: face-to-face interviews, as the WSJ points out. Virtual interviews have become the new norm in recent years, thanks to the rise of remote work and employers’ desire to hire more quickly. However, recruiters say that more and more candidates are using AI to deceive, such as by receiving hidden clues during technical interviews. Rarely, but more dangerous cases do occur: AI tools allow scammers to impersonate job seekers to steal data or money after they secure a job. In response, companies are