Edward Kiledjian's Threat Intel

Cyber Threat Intelligence Report – Aug. 5, 2025

Incident: SonicWall SSL VPN Zero-Day Exploited by Akira Ransomware

Date of Incident (ET): Unknown
Date of Disclosure/Publication (ET): Aug. 5, 2025
Summary: Akira ransomware actors exploited a potential zero-day vulnerability in SonicWall Gen seven firewalls to conduct over twenty targeted attacks, prompting urgent mitigations and investigations.
Source: https://thehackernews.com/2025/08/sonicwall-investigating-potential-ssl.html

Incident: Fake TikTok Shop Domains Deliver Malware in AI Scam Campaign

Date of Incident (ET): Unknown
Date of Disclosure/Publication (ET): Aug. 5, 2025
Summary: Threat actors used fifteen thousand fake TikTok Shop domains and AI-generated videos in the ClickTok campaign to distribute trojanized apps, stealing user credentials and cryptocurrency globally.
Source: https://thehackernews.com/2025/08/15000-fake-tiktok-shop-domains-deliver.html

Incident: NVIDIA Triton Vulnerabilities Enable Remote Code Execution on AI Servers

Date of Incident (ET): Unknown
Date of Disclosure/Publication (ET): Aug. 4, 2025
Summary: Attackers exploited three CVEs in NVIDIA Triton Inference Server to enable unauthenticated remote code execution, hijacking AI servers through Python backend flaws.
Source: https://thehackernews.com/2025/08/nvidia-triton-bugs-let-unauthenticated.html

Incident: Vietnamese Hackers Deploy PXA Stealer Malware

Date of Incident (ET): Unknown
Date of Disclosure/Publication (ET): Aug. 4, 2025
Summary: Vietnamese-speaking cybercriminals deployed PXA Stealer malware to infect over four thousand IPs across sixty-two countries, stealing two hundred thousand passwords for resale on Telegram.
Source: https://thehackernews.com/2025/08/vietnamese-hackers-use-pxa-stealer-hit.html

Incident: Turla APT Conducts ISP-Level Attacks

Date of Incident (ET): Unknown
Date of Disclosure/Publication (ET): Aug. 4, 2025
Summary: Russian APT group Turla, also known as Secret Blizzard, executed ISP-level adversary-in-the-middle attacks to deploy ApolloShadow malware targeting foreign embassies for intelligence gathering.
Source: https://thehackernews.com/2025/08/weekly-recap-vpn-0-day-encryption.html

Incident: Plague PAM Backdoor Targets Linux Systems

Date of Incident (ET): Unknown
Date of Disclosure/Publication (ET): Aug. 4, 2025
Summary: Threat actors deployed the undetected Plague backdoor in Linux PAM modules to enable silent credential theft and persistent SSH access across affected systems.
Source: https://thehackernews.com/2025/08/new-plague-pam-backdoor-exposes.html

Incident: PlayPraetor Android RAT Infects Devices

Date of Incident (ET): Unknown
Date of Disclosure/Publication (ET): Aug. 4, 2025
Summary: Attackers spread PlayPraetor RAT via fake Google Play pages and Meta ads to infect over eleven thousand Android devices, targeting banking and cryptocurrency apps in multiple countries.
Source: https://thehackernews.com/2025/08/playpraetor-android-trojan-infects.html

Incident: Sanderling Healthcare Ransomware Breach

Date of Incident (ET): Jul. 3, 2025
Date of Disclosure/Publication (ET): Aug. 4, 2025
Summary: Sanderling Healthcare suffered a ransomware attack exposing regulated patient data from its database system, prompting an investigation into potential unauthorized access.
Source: https://www.cbs42.com/business/press-releases/accesswire/1056336/sanderling-healthcare-data-breach-under-investigation-by-levi-korsinsky-llp

Incident: Portfolio Strategy Group Data Breach

Date of Incident (ET): Unknown
Date of Disclosure/Publication (ET): Aug. 4, 2025
Summary: The Portfolio Strategy Group disclosed a data breach involving unauthorized access to sensitive client information, triggering legal investigations and notifications.
Source: https://www.cbs42.com/business/press-releases/accesswire/1056339/levi-korsinsky-llp-investigates-the-portfolio-strategy-group-data-breach

Incident: Vail-Summit Orthopaedics Data Breach

Date of Incident (ET): Unknown
Date of Disclosure/Publication (ET): Aug. 4, 2025
Summary: Vail-Summit Orthopaedics and Neurosurgery experienced a data breach exposing regulated health records, leading to class action lawsuits over potential exfiltration.
Source: https://www.classaction.org/data-breach-lawsuits/vail-summit-orthopaedics-and-neurosurgery-july-2025