![Cybersecurity News | Daily Recap [18 Aug 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [18 Aug 2025]")
Recent cybersecurity activities include a contained attack on Bragg Gaming with no data breach, ongoing disruptions at Colt Services, and a social-engineering incident at Workday linked to Salesforce campaigns. Law enforcement actions seized assets from Zeppelin ransomware, while Chinese APT UAT-7237 continues targeting Taiwanese web hosting firms, highlighting evolving threat actor strategies. The threat landscape emphasizes vulnerabilities in software supply chains, malware campaigns like Lokibot, and espionage groups such as Lazarus Group. In addition, Australia advances the migration to AES encryption for payments, and Microsoft addresses update issues on Windows 11 24H2 and Windows Server 2025. Tools like Wazuh aid compliance efforts, and Black Hat USA 2025 will feature expert discussions on AI security and governance. #ZeppelinSeized #WorkdayBreach
Cyberattacks & Outages
- Bragg Gaming confirms a contained cyberattack with operations restored and no customer data exposed – Bragg Gaming
- Colt faces an ongoing cyberattack since 12 Aug disrupting customer portals and voice platforms while investigators work to restore services – Colt Services
CRM & Social Engineering
- Workday suffered a social‑engineering compromise of a third‑party CRM that exposed limited business contact data and appears tied to wider Salesforce-related campaigns (groups like ShinyHunters/Scattered Spider suspected) – Workday Breach, Workday Breach, Workday Breach, Workday Breach
Ransomware & Law Enforcement
- The U.S. DOJ charged the alleged operator of Zeppelin ransomware and seized more than $2.8 million in crypto and assets tied to the campaign that targeted healthcare and tech networks – Zeppelin Seized, Zeppelin Seized
APT & Espionage
- Chinese APT UAT-7237 has targeted Taiwanese web hosting firms since 2022 using web shells, VPNs (including SoftEtherVPN) and custom malware to gain long-term access to high‑value targets – Taiwan Hosting
Supply-Chain & OSS Risks
- Researchers found malicious packages in PyPI and npm ecosystems that exploit dependencies to enable RCE and data theft, underscoring dependency hygiene risks – Malicious Packages
- Weekly threat recap highlights ongoing phishing and malware campaigns (e.g., Lokibot) and cyber‑espionage by groups like Sidewinder, Educated Manticore and Lazarus Group, stressing evolving supply‑chain and zero‑day risks – Weekly Recap
Encryption & Payments
- The Australian regulator (ACCC) is moving to allow the payments industry to migrate from legacy TDES to stronger AES encryption for card payments to improve nationwide security with minimal consumer impact – AU Encryption
Vulnerabilities & Patching
- Microsoft warns that recent updates on Windows 11 24H2 and Windows Server 2025 may fail when installed via WUSA from network shares and is auto‑deploying a Known Issue Rollback while a permanent fix is prepared (see KB5058499) – WUSA Update
Compliance, Tools & Events
- Open‑source security platform Wazuh is highlighted as a tool to help organisations meet standards like PCI DSS, GDPR and HIPAA via monitoring, visualization and automated response – Wazuh Compliance
- The Cyber Express will publish a live podcast series from Black Hat USA 2025 featuring CISOs discussing AI security, governance and healthcare cybersecurity trends – Black Hat CISO