Top 5 Cybersecurity News Stories August 22, 2025

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code

A novel remote access trojan dubbed GodRAT is targeting trading and brokerage firms by disguising malicious .SCR screen saver files as financial documents sent via Skype. The campaign, active as of August 12, 2025, uses steganography to embed shellcode in images that facilitate malware download from command-and-control servers.

Built on legacy Gh0st RAT code and a continuation of the AwesomePuppet backdoor from 2023, GodRAT operates via a plugin-based architecture to harvest system data, antivirus listings, and deliver payloads like AsyncRAT. Its client and builder source code were recently uploaded to VirusTotal.

Read more on The Hacker News.

2. FBI warns of Russian hackers exploiting 7-year-old Cisco flaw

The FBI has alerted that Russian state-linked hackers (associated with FSB’s Berserk Bear) are exploiting a seven-year-old Cisco vulnerability (CVE-2018-0171) in the Smart Install feature to compromise critical infrastructure globally. Exploits may trigger device reboots, denial-of-service, or remote code execution.

Over the past year, compromised devices’ configurations were collected and, in some cases, altered to sustain unauthorized access. The attackers used custom SNMP tools and firmware implants like SYNful Knock to evade detection. Cisco has reiterated urgent patching and security hardening recommendations.

Read more on Bleeping Computer.

3. Ransomware attack at DaVita impacted 2.7 million people, US health dept website shows

A ransomware incident at dialysis provider DaVita encrypted portions of its network and impacted approximately 2.7 million people, according to the U.S. Department of Health website. The company confirmed unauthorized access to its laboratories database containing sensitive patient information.

Despite the disruption, critical patient care continued uninterrupted. DaVita is notifying affected individuals and offering complimentary credit monitoring. The attack increased second-quarter 2025 costs by $13.5 million—$1 million more in patient care expenses and $12.5 million in administrative and remediation costs.

Read more on Reuters.

4. North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms

Between March and July 2025, North Korean threat actors linked to Kimsuky launched a cyber espionage campaign targeting diplomatic missions using spear-phishing emails masquerading as trusted communications. Emails contained password-protected ZIP files that deployed Xeno RAT via PowerShell scripts, using GitHub as a covert command-and-control and payload distribution channel.

Infrastructure rotation was rapid and stealthy, with updates to repositories multiple times per hour. Separately, over 320 incidents involved North Koreans posing as IT workers (Famous Chollima scheme), employing generative AI for resumes, deepfakes, and rapid identity obfuscation—posing significant insider threat risks.

Read more on The Hacker News.

5. Massive Allianz Life data breach impacts 1.1 million people

A data breach at Allianz Life, disclosed in July 2025, resulted from unauthorized access to a third-party cloud CRM, likely Salesforce. Hackers stole and leaked approximately 2.8 million records, exposing sensitive customer and partner data, including email addresses, names, dates of birth, phone numbers, and physical addresses for roughly 1.1 million individuals, as confirmed by Have I Been Pwned.

The breach is attributed to the ShinyHunters extortion group and reflects a broader wave of Salesforce-targeted thefts affecting major brands. Allianz Life continues to investigate while confirming selected employee data may also have been compromised.

Read more on Bleeping Computer.

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information, please contact us now!