HOOK Android trojan evolves with 107 commands, adding ransomware overlays and NFC scams, threatening financial security.
Get the latest international news and world events from around the world.
Google to verify all Android devs to block malware on Google Play
Google is introducing a new defense for Android called ‘Developer Verification’ to block malware installations from sideloaded apps sourced from outside the official Google Play app store.
For apps on Google Play, there was already a requirement for publishers to provide a D-U-N-S (Data Universal Numbering System) number, introduced on August 31, 2023.
Google says this has had a notable effect in reducing malware on the platform. However, the system didn’t apply to the vast developer ecosystem outside the app store.
Silk Typhoon hackers hijack network captive portals in diplomat attacks
State-sponsored hackers linked to the Silk Typhoon activity cluster targeted diplomats by hijacking web traffic to redirect to a malware-serving website.
The hackers used an advanced adversary-in-the-middle (AitM) technique to hijack the captive portal of the network and send the target to the first-stage malware.
Google Threat Intelligence Group (GTIG) tracks the threat actor as UNC6384 and, based on tooling, targeting, and infrastructure, believes it is associated with the Chinese threat actor TEMP.Hex, also known as Mustang Panda and Silk Typhoon.
Nevada closes state offices as cyberattack disrupts IT systems
Nevada remains two days into a cyberattack that began early Sunday, disrupting government websites, phone systems, and online platforms, and forcing all state offices to close on Monday.
The impact of the attack was first felt on Sunday morning, with the Governor’s Technology Office stating that a ‘network issue’ began around 1:52 AM PT, affecting the state’s IT systems.
The Governor’s Technology Office warned that websites, online services, and phone lines could be slow or unavailable as teams worked to restore service.
Nissan confirms design studio data breach claimed by Qilin ransomware
Nissan Japan has confirmed to BleepingComputer that it suffered a data breach following unauthorized access to a server of one of its subsidiaries, Creative Box Inc. (CBI).
This came in response to the Qilin ransomware group’s claims that they had stolen four terabytes of data from CBI, including 3D vehicle design models, internal reports, financial documents, VR design workflows, and photos.
“On August 16, 2025, suspicious access was detected on the data server of Creative Box Inc. (CBI), a company contracted by Nissan for design work,” stated a Nissan spokesperson to BleepingComputer.
New AI attack hides data-theft prompts in downscaled images
Researchers have developed a novel attack that steals user data by injecting malicious prompts in images processed by AI systems before delivering them to a large language model.
The method relies on full-resolution images that carry instructions invisible to the human eye but become apparent when the image quality is lowered through resampling algorithms.
Developed by Trail of Bits researchers Kikimora Morozova and Suha Sabi Hussain, the attack builds upon a theory presented in a 2020 USENIX paper by a German university (TU Braunschweig) exploring the possibility of an image-scaling attack in machine learning.
SpaceX’s troubled Starship prototype pulls off successful flight after months of explosive mishaps
• SpaceX launched the 10th test flight of its Starship spacecraft and Super Heavy rocket booster tonight. Both achieved successful splashdowns on opposite sides of the world during the roughly hour-long test.
• The test flight marked a signficant and encouraging stride forward for SpaceX’s Starship program, which had experienced a string of explosive missteps dating back to January.
• Tonight’s success could queue up SpaceX to conduct another boundary-pushing flight next month, aimed at improving the vehicle’s performance before SpaceX upgrades to a larger version of Starship next year.
[4K] Watch the largest and most powerful rocket launch live! Starship Flight 10
[TIME SUBJECT TO CHANGE] Liftoff NET 6:30 p.m. central [23:30 UTC] — One hour launch window.
SpaceX is launching the 10th full stack Starship with its Super Heavy booster. The booster will not be caught as SpaceX will attempt some more hazardous engine out scenarios with the booster, so it will splashdown off the coast.
But perhaps the biggest milestone is whether or not Starship S37 will be the first Version 2 vehicle to reach the goals of deploying dummy payloads, testing radical heatshield options, and ultimately propulsively splashdown in the Indian Ocean after the setbacks of Flight 7, Flight 8, Flight 9 and S36’s failures.
Want to know what’s new with Starship Version 2? We’ve got a video for you! — https://www.youtube.com/watch?v=eQZbi8HBRcQ
Want more information on how exactly they’ll catch Super Heavy? WATCH THIS — https://www.youtube.com/watch?v=pAPt5vbr-YU
Want to know where to watch this live? I made a video on how to visit Starbase and where to watch a launch from — https://youtu.be/aWvHrih-Juk.