DarkLab's DarkMirror H1 2025 report indicates a rise in ransomware attacks, with 3,535 victims globally. The U.S. is the most affected, with 1,861 victims, while Italy recorded 85 attacks, mainly in industry and services.

On August 31, 2025, Tenable reported an unpatched vulnerability, CVE-2025-22840, affecting Linux/Unix hosts, potentially allowing privilege escalation via local access. The vulnerability has a CVSS v3 base score of 9.8, and there is no known solution.

ScarCruft, a North Korea-linked hacking group, launched a phishing campaign called Operation HanKook Phantom to deliver RokRAT malware. The campaign targets South Korean academics and individuals associated with the National Intelligence Research Association, aiming to steal sensitive information.

A sophisticated malware campaign, AI Waifu RAT, has emerged, weaponizing artificial intelligence and social engineering to target niche online communities. The remote access trojan masquerades as an AI interaction tool, providing attackers with complete system access.

Censys warned that over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158. Attackers are also exploiting CVE-2025-48384, a recently patched vulnerability in Git.

On August 31, 2025, a SQL injection vulnerability (CVE-2025-9740) was reported in code-projects Human Resource Integrated System 1.0. The vulnerability is located in /log_query.php and can be exploited remotely.

Tenable reports that Red Hat Enterprise Linux 8 is missing security updates for python39:3.9, as detailed in RHSA-2025:14900. The vulnerabilities include CVE-2025-47273 and CVE-2025-8194, and the solution involves updating the RHEL python39:3.9 package.

On August 31, 2025, Tenable reported unpatched vulnerabilities CVE-2025-38533 and CVE-2025-38535, both with a CVSS v3 base score of 9.8, affecting Linux/Unix systems. Both vulnerabilities involve unpatched packages, and there is no known solution at this time.

On August 31, 2025, Tenable published Nessus Plugin ID 260058 to identify Linux/Unix hosts with unpatched vulnerabilities, specifically CVE-2025-38536. The vulnerability is a use-after-free issue in the Linux kernel's net: airoha module, and there is no known solution available.

On August 31, 2025, Tenable updated Nessus Plugin ID 228779 to address the unpatched vulnerability CVE-2024-42225, affecting Linux/Unix hosts. The vulnerability is rated as High, and there is no known solution available.

Tenable released Nessus Plugin ID 225587 on August 31, 2025, to identify Linux/Unix hosts with the unpatched vulnerability CVE-2022-49132. The plugin details include a medium severity rating, and there is no known solution at this time.

As of August 31, 2025, a high-severity vulnerability, CVE-2022-49384, remains unpatched in Linux distributions. The vulnerability involves a double free of io_acct_set bioset, and there is currently no known solution.

Tenable released Nessus plugin ID 227583 on August 31, 2025, to identify Linux/Unix hosts affected by CVE-2024-27041, a vulnerability where vendors indicate no patch will be available. The vulnerability involves NULL checks in drm/amd/display code.

On August 31, 2025, Tenable published a Nessus plugin (ID 248568) to identify Linux/Unix hosts affected by CVE-2021-39698, a memory corruption issue potentially leading to local privilege escalation. The vendor indicates no patch is available.

Tenable published Nessus plugin ID 248199 on August 31, 2025, to identify unpatched vulnerabilities in Linux/Unix systems, specifically CVE-2022-28181 affecting NVIDIA GPU Display Drivers. The vulnerability is critical, with a CVSS v3 score of 9.9, and there is no known solution available.

Tenable's Nessus plugin (ID 231091) detects a high-severity vulnerability (CVE-2024-49991) in Linux/Unix systems related to drm/amdkfd, involving a use-after-free bug. The vendor indicates that a patch will not be available.

On August 31, 2025, Tenable released Nessus plugin ID 259985 to identify unpatched vulnerabilities in Linux/Unix hosts, detecting systems affected by CVE-2025-38542, a device refcount leak. The CVSS v3 base score is 9.8, and there is no known solution available.

Tenable released Nessus plugin ID 259988 on August 31, 2025, to identify unpatched vulnerabilities in Linux/Unix hosts, targeting CVE-2025-38521, a kernel crash related to GPU hard reset sequences. The CVSS v3 base score is 9.8, and there is no known solution.

On August 31, 2025, Tenable released Nessus plugin ID 248179 to identify a vulnerability (CVE-2024-58100) in Linux/Unix systems where vendors will not provide patches. The plugin's severity is high, with CVSS v3 base score of 7.1.

Tenable released Nessus Plugin ID 228517 on August 31, 2025, to identify Linux/Unix hosts with the unpatched vulnerability CVE-2024-42228. The vulnerability affects multiple packages and has no known solution.

Tenable published a Nessus plugin (ID 259948) on August 31, 2025, to detect an unpatched vulnerability (CVE-2025-38537) in Linux/Unix hosts. The vulnerability, with a Critical severity, affects packages without vendor-supplied patches.

On August 31, 2025, Tenable published Nessus plugin ID 249641 to identify Linux/Unix hosts with packages affected by the unpatched vulnerability CVE-2024-42105. The vulnerability involves potential issues in nilfs2.

Tenable released Nessus Plugin ID 225107 on August 31, 2025, to identify a vulnerability (CVE-2022-44034) in Linux distributions. The vulnerability involves a race condition that could lead to a use-after-free issue, and the vendor will not patch it.

Tenable released Nessus Plugin ID 248010 on August 31, 2025, to identify Linux/Unix hosts with unpatched vulnerabilities, targeting CVE-2021-47478, which involves potential out-of-bounds access in isofs images.