Cyber Briefing: 2025.08.20

Mozilla patches Firefox; RingReaper malware; Windows fix out; Intel data flaws; BCNYS breach 47K+; Qilin hits Inotiv; DOJ charges RapperBot; Citizen Lab VPN flaws; German court revives adblocker suit.

Aug 20, 2025

👉 What's going on in the cyber world today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get Help

🚨 Cyber Alerts

1. Mozilla Security Advisory AV25-529

On August 19, 2025, Mozilla issued security advisories (AV25-529) for multiple products, including Firefox and Focus for iOS, and various versions of Firefox ESR. Users and administrators are strongly advised to apply the necessary updates to address vulnerabilities identified in these versions.

2. RingReaper Malware Hits Linux Servers

A new and sophisticated Linux malware, named RingReaper, has been discovered that uses advanced evasion techniques to bypass traditional security tools. The malware exploits the io_uring interface, a modern Linux kernel feature, to conduct its malicious activities covertly and remain largely invisible to endpoint detection and response systems.

3. Microsoft Issues Windows Fix Update

Microsoft has released emergency Windows updates to fix a bug in the August 2025 security updates that prevented some users from using the "Reset my PC" and "Fix problems using Windows Update" tools. The emergency updates are available as optional updates via Windows Update and can be downloaded from the Microsoft Update Catalog.

For more alerts, click here!

Check Jobs

💥 Cyber Incidents

4. Intel Employee Data Exposure Flaw

A security researcher discovered and disclosed several vulnerabilities in Intel's internal websites that could have exposed the personal information of all 270,000 employees. While Intel has since patched the issues, the company stated that no data breach or unauthorized access occurred.

5. NY Business Council Data Breach Hits 47K

The Business Council of New York State (BCNYS) experienced a data breach in February, which was not discovered until August, exposing the personal, financial, and health information of over 47,000 individuals. The stolen data includes Social Security numbers, financial account details, and medical information, leading the BCNYS to offer free credit monitoring to affected individuals.

6. Ransomware Gang Hacks Inotiv Firm

Qilin, a ransomware group, claimed responsibility for a cyber attack on the drug research company Inotiv, which resulted in the encryption of systems and the theft of 176 GB of data. The group has threatened to release sensitive research data, potentially causing significant financial and reputational damage to Inotiv.

For more incidents, click here!

Read Report

📢 Cyber News

7. DOJ Charges Man Behind RapperBot Botnet

A 22-year-old Oregon man, Ethan Foltz, has been charged for allegedly operating the RapperBot distributed denial-of-service (DDoS)-for-hire botnet, which has been used to launch over 370,000 attacks worldwide.

8. Citizen Lab Exposes Hidden VPN Flaws

A recent report by Citizen Lab, titled "Hidden Links," uncovers a network of popular VPN apps, including Turbo VPN and VPN Monster, that are secretly controlled by a few linked companies, many with ties to China. The report found that these apps share dangerous security vulnerabilities like hard-coded passwords and weak encryption, making user data highly susceptible to being intercepted and exposed.

9. Mozilla Warns Germany on Ad Blockers

A German court has revived a legal case from online media company Axel Springer against the ad blocker company Eyeo, which could potentially lead to a ban on ad blockers in the country. The lawsuit alleges that ad blockers violate copyright by modifying a website's code, an argument that, if successful, could also impact other browser extensions and user choice.

For more news, click here!

Check Events

📈Cyber Stocks

On Wednesday, August 20, 2025, cybersecurity stocks showed mixed movement as markets weighed strong earnings results, valuation recalibrations, and upcoming economic signals.

Rapid7 (RPD) slipped 1.54% to $21.14, as broader valuation concerns persisted despite solid Q2 results and raised forward guidance
Palo Alto Networks (PANW) jumped 3.09% to $181.56, buoyed by its strong fiscal Q4 results, upbeat fiscal 2026 guidance, and investor enthusiasm over its CyberArk acquisition and AI-driven platform expansion
Check Point Software Technologies (CHKP) drifted 0.28% lower to $188.00, as investor caution remained amid continued softness in billings growth even after stabilizing earnings and revenue
SentinelOne (S) eased 0.32% to $16.95, as the stock pulled back slightly ahead of its upcoming Q2 earnings, with caution surrounding its valuation and lingering sector uncertainty
Okta (OKTA) dipped 0.25% to $91.15, with investor sentiment tempered by broader macroeconomic caution, despite interest in its identity-security offerings

💡 Cyber Tip

🌐 Update Firefox and Focus Now to Patch Mozilla Security Flaws

Mozilla has issued Security Advisory AV25-529 (August 19, 2025), warning of multiple vulnerabilities across its browsers. The flaws affect Firefox, Firefox ESR, and Focus for iOS, with risks ranging from code execution to data exposure. Users and administrators are urged to update immediately to reduce the risk of exploitation.

✅ What you should do:

Update Firefox to version 142 or later
Update Firefox ESR to versions 140.2, 128.14, or 115.27 (depending on your ESR track)
Update Firefox for iOS and Focus for iOS to version 142 or newer
Enable automatic updates but also manually verify your version in browser settings
Monitor for security advisories from Mozilla to stay protected against future zero-day exploits

🔒 Why this matters:
Browser vulnerabilities are a top target for attackers because they provide direct access to personal and corporate data. Applying these updates closes critical gaps and ensures a safer browsing experience.