Weekly Threat Digest : 15 SEPTEMBER to 21 SEPTEMBER 2025

For a detailed threat digest, download the PDF file here

HiveForce Labs has reported a sharp rise in cyber threats, highlighting the increasing complexity and frequency of attacks. Over the past week alone, twelve major attacks were detected, two vulnerabilities were actively exploited, and two threat actor groups were closely tracked, signaling an alarming escalation in malicious activity across digital environments.

In a concerning development, Google released critical security updates for Chrome to address its sixth zero-day vulnerability of 2025, CVE-2025-10585, a type confusion flaw in the V8 JavaScript engine that is already being exploited in the wild. Additionally, CVE-2024-7344, a vulnerability in the Howyar Reloader UEFI application, is being leveraged by the HybridPetya ransomware to bypass Secure Boot- a security feature designed to prevent unauthorized code from running during startup.

Meanwhile, several sophisticated malware campaigns are wreaking havoc globally. EvilAI masquerades as legitimate AI tools, using polished interfaces and stolen code-signing certificates to lure users into installing it. BlackNevas ransomware, first spotted in November 2024, continues to spread across Asia, Europe, and North America, hitting industries like healthcare, finance, manufacturing, and legal services. Supply chain attacks are also on the rise, as seen in the Shai-Hulud campaign targeting npm package maintainers. Even the hospitality sector is under threat: RevengeHotels (TA558) uses fake invoices and job applications to infiltrate hotel front desks, deploying VenomRAT to steal payment data and disable security tools. Together, these events emphasize the critical need for proactive defenses, timely patching, and resilient cybersecurity strategies in today’s increasingly hostile digital landscape.

Subscribe to receive our weekly threat digests and alerts directly in your inbox.