Cybersecurity Weekly Round-Up: 18–25 August 2025

1. Patch Tuesday Follow-Up: 107–111 Fixes with a Zero-Day Addressed

On 12 August, Microsoft issued its monthly Patch Tuesday, resolving between 107 to 111 vulnerabilities, including 13–17 critical flaws and a publicly disclosed Windows Kerberos zero‑day—codenamed BadSuccessor, capable of enabling full domain compromise via elevation of privilege (CrowdStrike). System administrators should prioritize deploying these updates across critical infrastructures.

2. Wide-Impact Windows Reset & Recovery Bug—Emergency Fix Released

The August update (KB5063875/KB5063878) introduced a critical bug preventing the use of “Reset my PC” and recovery tools on Windows 10 and early Windows 11 versions. Some systems even reported SSD disappearance or installation errors (Windows Central). On 19 August, Microsoft rolled out an out‑of‑band update (KB5066189/KB5066188) to resolve the issue, urging immediate replacement of the broken patches (Windows Central).

3. Fortinet VPNs Facing Brute-Force Blitz—Zero-Day Concerns Rising

In early August, threat intelligence firm GreyNoise observed a significant surge in brute‑force attempts targeting Fortinet SSL VPNs and FortiManager—with over 780 malicious IPs involved, including actors from the U.S., Canada, Russia, and Europe (The Hacker News). Although no confirmed zero‑day exploit has been confirmed yet, this spike serves as a warning. Organisations using Fortinet products should heighten monitoring, apply all patches, and enforce stronger access controls.

4. AI Armies: Hackers and Defenders Both Harnessing Generative Tools

AI is becoming a double-edged sword in cybersecurity. Attackers are leveraging generative models for automated phishing, reconnaissance, and attack scripting, while defenders deploy AI to detect anomalies and automate threat hunting. But experts caution that current AI capabilities still produce false positives and require human guidance (TechRadar, axios.com). The urgency for secure AI governance and skill development is more critical than ever.

5. “Intel Outside” Breach Reveals Weak Internal Infrastructure

Security researcher Eaton Z uncovered a vulnerability dubbed “Intel Outside”, where unsecured internal sites—including a business card platform—exposed data on ~270,000 employees via a flawed API token and bypassable login. The vulnerabilities were reported in October 2024 and patched by February 2025, but were outside Intel’s bug bounty scope (Tom's Hardware). The incident highlights the importance of securing internal systems and expanding bug bounty coverage.

6. Microsoft Tightens Cyber Early-Warning Access for Chinese Firms

On 20–21 August, Microsoft announced that it would restrict certain Chinese companies’ access to its Active Protections Program (MAPP), removing “proof of concept” code sharing amid concerns that a leak may have enabled a spike in SharePoint attacks targeting hundreds of organizations (eaton-works.com, TechRadar). This shift highlights the influence of geopolitics on cyber-defense collaboration and data-sharing protocols.

Key Takeaways & Action Steps

What to Watch Next

• Will Fortinet face a confirmed zero-day exploit?

• Are AI-generated threat sophistication and scale growing?

• Are other organisations vulnerable to Intel-like internal leaks?

• Will geopolitical dynamics alter more cybersecurity intelligence-sharing models?