Top Tech Headlines for August 30, 2025

Today’s cybersecurity roundup is a wild ride—from info stealers posing as PDF editors, to a stealthy zero-click vulnerability on your favorite messaging app. Here are the top digital threats you should be aware of right now.

TamperedChef Malware Masquerades as PDF Editor

Cybercriminals are distributing a fake PDF editor through deceptive Google ads that actually installs a malware called TamperedChef. This infostealer quietly captures sensitive information and exfiltrates data from infected systems.

If you’ve recently downloaded a PDF tool from an ad or unfamiliar site, it’s worth scanning your system. And remember—only download from trusted sources.

Velociraptor Tool Exploited for Visual Studio Code C2 Tunneling

Security researchers report that attackers hijacked Velociraptor—a legitimate forensic tool—to silently install Visual Studio Code on endpoints for command-and-control (C2) tunneling. Using Cloudflare Workers, they cleverly masked their activity and paved the way for potential ransomware deployments.

This underscores a growing trend of weaponizing trusted tools to avoid detection. Security teams should monitor for unusual installations or activity from known apps.

WhatsApp Releases Patch for Zero-Click Exploit on iOS and macOS

WhatsApp has issued an emergency security update to fix CVE-2025-55177, a zero-click exploit affecting both iOS and macOS users. The flaw can be abused via a malicious message, potentially allowing attackers to install spyware without user interaction.

iPhone and Mac users—update your apps immediately. This is a critical flaw that’s already being used in real-world targeting campaigns.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.