ANY.RUN Exposes August 2025’s Top Cyber Threats Targeting Global Industries

DUBAI, DUBAI, UNITED ARAB EMIRATES, August 26, 2025 /EINPresswire.com/ -- ANY.RUN, a leading provider of interactive malware analysis and threat intelligence, has released its August 2025 threat roundup, exposing three major attacks targeting enterprises and critical industries worldwide.

Phishing kits and stealers dominated the month with new tactics to bypass defenses and overwhelm analysts, but the research team showed how these campaigns can be safely uncovered before causing costly business damage.

𝐓𝐲𝐜𝐨𝐨𝐧𝟐𝐅𝐀: 𝐀 𝟕-𝐒𝐭𝐚𝐠𝐞 𝐏𝐡𝐢𝐬𝐡𝐢𝐧𝐠 𝐀𝐭𝐭𝐚𝐜𝐤 𝐁𝐮𝐢𝐥𝐭 𝐭𝐨 𝐁𝐞𝐚𝐭 𝐃𝐞𝐟𝐞𝐧𝐬𝐞𝐬

ANY.RUN uncovered Tycoon2FA’s new multi-stage campaign; a seven-step chain of CAPTCHAs, button-hold checks, and validation screens to stay hidden from automated tools. Unlike mass phishing kits, it targets 𝗴𝗼𝘃𝗲𝗿𝗻𝗺𝗲𝗻𝘁, 𝗺𝗶𝗹𝗶𝘁𝗮𝗿𝘆, 𝗮𝗻𝗱 𝗳𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹 𝗶𝗻𝘀𝘁𝗶𝘁𝘂𝘁𝗶𝗼𝗻𝘀, 𝘄𝗶𝘁𝗵 𝟮𝟲% 𝗼𝗳 𝗼𝗯𝘀𝗲𝗿𝘃𝗲𝗱 𝗰𝗮𝘀𝗲𝘀 𝗵𝗶𝘁𝘁𝗶𝗻𝗴 𝘁𝗵𝗲 𝗯𝗮𝗻𝗸𝗶𝗻𝗴 𝘀𝗲𝗰𝘁𝗼𝗿.

𝐑𝐡𝐚𝐝𝐚𝐦𝐚𝐧𝐭𝐡𝐲𝐬 𝐒𝐭𝐞𝐚𝐥𝐞𝐫 𝐯𝐢𝐚 𝐂𝐥𝐢𝐜𝐤𝐅𝐢𝐱

Attackers combined 𝗖𝗹𝗶𝗰𝗸𝗙𝗶𝘅 𝗳𝗹𝗼𝘄𝘀 𝘄𝗶𝘁𝗵 𝗥𝗵𝗮𝗱𝗮𝗺𝗮𝗻𝘁𝗵𝘆𝘀 𝗦𝘁𝗲𝗮𝗹𝗲𝗿, 𝗮 𝗖++ 𝗺𝗮𝗹𝘄𝗮𝗿𝗲 designed for large-scale data theft. Delivered through MSI payloads running in memory, it uses 𝗮𝗻𝘁𝗶-𝗩𝗠 𝗰𝗵𝗲𝗰𝗸𝘀, 𝗧𝗟𝗦 𝗮𝗻𝗼𝗺𝗮𝗹𝗶𝗲𝘀, 𝗮𝗻𝗱 𝗣𝗡𝗚 𝘀𝘁𝗲𝗴𝗮𝗻𝗼𝗴𝗿𝗮𝗽𝗵𝘆 to stay under the radar.

𝐒𝐚𝐥𝐭𝐲𝟐𝐅𝐀: 𝐀 𝐍𝐞𝐰 𝐏𝐡𝐚𝐚𝐒 𝐋𝐢𝐧𝐤𝐞𝐝 𝐭𝐨 𝐒𝐭𝐨𝐫𝐦-𝟏𝟓𝟕𝟓

Experts also exposed Salty2FA, a Phishing-as-a-Service kit capable of bypassing nearly all MFA methods. Already active in 𝗳𝗶𝗻𝗮𝗻𝗰𝗲, 𝗲𝗻𝗲𝗿𝗴𝘆, 𝘁𝗲𝗹𝗲𝗰𝗼𝗺, 𝗵𝗲𝗮𝗹𝘁𝗵𝗰𝗮𝗿𝗲, 𝗮𝗻𝗱 𝗴𝗼𝘃𝗲𝗿𝗻𝗺𝗲𝗻𝘁, it poses severe risks where one compromised account can disrupt entire operations.

For full technical details, live analyses, IOCs, and guidance on faster detection, visit the ANY.RUN blog.

𝐀𝐛𝐨𝐮𝐭 𝐀𝐍𝐘.𝐑𝐔𝐍

ANY.RUN helps more than 15,000 organizations worldwide, from banking and healthcare to telecom, retail, and technology, strengthen cybersecurity operations and respond to threats with confidence.

Solutions include the Interactive Sandbox for live malware analysis, Threat Intelligence Lookup for IOC enrichment, and TI Feeds that deliver high-fidelity data directly into SOC workflows.

Built for speed and clarity, ANY.RUN gives teams the visibility they need to uncover hidden attacks, cut investigation time, and stop intrusions earlier.

The ANY.RUN team
ANYRUN FZCO
+1 657-366-5050
email us here
Visit us on social media:
LinkedIn
YouTube
X

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.