Louis Vuitton UK suffers cyberattack exposing customer data, marking the third LVMH breach in 3 months as retail sector faces ongoing security threats.

Luxury fashion house Louis Vuitton is investigating a data breach that exposed customer information tied to its UK operations. The attack occurred on July 2 2025, and is the third security incident linked to LVMH brands since May.

According to a company email to customers, the breach involved names, contact details and purchase histories. Louis Vuitton clarified that no payment or financial data was compromised. The company has contacted affected customers and alerted the UK Information Commissioner’s Office, as required by data protection laws.

Original email sent out by Louis Vuitton to its customers in the Italian language (left via Ransom News on X) – Email has been translated from Italian to English for our readers via AI (right)

****Pattern of Attacks Across LVMH****

This incident follows two similar breaches in recent months. Louis Vuitton’s South Korea division and Christian Dior Couture were both reportedly hit by cyberattacks, though specific details about those cases have not been made public.

The latest incident raises questions about the cybersecurity infrastructure of LVMH, the world’s largest luxury conglomerate. While no group has publicly claimed responsibility, the coordinated timing has drawn attention from industry analysts and cybersecurity professionals.

**What Was Accessed**

Louis Vuitton confirmed the attackers accessed:

Detail

Info

**Date of breach**

July 2, 2025

**Data stolen**

Names, contact details, purchase history

**Financial data**

Not affected

**Breach pattern**

Third in 3 months across LVMH brands

**Response**

Authorities notified; customers advised to watch for scams

No passwords, credit card details or login credentials were affected, according to the company.

****Advice to Customers****

Affected customers are being warned to watch for phishing attempts. Emails or messages referencing recent purchases or exclusive offers could be used to trick individuals into revealing further personal data.

Security experts recommend:

*   Avoiding links in unsolicited messages
*   Monitoring accounts for suspicious activity
*   Enabling multi-factor authentication where possible

****Response from Louis Vuitton****

The company said it is working with external cybersecurity firms to investigate the breach and secure its systems. A full forensic review is ongoing. Louis Vuitton has not yet disclosed how the attackers gained access or how many customers were affected.

A spokesperson added that the group has taken “technical and organisational measures” to strengthen its defences, though no specifics were given.

****Industry Concerns Growing****

The incident adds to a growing list of high-profile attacks on global brands in 2025. Fashion, retail and hospitality sectors have become frequent targets, often due to their rich customer databases and sometimes lagging security practices.

LVMH, which owns more than 70 brands including Louis Vuitton, Dior and Fendi, handles millions of customer transactions each year. Any sustained weakness in its security strategy could become a bigger concern if these incidents continue.

For now, Louis Vuitton is trying to contain the damage. But with three confirmed breaches in 90 days, attention is shifting to whether the company is treating these incidents as isolated events or signs of a bigger cybersecurity problem.

****Bad Year for UK Retailers****

UK retailers have had a difficult year on the cybersecurity front. Major names like Marks & Spencer, Co-op Group and Harrods were all hit by data breaches earlier in 2025, with reports linking the attacks to the hacking group known as Scattered Spider.

Just last week, the UK’s National Crime Agency (NCA) arrested a woman and three young men in connection with those same incidents. If those arrested are indeed members of Scattered Spider, it could mean law enforcement has begun dismantling part of the group’s UK operations.

But that leaves a question hanging over the latest breach at Louis Vuitton. The attack on its UK systems took place on July 2, days before the arrests were made. If those detained last week were responsible for the earlier retail breaches, were they also involved in the Louis Vuitton incident? Or does this point to another group still active?

It’s too early to say. Only ongoing investigations will clarify whether this is all connected or whether Louis Vuitton’s breach was carried out by a different set of attackers altogether.

Louis Vuitton UK Hit by Cyberattack, Third LVMH Breach in 3 Months

Online privacy, security, and performance today are more important than ever. For professionals and businesses working online, it’s…

Online privacy, security, and performance today are more important than ever. For professionals and businesses working online, it’s essential to use tools that protect their operations and ensure efficiency. One of the most valuable tools available today is to buy dedicated proxy services that give you exclusive, high-quality IP addresses.

****What Is a Dedicated Proxy?****

A dedicated proxy, also known as a private proxy, provides a single user with full control over an IP address. Unlike shared proxies, where multiple users may compete for bandwidth or reputation, a dedicated proxy ensures optimal speed, security, and reliability because you don’t share it with anyone else.

****Benefits of Dedicated Proxies****

When you buy a dedicated proxy, you unlock significant advantages:

*   **Exclusive IP control**: Your activities are completely isolated from others, reducing the risk of blacklisting or poor IP reputation.
*   **Improved performance**: No bandwidth competition ensures faster, more stable connections.
*   **Better privacy**: Hide your true IP and protect sensitive information.
*   **Reliable data scraping**: Dedicated proxies allow you to collect data efficiently from websites without facing bans.
*   **Bypass geo-restrictions**: Access global platforms as if you were physically in different countries.

Whether you are an e-commerce business, a digital marketer, or a private individual who values privacy, a dedicated proxy can help you operate securely and efficiently.

****Who Needs Dedicated Proxies?****

Dedicated proxies are ideal for:

*   **Businesses** that require secure and reliable online operations.
*   **SEO professionals** monitor search engine results without risking IP bans.
*   **Ad agencies** verifying ads in different regions.
*   **Developers** running scripts or bots that need a clean, private IP address.
*   **Privacy-focused individuals** who want better control of their online footprint.

****Choosing the Right Provider****

When you decide to buy dedicated proxy services, look for:

*   **Fast and unlimited bandwidth**: Essential for data-heavy tasks.
*   **High uptime**: At least 99.95% to ensure your operations run smoothly.
*   **Large IP pool**: Enables access to a range of locations and IP types.
*   **Flexible authentication**: Choose between user-password or IP whitelisting.
*   **Quality support**: Responsive customer service makes all the difference.

Trusted providers offer not just proxies but complete infrastructure and peace of mind for businesses operating in an increasingly competitive online environment.

****Conclusion****

Investing in dedicated proxies is a smart choice for anyone who values speed, security, and privacy online. These proxies give you full control over your IP identity and ensure you can operate without interruptions or risks caused by shared resources.

By choosing a reputable provider, you can ensure that your business or personal activities stay safe, fast, and effective, giving you a competitive advantage in today’s online economy.

Dedicated Proxies: A Key Tool for Online Privacy, Security and Speed

Denmark introduces new AI Copyright Rules to ban non-consensual deepfakes, giving citizens legal control over their face, voice and digital likeness.

Denmark is taking a ground-breaking step in the fight against deepfake technology, proposing an amendment to its copyright laws that would allow individuals to own their own likeness. This innovative approach, backed by a broad consensus in the Danish Parliament, aims to empower citizens to demand the removal of unauthorised digital reproductions of their appearance and voice from online platforms.

****The Growing Threat of Deepfakes****

Deepfakes are incredibly realistic digital fabrications of a person’s image, voice, or actions and are becoming more sophisticated and harder to distinguish from reality, posing significant risks, including harassment, coercion, and even falsely implicating individuals in crimes.

Current legal frameworks, like the United States’ Digital Millennium Copyright Act (DMCA), typically protect creative works like photos or recordings, but not a person’s inherent identity. This means only individuals with significant resources, like Scarlett Johansson, can effectively fight against deepfakes since ordinary citizens often lack the means to pursue legal action.

For your information, in 2024, Scarlett Johansson and OpenAI faced a controversy when OpenAI released a new voice for its ChatGPT system, “Sky,” resembling her voice. Johansson declined an offer from OpenAI’s CEO, Sam Altman, to license her voice, still the voice was still launched. Johansson was shocked and threatened legal action, leading to OpenAI halting Sky’s voice.

Scarlet Johansson’s Statement (Source: X.com @BobbyAllyn)

Similarly, viral videos showcasing a DeepTomCruise created by Metaphysic demonstrated just how convincing and unsettling deepfake technology had become.

Tom Cruise’s Deepfake (Source: TikTok)

Adding to these concerns, Hackread recently reported a sophisticated AI-powered phishing operation targeting YouTube content creators. Scammers used a highly realistic deepfake video of YouTube’s CEO, Neal Mohan, to announce fake changes to monetisation policies, aiming to steal login credentials and install malware.

****A New Global Standard?****

Danish Culture Minister Jakob Engel-Schmidt has strongly voiced his concern, stating that “human beings can be run through the digital copy machine and be misused for all sorts of purposes, and I’m not willing to accept that.” He highlighted that existing laws are insufficient to protect individuals from generative AI.

The proposed Danish law would legally define unauthorised digital representations, specifically targeting “very realistic digital representations of a person, including their appearance and voice,” thereby providing a direct legal basis for removal requests and potential financial compensation for victims. It includes exceptions for parody and satire to protect freedom of speech. The legislative proposal is undergoing public review before formal submission this autumn.

Denmark intends to use its upcoming EU presidency to champion a new approach to deepfake regulation across Europe. Unlike current efforts that largely penalise harmful deepfake uses after they occur, Denmark proposes granting individuals copyright over their digital likeness to prevent misuse from the outset.

Apart from Denmark, companies like Metaphysic are exploring alternative solutions. Metaphysic is working on a system that allows individuals to create an AI-generated avatar of themselves and copyright it, which would fall under existing copyright protections, offering a potential workaround in countries where personal likeness isn’t directly copyrightable. However, Denmark’s proposal is a more straightforward solution to a pressing global challenge, and its success could influence future deepfake legislation worldwide.

Denmark Moves Toward AI Copyright Rules for Voice and Appearance

2024 was an important year for cryptocurrency markets, both in terms of growth, user adoption, investment, and technological…

2024 was an important year for cryptocurrency markets, both in terms of growth, user adoption, investment, and technological progress. However, progress made in 2024 could seem minor compared to the possible changes ahead in 2025.

Recent political changes in the United States point to the start of regulatory clarity. 2025 could be the year the crypto space, active since Bitcoin’s 2009 launch, finally comes into its own.

This “clarity” could be a key step to completing crypto’s move from the financial fringes to the mainstream. From there, expect institutional adoption, already surging, to further accelerate.

While nothing is certain, all of these factors point to another promising outcome for Bitcoin and other cryptocurrencies, a possible move higher, as this asset class comes of age, bringing stronger market support.

****Regulatory Clarity Will be a Gamechanger****

Over the past few years, the US cryptocurrency space has been operating with a high level of regulatory uncertainty. Crypto companies operating within the US contended with not just a lack of a regulatory framework, but aggressive enforcement actions from US securities regulators as well.

Fortunately, this major headwind is soon coming to an end. On Jan. 20, the new Trump administration took office, promising major changes to US cryptocurrency policy. Based on statements made by the President, there is a strong likelihood that, perhaps within the first 100 days of his administration, the US federal government will commence implementing policy changes that promote the growth and adoption of cryptocurrencies.

Binance CEO Richard Teng shares what he expects in the crypto industry in 2025: “Crypto regulation developments are expected from the new US government in 2025, which will encourage more crypto participation across the market, especially from US-based TradFi, and will help inform crypto legislation for other countries across the world.”

Teng continued his comments, “There is also the potential of a Strategic Bitcoin Reserve in the US, which could be a significant development and lead to many other countries doing the same. In this scenario, Bitcoin could one day grow to new heights in terms of adoption.”

Included in these policy changes will likely be the implementation of a comprehensive regulatory framework. This will bring forth an era of regulatory clarity for US cryptocurrency companies. As this takes shape at the same time other major justifications establish regulatory frameworks of their own, expect this to be a game changer.

Mostly, because this regulatory clarity stands to cement crypto’s status as a major asset class. In turn, count on this having a tremendous impact on the allocation of institutional capital into Bitcoin, other cryptocurrencies, as well as into cryptocurrency investment products.

****An Accelerant for Institutional Adoption****

Over the past year, the launch of spot Bitcoin exchange-traded funds (ETFs) and other cryptocurrency exchange-traded products (ETPs) has resulted in massive inflows of institutional and retail investor capital into this space, to the tune of $44.2 billion.

However, once comprehensive regulations are implemented, and US regulators go from an aggressive, sceptical stance to one supportive of industry growth, last year’s inflows could prove to be a drop in the bucket compared to future inflows of capital, especially from institutional investors.

With major firms like Blackrock now recommending portfolio allocations of up to 2% into Bitcoin, in 2025 and beyond, it’s possible that institutional investors, ranging from state pension funds to sovereign wealth funds and university endowments, begin committing far greater amounts of capital, both directly into cryptocurrencies, as well as into ETPs like spot Bitcoin ETFs.

Alongside investment into crypto itself, this asset class’ “coming of age” could also lead to increased venture capital investment into blockchain-based startups. According to recent data from the DeFi Report, blockchain-based startups obtained $13.6 billion in venture capital funding last year, a figure that this year could rise to as much as $18 billion.

****The Possible End Result for Crypto Prices****

Considering the supportive conditions expected for crypto investment and adoption, it’s clear that there has been justification for the ramp-up in bullishness for Bitcoin and other cryptos over the past few months.

Of course, nothing’s for certain. For instance, recently announced Federal Reserve policy changes have negatively impacted the short-term performance of most heavyweight cryptocurrencies. Further adjustments to Fed policy may have a similar impact.

Still, given the potential for regulatory changes and other factors to finally trigger a “coming of age” moment for cryptocurrencies, this milestone may be significant enough to counter other concerns, resulting in further price appreciation for Bitcoin, major altcoins, and even help sustain recent high enthusiasm for speculative cryptos such as Meme coins.

Crypto Market Outlook: How Crypto Will Come of Age in 2025

Beijing, China, 14th July 2025, CyberNewsWire

**Beijing, China, July 14th, 2025, CyberNewsWire**

Founded in 2014 by members of Tsinghua University’s legendary Blue Lotus CTF team, Chaitin Tech has announced the availability of SafeLine WAF — a self-hosted web application firewall that has emerged as the most starred WAF project on GitHub in 2025, accumulating over 17,000 stars. It is making waves across the global homelab enthusiasts and startups alike, offering powerful protection with a clean user experience and generous free features.

**Context-Aware Threat Detection**

SafeLine is powered by a semantic analysis engine that evaluates the intent and context of incoming HTTP requests, distinguishing it from conventional WAFs that rely primarily on signature-based detection. This design contributes to a significant reduction in false positives and false negatives while maintaining uninterrupted application traffic. 

**Streamlined Deployment Without Registration**

SafeLine is designed to function without requiring user accounts, subscriptions, or billing information. Installation is supported through a single-command setup that enables full local hosting. The user interface is structured to be accessible for individuals with varying levels of technical expertise, allowing configuration without unnecessary friction. SafeLine is positioned to serve homelabs and businesses seeking effective web protection without compromising simplicity or privacy.

**Comprehensive Feature Set in the Free Edition**

SafeLine’s free tier includes many features typically reserved for paid plans. It includes:

*   The same semantic detection engine as the paid Pro edition
*   Full identity authentication support
*   Open RESTful API access
*   Advanced bot protection with challenge-response mechanisms
*   Rate Limiting and Waiting Room features
*   Unlimited custom rules to tailor security based on application logic

The Free Edition supports protection for up to 10 applications, suitable for small-scale deployments and personal projects. The Lite Edition extends this to 20 applications and incorporates IP geolocation blocking, real-time alerting, and access to curated threat intelligence data.

**Optional Pro Features for Scaling Teams**

SafeLine Pro introduces functionality designed for larger environments. These include:

*   High availability (HA) deployment options
*   Upstream load balancing
*   Advanced traffic analytics and dashboards
*   Interface customization options, such as configurable block pages
*   Unlimited number of protected domains

**Ongoing Development and Community Engagement**

SafeLine follows an agile release cycle, pushing updates every 2 to 3 weeks. Its development is closely aligned with user feedback, and many community suggestions are reflected in each release. As a result, the project enjoys high engagement and trust from its international user base.

Originally launched in China, SafeLine has now spread to users across Southeast Asia, South America, Europe, North America, and Africa, with a global install base nearing 400,000. It has become a favorite in both personal and production environments, especially where self-hosted, privacy-respecting infrastructure is a priority.

**About Chaitin Tech**

SafeLine is developed by **Chaitin Tech**, one of China’s most prominent cybersecurity companies. Founded by members of **Tsinghua University’s Blue Lotus CTF team** — widely recognized for their world-class security expertise — Chaitin has delivered innovative solutions and contributed to critical security research for over a decade.

**Contact**

**Marketing Manager**  
**Carrie Luo**  
**Chaitin Tech**  
**\[email protected\]**

China-Built SafeLine WAF Gains Global Popularity Among Startups & Homelabs

British citizen John Wik sentenced for Islamophobic WiFi hack at UK train stations in Sept 2024. Learn about…

British citizen John Wik sentenced for Islamophobic WiFi hack at UK train stations in Sept 2024. Learn about this Nightsleeper-style incident and its consequences.

A British citizen has been given a suspended sentence following an alarming incident last year where he hijacked free public WiFi networks at train stations across the UK, displaying offensive Islamophobic messages.

As per the British Transport Police’s (BTP) press release, John Andreas Wik, 37, from Beckenham, received a 24-month prison sentence, suspended for two years, on Wednesday, July 9, at Inner London Crown Court. He was also ordered to complete 280 hours of unpaid work and 25 days of rehabilitation activity, along with paying a £150 victim surcharge.

****Incident Details****

The incident occurred on September 25, 2024, around 3:00 PM, when commuters attempting to access free WiFi services at numerous Network Rail stations, including major hubs like London Euston, Manchester Piccadilly, and Liverpool Lime Street, were redirected to a landing page containing hateful content.

The incident was widely reported by cybersecurity news outlets, with Hackread.com reporting on September 26, 2024, that the page featured Islamophobic messages and references to past terrorist attacks in the UK and internationally, such as the 7/7 bombings and the Manchester Arena attack.

Source: Hackread.com

This caused significant distress and fear among many who saw the messages, some even believing an attack was imminent. Network Rail had temporarily suspended WiFi services at all affected stations to contain the attack, confirming that no personal user data was compromised, as the system was a simple click & connect service provided by Telent.

****Investigation and Aftermath****

The British Transport Police (BTP) quickly launched an investigation after receiving reports from 3:00 PM onwards. At the time of the attack, Wik was an employee of Global Reach Technology, the company responsible for managing the WiFi at 20 of Network Rail’s busiest stations.

Initially, Global Reach Technology suspected a third-party hack, but soon discovered that Wik had used his company-issued laptop to alter the landing pages. They promptly reported the matter to the police.

Officers arrested Wik at his home on 27 September 2024. A search of his mobile phone and work laptop uncovered saved pages featuring terrorist attacks and Islamophobic content, confirming his involvement. The attack gained attention for its similarity to fictional cyberattacks in the BBC’s “Nightsleeper” series, where hackers target transportation networks to cause disruption, leading some to label it a “Nightsleeper-style” attack.

Detective Constable Adrienne Curzon of the BTP condemned Wik’s actions, stating, “This was a highly planned and disturbing abuse of power and access that caused distress and genuine fear to some of those who witnessed his hateful messaging.” She emphasised that such hateful acts would not be tolerated on the railway network and urged passengers to report any suspicious behaviour.

Man Gets Suspended Sentence for Hate-Fueled UK Train Stations WiFi Hack

Easily stick logos, text, or graphics onto moving surfaces with Filmora’s planar tracker. Just read this article to know how!

Want to add your logo onto a moving object, replace a sign within your video, or have text smoothly follow a surface? These are the dynamic effects that can truly elevate your video projects. While this might sound like advanced editing, Wondershare Filmora’s planar tracker makes it surprisingly achievable. 

This powerful yet user-friendly tool accurately tracks flat surfaces in your footage, allowing you to attach visuals like images, videos, or text that move naturally with the scene. 

Let’s see how Wondershare Filmora simplifies complex tracking, empowering you to create polished, professional-looking videos with an impressive touch.

**Table of Contents**

1.  Part 1. What is Planar Tracking?
2.  Part 2. Key Features and Modes of Filmora’s Planar Tracker
3.  Part 3. Step-by-Step Guide to Using Planar Tracker in Filmora
4.  Conclusion
5.  FAQs

****Part 1. What is Planar Tracking?****

We talked about making videos look more impressive and dynamic. But what makes this possible? Often, it’s a special technique called planar tracking. Let’s look at what that means.

Planar tracking is a way for your video program to follow a flat or 2D surface in your video. It follows how these flat areas move and also sees if they turn, get bigger or smaller, or even change shape a bit as your camera view changes. Think about common flat things you see moving: a book cover, a phone screen, a sign on a wall, or the side of a moving box. Planar tracking can watch how that specific flat area behaves in your video.

How is this different from other ways to track things? Well, there are a few types:

*   **Point tracking:** This is like following just one tiny dot. It’s good for simple moves, like making text follow one spot as it goes left or right. But it doesn’t work if the object spins or changes size a lot.

*   **3D tracking:** This looks at the whole video scene to understand how the camera itself moved in 3D space. It’s useful for adding 3d computer things to a real video. But it’s much more complex than tracking just one flat area.

*   **Planar tracking:** This tool focuses on the flat surface. It understands how the whole flat area moves and changes shape as you see it from different angles.

So, when is planar tracking the best tool for the job? 

Here’s a common example: Imagine you have a video where someone is holding a blank tablet screen. You want to put a video or a picture on that screen. The tablet is moving, and the person holding it might tilt and turn it slightly. This changes how the screen looks in the video.

Point tracking won’t work well here because the screen’s shape changes as it turns. Moreover, 3D tracking is too complex for just changing a screen.

This is where **planar tracking** is perfect! It can track the four corners of the screen, and it sees exactly how the flat-screen area changes shape as it moves. Then, you can place your picture or video onto that tracked area. It will look like it’s actually on the screen in your video.

****Part 2. Key Features and Modes of Filmora’s Planar Tracker****

So, you now have an idea of what planar tracking is and why it’s so useful for sticking things onto flat surfaces. This brings us to Wondershare Filmora, a video editing tool. Filmora is great because it takes this powerful idea and makes its wonderful **Planar Tracker** feature easy for you to use. It helps creators like you get professional-looking results easily. 

Let’s look at what Filmora’s Planar Tracker offers.

*   **Uses Four Points Tracking Method**: Filmora uses a method with four specific points; it is also known as corner pin tracking. You place these points on the corners of your flat surface, and then these four points help the tool follow the surface very accurately. It sees not just where the surface moves but also if it turns, tilts, or gets bigger or smaller.

*   **Has Two Modes, Auto and Advanced:** Filmora gives you two choices for how it tracks. You can pick Auto if you want it simple or Advanced if you need more control. This lets you choose the best way to track based on your video.

*   **You Can Attach Many Things:** After you track a surface, you can easily add different items, like you can attach text, images (like logos), videos (for screen replacement), stickers, or even other effects you find in Filmora’s own library. 

As we already mentioned, Filmora offers two modes for tracking: Auto and Advanced. What’s the difference between these two? Let’s compare them simply:

**Mode**

**Auto Mode**

**Advanced Mode**

**Target Users**

Great for beginners and those who need quick results

Great for users who need more control. Good for fixing tricky tracks

**Accuracy Settings**

Filmora’s system figures out the best way to track automatically. You place the pins, and it does the rest

Allows you to make manual changes. You can adjust the tracking points yourself and can fix the track at specific moments (keyframes). This helps get super-precise results.

**Processing Speed**

Usually tracks faster

It might take a little longer to finish

**Suitable Scenarios**

Footage where the flat surface is clear, well-lit, and moves smoothly. Ideal for simple tracks like a poster on a steady wall or a screen with clear edges and slow movement.

Videos with low light, motion blur, or when the surface is partly blocked. Use this when the Auto track isn’t perfect and you need to fix it for a very clean, exact look on difficult shots.

So, we can clearly say that the Auto Mode is quick and simple for many videos. But Advanced Mode gives you the extra tools to handle tougher tracking jobs and get a really exact result. 

****Part 3. Step-by-Step Guide to Using Planar Tracker in Filmora****

Having understood the power and flexibility of planar tracking in Filmora, the best way to truly grasp it is to jump in and try it yourself!

Follow these steps to bring your creative vision to life:

**Step 1: Import Video Footage into Filmora**

First things first, open Filmora and import the video clip you want to work with. Drag and drop it from your computer’s folders into Filmora’s Media Library, and then drag it down onto your timeline. This is the foundation for our tracking magic.

**Step 2: Enable Planar Tracking**

Double-click your video clip selected on the timeline, and you will see the **Video** option in the top right corner. Click on this and then the **AI Tools** option, just behind it. Turn on the Planar Tracker option to activate it.

**Step 3: Track the Planar Surface**

Select between two modes, Auto and Advanced.

If you are going with the auto mode, drag the four tracking points to the corners of the flat surface you want to track in your video. Try to be as precise as possible, placing them exactly on the edges or key features of the surface. Once your points are set on the first frame, click the “Start” button. 

**Step 4: Select the Binding Object (image, video, or text to attach)**

After the tracking analysis is complete, it’s time to decide what you want to stick onto that tracked surface. In the Planar Tracker settings, you’ll see an option to “Link” an object. Click on this and choose **“Import from Computer”** to import the media you want to attach— this could be an image (like a logo), another video clip (for screen replacement), a text layer you’ve created, a sticker, or any other element from your media library or Filmora’s effects.

**Step 5: Adjust the Parameters (tracking points, accuracy, binding position)**

Use the scaling and positioning tools within the Planar Tracker or the standard transformation controls to adjust the size, position, and rotation of the bound object so it fits perfectly on the tracked surface.

**Step 6: Complete and Export**

When you’re satisfied with the results, it’s time to export your final video! Go to the export options in Filmora, choose your desired format and settings, and render your impressive, dynamically tracked video.

By following these steps, you can use Filmora’s Planar Tracker, which will turn your simple pictures or words into parts of your video that move. It will ultimately make your videos look better.

****Conclusion****

As you can see, Filmora’s Planar Tracker makes it easy to do something that seems hard: putting things onto flat surfaces that move. By knowing what planar tracking is and using Filmora’s simple Auto and more controlled Advanced modes, you can easily get results that look professional. So, try it with your own video today and find new ways to be creative.

****FAQs****

**1.** **Is it free to use the Planar Tracker?**

Yes, it’s free to use Filmora’s Planar Tracker. But like many other tools, you have the option to buy a paid plan to save your videos with a Filmora watermark on them.

**2\. Can you track multiple surfaces using Filmora’s Planar Tracker?**

Filmora’s Planar Tracker is made to track one flat surface each time you use the tool on a video clip. If you want to track different flat surfaces in the same video, you will likely need to use the **Planar Tracker** tool separately for each surface and attach a different item to each one.

**3.** **What’s the difference between planar tracking and motion tracking in Filmora?**

Motion tracking follows the position and basic movement of a single point or object. This is suitable for simple tracking needs. Planar tracking tracks a flat surface, accounting for its movement and changes in perspective or shape. It is ideal for placing objects onto surfaces like screens or walls that rotate or tilt.

Your Simple Guide: How to Use Filmora’s Planar Tracker for Awesome Video Edits

WatchTowr Labs reveals CVE-2025-25257, a critical FortiWeb SQL injection allowing unauthenticated remote code execution. Patch your FortiWeb 7.0,…

WatchTowr Labs reveals CVE-2025-25257, a critical FortiWeb SQL injection allowing unauthenticated remote code execution. Patch your FortiWeb 7.0, 7.2, 7.4, 7.6 devices immediately to prevent full system compromise. Update NOW!

Cybersecurity researchers have uncovered a major weakness, CVE-2025-25257, in a key part of Fortinet’s security software: the FortiWeb Fabric Connector, vital for linking Fortinet’s web application firewall (FortiWeb) with other security tools, enabling dynamic protections.

The vulnerability was initially reported to Fortinet by Kentaro Kawane from GMO Cybersecurity by Ierae. The subsequent demonstration of escalating the vulnerability to full system control was performed and published by watchTowr Labs, and the findings were shared exclusively with Hackread.com.

****What Happened?****

This is an “unauthenticated SQL injection in GUI” flaw, which means attackers can exploit a weakness in the system’s administrative interface without needing a username or password, tricking the FortiWeb system into running their own harmful commands by sending specially designed requests over the internet.

WatchTowr Labs discovered this hidden problem by comparing FortiWeb version 7.6.4 with an older version, 7.6.3. They pinpointed the weakness in the get\_fabric\_user\_by\_token function within the /bin/httpsd program. This function, intended for logins from other Fortinet devices like FortiGate firewalls, failed to properly check incoming information, allowing injection of harmful commands using the Authorisation: Bearer header in requests to /api/fabric/device/status.

Initial attempts were tricky due to limitations like disallowing spaces in commands. However, researchers cleverly bypassed this using MySQL’s comment syntax (/**/). This made the SQL injection successful, even allowing them to fully bypass the login check with a simple 'or'1'='1 command, which returned a “200 OK” message confirming success.

****From Simple Trick to Taking Control****

Researchers managed to escalate this initial SQL injection into Remote Code Execution (RCE). They achieved this using MySQL’s INTO OUTFILE statement to write files directly to the system’s directory. A critical finding was that the database process ran with root privileges, allowing it to place harmful files almost anywhere.

Although direct execution wasn’t possible, they leveraged an existing Python script in the /cgi-bin folder that automatically executed with high privileges. By writing a special Python file (.pth) to a specific Python directory, they could force the system to run their own Python code, demonstrating a complete system compromise.

****Potential Consequences and What to Do****

If exploited, an attacker could gain full control of your FortiWeb device and potentially other connected systems. This risks sensitive data theft, service disruption, or using your systems for further attacks, leading to significant financial, reputational, and legal damage.

To stay protected, immediately update your FortiWeb system to the patched version. If an immediate update isn’t feasible, Fortinet suggests temporarily disabling the HTTP/HTTPS administrative interface as a workaround.

Here are the details of the impacted FortiWeb versions:

*   7.6.0 through 7.6.3 (upgrade to 7.6.4 or newer)

*   7.4.0 through 7.4.7 (upgrade to 7.4.8 or newer)

*   7.2.0 through 7.2.10 (upgrade to 7.2.11 or newer)

*   7.0.0 through 7.0.10 (upgrade to 7.0.11 or newer)

Critical Vulnerability Exposes Fortinet FortiWeb to Full Takeover (CVE-2025-25257)

Trellix reveals how the India-linked DoNot APT group launched a sophisticated spear-phishing attack on a European foreign affairs…

Trellix reveals how the India-linked DoNot APT group launched a sophisticated spear-phishing attack on a European foreign affairs ministry. Learn about their tactics, the LoptikMod malware, and why this cyber espionage campaign matters for global diplomacy.

A sophisticated campaign by the notorious DoNot APT group, also known by names like APT-C-35 and Mint Tempest, has recently targeted a European foreign affairs ministry. This attack, uncovered by the Trellix Advanced Research Centre, highlights the group’s expanding reach beyond its traditional focus on South Asia.

Active since at least 2016, the DoNot APT group is a persistent threat, primarily known for targeting government, military, and diplomatic organisations. This group is believed to operate with a focus on South Asian geopolitical interests and has been attributed by several vendors to have links to India. This recent incident, however, reveals a broadening of their operations into Europe.

Trellix’s researchers were able to identify this campaign by blocking the initial email chain, which allowed them to analyse the attack’s Tactics, Techniques, and Procedures (TTPs). Reportedly, the attackers employed a highly deceptive spear-phishing tactic, impersonating European defence officials.

These malicious emails, which mentioned a visit to Bangladesh, aimed to trick targets into clicking on a harmful Google Drive link. This method of using common cloud services for initial infection showcases the group’s adaptability in their approach.

The attack unfolded in several calculated steps. The initial spear-phishing email originated from a Gmail address (int.dte.afd.1@gmailcom). It featured a subject line related to diplomatic activities, specifically “Italian Defence Attaché Visit to Dhaka, Bangladesh.” The attackers even used HTML formatting with UTF-8 encoding to properly display special characters like “é” in “Attaché,” signifying attention to detail to increase legitimacy.

Attackers’ TTPs (Source: Trellix)

Upon clicking the Google Drive link, victims downloaded a malicious RAR archive named ‘SyClrLtr.rar,’ containing an executable file disguised as a PDF (notflog.exe). It deployed a batch file and established persistence, meaning the malware would remain active through a scheduled task set to run every 10 minutes.

The malware involved in this campaign is LoptikMod, a tool exclusively associated with the DoNot APT group since 2018. This malware gathers system details such as CPU model, operating system information, username, and hostname.

This information is then encrypted and sent to a command and control (C2) server, which allows the attackers to maintain communication and potentially exfiltrate sensitive data. It is worth noting that beyond LoptikMod, the DoNot APT group also uses custom-built Windows malware, including backdoors like YTY and GEdit.

The targeting of a European foreign affairs ministry highlights the group’s unwavering interest in collecting sensitive information and its increasing global reach. Such attacks on diplomatic entities are classic examples of espionage operations, aiming to gain unauthorised access to classified state communications, policy documents, and intelligence reports.

Organisations, particularly those in government and diplomacy, are, hence, urged to enhance their cybersecurity measures, including stronger email security, network traffic analysis, and endpoint detection and response (EDR) solutions, to defend against these evolving threats.

DoNot APT Hits European Ministry with New LoptikMod Malware

A new report details how the advanced hacking tool Shellter Elite was leaked and is now being used…

A new report details how the advanced hacking tool Shellter Elite was leaked and is now being used by cybercriminals. Learn about its evasion techniques and the infostealer campaigns.

Shellter Elite, a sophisticated tool for cybersecurity professionals, has fallen into the wrong hands, with its leaked copy being actively used by cybercriminals. This disclosure comes after security researchers at Elastic Security Labs identified its use in widespread attacks, leading to the deployment of several notorious infostealers. This research was shared with Hackread.com.

For your information, Shellter Elite is a specialised program intended for ethical hackers, also known as red teams or penetration testers, to help them test the defences of computer systems by deploying hidden software within normal Windows files, enabling evasion of EDR tools.

Elastic’s technical report highlights SHELLTER’s unique capabilities to evade analysis and detection, including polymorphic obfuscation, unhooking system modules, and encrypting payloads using AES-128 CBC.

The Shellter Project, the company behind the software, confirmed that a company which had recently purchased Shellter Elite licenses had leaked their copy. This breach allowed cybercriminals to use the tool for harmful activities, including spreading infostealer malware (software designed to steal sensitive personal information). Shellter stated this is the first known incident of misuse since their strict licensing model was introduced in February 2023, emphasising their strict vetting process.

Evidence from an underground hacker forum, as seen in a screenshot dated May 16, 2025, indicates the Shellter Elite v11.0 version is being offered to serious buyers. The forum post notes its high cost compared to similar tools like Brute Ratel or Cobalt Strike, and highlights its difficulty in obtaining. This online discussion underscores the black market interest in the leaked software.

Source: Elastic Security Labs

Elastic Security Labs publicly reported on July 3 that multiple hacking groups have been exploiting Shellter Elite v11.0 since at least April 2025. They found that this activity started as early as April, with hackers distributing infostealers like Rhadamanthys, Lumma, and Arechclient2, through YouTube comments and phishing emails.

Activity Timeline (source: Elastic Security Labs)

Elastic observed sophisticated evasion techniques in these malicious campaigns, such as API hashing obfuscation and advanced VM/sandbox and debugger detection. Based on unique license details, Elastic researchers believed the hackers were using a single leaked copy, a fact later confirmed by Shellter.

In response, Shellter has released an updated version, Elite 11.1, which will only be provided to carefully checked customers, specifically excluding the one responsible for the leak. Elastic has also developed new ways to detect payloads created with the older, leaked v11.0 version.

However, Shellter accused Elastic of “reckless and unprofessional” conduct, claiming they prioritised a “surprise exposé” over public safety by withholding details for months. This delay, Shellter noted, nearly resulted in the malicious actor receiving a more evasive update.

While criticising Elastic’s approach, Shellter did thank Devon Kerr from Elastic for providing samples that helped them confirm the customer’s identity. The Shellter Project also apologised to its customers and reaffirmed its commitment to cooperating with law enforcement against cybercriminals.

“The abuse of Shellter Elite is an urgent reminder that every security tool built for ethical offence can be weaponised against the organisations it was meant to protect,” said Ronen Ahdut, Head of Cyops at Cynet. “In this way, the hijacking of Shellter Elite exemplifies a structural vulnerability in the supply chain for offensive cybersecurity tools.”

“As Shellter’s compromise is investigated, cybersecurity leaders must take action to strengthen operational defences and increase vendor oversight,” Ronen emphasised.

This isn’t the first time a tool built for ethical hacking has ended up in the wrong hands. Cobalt Strike is one of the best-known examples, originally made for red teams to test network security, has been cracked and spread through underground forums for years.

Today, cybercriminals and ransomware gangs use it to breach systems and deploy malware, turning a tool meant to help companies protect themselves into something attackers use against them.

Source

HackRead