RESOURCES
Daily cybersecurity briefing
-
FileFix Attack Chain Enables Malicious Script Execution
by Kristina Beek (darkreading) on July 2, 2025
By using social engineering tactics, threat actors are able to manipulate their victims into saving and renaming files that will backfire against them.
-
That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 2, 2025
With nearly 80% of cyber threats now mimicking legitimate user behavior, how are top SOCs determining what’s legitimate traffic and what is potentially dangerous? Where do you turn when firewalls and endpoint detection and […]
-
Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 2, 2025
Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone numbers operated by threat actors. "A significant portion of email threats with PDF […]
-
U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 2, 2025
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has levied sanctions against Russia-based bulletproof hosting (BPH) service provider Aeza Group to assist threat actors in their malicious […]
-
Vercel's v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 2, 2025
Unknown threat actors have been observed weaponizing v0, a generative artificial intelligence (AI) tool from Vercel, to design fake sign-in pages that impersonate their legitimate counterparts. "This observation signals a […]
-
Silver Fox Suspected in Taiwanese Campaign Using DeepSeek Lure
by Robert Lemos, Contributing Writer (darkreading) on July 2, 2025
The attack uses sideloading to deliver a variant of the popular Gh0stRAT malware and lures victims by posing — among other things — as a purported installer for DeepSeek's LLM.
-
Like SEO, LLMs May Soon Fall Prey to Phishing Scams
by Jai Vijayan, Contributing Writer (darkreading) on July 1, 2025
Just as attackers have used SEO techniques to poison search engine results, they could rinse and repeat with artificial intelligence and the responses LLMs generate from user prompts.
-
LevelBlue Acquires Trustwave, Forms World's Largest Independent MSSP
by Jeffrey Schwartz (darkreading) on July 1, 2025
As the largest managed security services provider, the combined entity will offer cyber consulting, managed detection and response, and incident response services.
-
Scope, Scale of Spurious North Korean IT Workers Emerges
by Becky Bracken (darkreading) on July 1, 2025
Microsoft warns thousands of North Korean workers have infiltrated tech, manufacturing, and transportation sectors to steal money and data.
-
Ransomware Reshaped How Cyber Insurers Perform Security Assessments
by Arielle Waldman (darkreading) on July 1, 2025
Cyber-insurance companies were forced to adapt once ransomware skyrocketed and highlighted crucial security weaknesses among organizations in all sectors.
-
We've All Been Wrong: Phishing Training Doesn't Work
by Nate Nelson, Contributing Writer (darkreading) on July 1, 2025
Teaching employees to detect malicious emails isn't really having an impact. What other options do organizations have?
-
DoJ Disrupts North Korean IT Worker Scheme Across Multiple US States
by Kristina Beek (darkreading) on July 1, 2025
The US also conducted searches of 29 "laptop farms" across 16 states and seized 29 financial accounts used to launder funds.
-
Critical Vulnerability in Anthropic's MCP Exposes Developer Machines to Remote Exploits
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 1, 2025
Cybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic's Model Context Protocol (MCP) Inspector project that could result in remote code execution (RCE) […]
-
TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 1, 2025
Cybersecurity researchers have flagged the tactical similarities between the threat actors behind the RomCom RAT and a cluster that has been observed delivering a loader dubbed TransferLoader. Enterprise security firm […]
-
Chrome Zero-Day, 'FoxyWallet' Firefox Attacks Threaten Browsers
by Elizabeth Montalbano, Contributing Writer (darkreading) on July 1, 2025
Separate threats to popular browsers highlight the growing security risk for enterprises presented by the original gateway to the Web, which remains an integral tool for corporate users.
-
The AI Fix #57: AI is the best hacker in the USA, and self-learning AI
by Graham Cluley (Graham Cluley) on July 1, 2025
In episode 57 of The AI Fix, our hosts discover an AI “dream recorder”, Mark Zuckerberg tantalises OpenAI staff with $100 million signing bonuses, Graham finds out why robot butlers sit in chairs, Wikipedia holds the […]
-
How Businesses Can Align Cyber Defenses With Real Threats
by David Meese, Andrew Bayers (darkreading) on July 1, 2025
Companies that understand the motivations of their attackers and position themselves ahead of the competition will be in the best place to protect their business operations, brand reputation, and their bottom line.
-
New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 1, 2025
A new study of integrated development environments (IDEs) like Microsoft Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor has revealed weaknesses in how they handle the extension verification process, ultimately […]
-
50 customers of French bank hit after insider helped SIM swap scammers
by Graham Cluley (Graham Cluley) on July 1, 2025
French police have arrested a business student interning at the bank Société Générale who is accused of helping SIM-swapping scammers to defraud 50 of its clients. Read more in my article on the Hot for Security blog.
-
A New Maturity Model for Browser Security: Closing the Last-Mile Risk
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 1, 2025
Despite years of investment in Zero Trust, SSE, and endpoint protection, many enterprises are still leaving one critical layer exposed: the browser. It’s where 85% of modern work now happens. It’s also where copy/paste […]
-
Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 1, 2025
Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild. The zero-day vulnerability, tracked as CVE-2025-6554 (CVSS score: N/A), has been described as a […]
-
U.S. Arrests Facilitator in North Korean IT Worker Scheme; Seizes 29 Domains and Raids 21 Laptop Farms
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 1, 2025
The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT) worker scheme, leading to the arrest of one individual and the seizure of 29 financial […]
-
Microsoft Removes Password Management from Authenticator App Starting August 2025
by info@thehackernews.com (The Hacker News) (The Hacker News) on July 1, 2025
Microsoft has said that it's ending support for passwords in its Authenticator app starting August 1, 2025. Microsoft’s move is part of a much larger shift away from traditional password-based logins. The company said the […]
-
Scattered Spider Hacking Spree Continues With Airline Sector Attacks
by Jai Vijayan, Contributing Writer (darkreading) on June 30, 2025
Microsoft has called the hacker collective one of the most dangerous current cyber threats.
-
Hired Hacker Assists Drug Cartel in Finding, Killing FBI Sources
by Rob Wright (darkreading) on June 30, 2025
According to a government report, El Chapo's Sinaloa drug cartel used a hacker to spy on people connected to the FBI's 2018 investigation against the kingpin, which led to deadly consequences.
-
Chinese Company Hikvision Banned By Canadian Government
by Kristina Beek (darkreading) on June 30, 2025
Though the company's video surveillance products will be prohibited for government use, individuals and private businesses can still buy the vendor's products.
-
Rethinking Cyber-Risk as Traditional Models Fall Short
by Arielle Waldman (darkreading) on June 30, 2025
Systemic cyber-risk models are not accounting for rapidly evolving threats — and a time when organizations are more interconnected than ever.
-
Airoha Chip Vulns Put Sony, Bose Earbuds & Headphones at Risk
by Kristina Beek (darkreading) on June 30, 2025
The vulnerabilities, which have yet to be published, could allow a threat actor to hijack not only Bluetooth earbuds and headphones but also the devices connected to them.
-
Senator Chides FBI for Weak Advice on Mobile Security
by BrianKrebs (Krebs on Security) on June 30, 2025
Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of […]
-
U.S. Agencies Warn of Rising Iranian Cyber Attacks on Defense, OT Networks, and Critical Infrastructure
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 30, 2025
U.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber attacks from Iranian state-sponsored or affiliated threat actors. "Over the past several months, there has been […]
-
Europol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five Suspects
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 30, 2025
Europol on Monday announced the takedown of a cryptocurrency investment fraud ring that laundered €460 million ($540 million) from more than 5,000 victims across the world. The international effort, codenamed Operation […]
-
AI-Themed SEO Poisoning Attacks Spread Info, Crypto Stealers
by Elizabeth Montalbano, Contributing Writer (darkreading) on June 30, 2025
Malicious websites designed to rank high in Google search results for ChatGPT and Luma AI deliver the Lumma and Vidar infostealers and other malware.
-
Why Cybersecurity Should Come Before AI in Schools
by Crystal Morin (darkreading) on June 30, 2025
The sooner we integrate cybersecurity basics into school curriculum, the stronger and more resilient our children — and their futures — will be.
-
Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 30, 2025
The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66. Trustwave SpiderLabs, in a report published last week, said it was able to make […]
-
Leveraging Credentials As Unique Identifiers: A Pragmatic Approach To NHI Inventories
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 30, 2025
Identity-based attacks are on the rise. Attacks in which malicious actors assume the identity of an entity to easily gain access to resources and sensitive data have been increasing in number and frequency over the last few […]
-
⚡ Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 30, 2025
Ever wonder what happens when attackers don’t break the rules—they just follow them better than we do? When systems work exactly as they’re built to, but that “by design” behavior quietly opens the door to risk? […]
-
When hackers become hitmen
by Graham Cluley (Graham Cluley) on June 29, 2025
So, you think hacking is just about stealing information, extorting ransoms, or wiping out company data? The truth is, sometimes it's about killing people too...
-
FBI Warns of Scattered Spider's Expanding Attacks on Airlines Using Social Engineering
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 28, 2025
The U.S. Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening its targeting footprint to strike the airline sector. To that end, the agency said […]
-
BreachForums broken up? French police arrest five members of notorious cybercrime site
by Graham Cluley (Graham Cluley) on June 28, 2025
Suspected high-ranking members of one of the world's largest online marketplaces for leaked data have been arrested by French police. Read more in my article on the Hot for Security blog.
-
GIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering Tool
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 28, 2025
The threat actor behind the GIFTEDCROOK malware has made significant updates to turn the malicious program from a basic browser data stealer to a potent intelligence-gathering tool. "Recent campaigns in June 2025 demonstrate […]
-
This month in security with Tony Anscombe – June 2025 edition
by WeLiveSecurity on June 28, 2025
From Australia's new ransomware payment disclosure rules to another record-breaking DDoS attack, June 2025 saw no shortage of interesting cybersecurity news
-
Facebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 28, 2025
Facebook, the social network platform owned by Meta, is asking for users to upload pictures from their phones to suggest collages, recaps, and other ideas using artificial intelligence (AI), including those that have not […]
-
Top Apple, Google VPN Apps May Help China Spy on Users
by Nate Nelson, Contributing Writer (darkreading) on June 27, 2025
Apple and Google espouse strong values about data privacy, but they allow programs from a Big Brother state to thrive on their app stores, researchers allege.
-
'CitrixBleed 2' Shows Signs of Active Exploitation
by Kristina Beek (darkreading) on June 27, 2025
If exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while remaining undetected.
-
Scattered Spider Taps CFO Credentials in 'Scorched Earth' Attack
by Rob Wright (darkreading) on June 27, 2025
In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and Snowflake environments, and for the first known time, actively fought back […]
-
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 27, 2025
Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus […]
-
Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover
by Nate Nelson, Contributing Writer (darkreading) on June 27, 2025
Hackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket steering system.
-
Vulnerability Debt: How Do You Put a Price on What to Fix?
by Matt Middleton-Leal (darkreading) on June 27, 2025
Putting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture.
-
PUBLOAD and Pubshell Malware Used in Mustang Panda's Tibet-Specific Attack
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 27, 2025
A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. The spear-phishing attacks leveraged topics related to Tibet, such as the 9th […]
-
US Falling Behind China in Exploit Production
by Robert Lemos, Contributing Writer (darkreading) on June 27, 2025
Cyber operations have become critical to national security, but the United States has fallen behind in one significant area — exploit production — while China has built up a significant lead.
-
Business Case for Agentic AI SOC Analysts
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 27, 2025
Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected to reduce risk […]
-
SafePay ransomware: What you need to know
by Graham Cluley (Graham Cluley) on June 27, 2025
SafePay is a relatively new ransomware that is making a big impact. Find out how it is different from other ransomware, and read more in my article on the Fortra blog.
-
Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 27, 2025
A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The activity has been attributed with […]
-
MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 27, 2025
Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass […]
-
OneClik Red Team Campaign Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 27, 2025
Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and […]
-
'Cyber Fattah' Hacktivist Group Leaks Saudi Games Data
by Kristina Beek (darkreading) on June 27, 2025
As tensions in the Middle East rise, hacktivist groups are coming out of the woodwork with their own agendas, leading to notable shifts in the hacktivist threat landscape.
-
'IntelBroker' Suspect Arrested, Charged in High-Profile Breaches
by Rob Wright (darkreading) on June 26, 2025
A British national arrested earlier this year in France was charged by the US Department of Justice in connection with a string of major cyberattacks.
-
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 26, 2025
Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry ("open-vsx[.]org") that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code […]
-
How Geopolitical Tensions Are Shaping Cyber Warfare
by Andrew Costis (darkreading) on June 26, 2025
In today's cyber battlefield, resilience starts with readiness, and the cost of falling short increases by the day.
-
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 26, 2025
Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary […]
-
New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 26, 2025
The ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of 2024 and the first half of this year, according to data from ESET. "The list of […]
-
The Hidden Risks of SaaS: Why Built-In Protections Aren't Enough for Modern Data Resilience
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 26, 2025
SaaS Adoption is Skyrocketing, Resilience Hasn’t Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. […]
-
ESET Threat Report H1 2025
by WeLiveSecurity on June 26, 2025
A view of the H1 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
-
Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 26, 2025
An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer […]
-
Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 26, 2025
Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain […]
-
CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 26, 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) […]
-
Charming Kitten APT Tries Spying on Israeli Cybersecurity Experts
by Nate Nelson, Contributing Writer (darkreading) on June 26, 2025
Israel's cyber pros are having to put theory into practice, as a notorious nation-state APT sponsored by Iran targets them with spear-phishing attacks.
-
WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 26, 2025
Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature, called Message Summaries, is […]
-
Smashing Security podcast #423: Operation Endgame, deepfakes, and dead slugs
by Graham Cluley (Graham Cluley) on June 25, 2025
In this episode of the "Smashing Security" podcast, Graham unravels Operation Endgame - the surprisingly stylish police crackdown that is seizing botnets, mocking malware authors with anime videos, and taunting […]
-
Cloud Repatriation Driven by AI, Cost, and Security
by Arielle Waldman (darkreading) on June 25, 2025
Organizations are moving away from the public cloud and embracing a more hybrid approach due to big changes over the past five years.
-
Hackers breach Norwegian dam
by Graham Cluley (Graham Cluley) on June 25, 2025
A group of hackers gained remote access to a hydroelectric dam’s control systems in Norway and fully opened a drainage valve, releasing a large amount of water.
-
And Now Malware That Tells AI to Ignore It?
by Jai Vijayan, Contributing Writer (darkreading) on June 25, 2025
Though rudimentary and largely non-functional, the wryly named "Skynet" binary could be a harbinger of things to come on the malware front.
-
Taming Agentic AI Risks Requires Securing Non-Human Identities
by Robert Lemos, Contributing Writer (darkreading) on June 25, 2025
As the definition of machine identities broadens, AI agents working on behalf of users and gaining access to various services blurs the lines of non-human identities even more.
-
Millions of Brother Printers Hit by Critical, Unpatchable Bug
by Alexander Culafi (darkreading) on June 25, 2025
A slew of vulnerabilities, including a critical CVSS 9.8 that enables an attacker to generate the default admin password, affect hundreds of printer, scanner, and label-maker models made by manufacturer Brother.
-
CISA Is Shrinking: What Does It Mean for Cyber?
by Dark Reading Staff (darkreading) on June 25, 2025
Dark Reading Confidential Episode 7: Cyber experts Tom Parker and Jake Williams offer their views on the practical impact of cuts to the US Cybersecurity and Infrastructure Security Agency.
-
nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 25, 2025
New research has uncovered continued risk from a known security weakness in Microsoft's Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications. […]
-
Dire Wolf Ransomware Comes Out Snarling, Bites Technology, Manufacturing
by Elizabeth Montalbano, Contributing Writer (darkreading) on June 25, 2025
The emerging group has already gotten its teeth into 16 victims since May with its double extortion tactics, claiming victims in 11 countries, including the US, Thailand, and Taiwan.
-
Hundreds of MCP Servers Expose AI Models to Abuse, RCE
by Nate Nelson, Contributing Writer (darkreading) on June 25, 2025
The servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks.
-
Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 25, 2025
Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9.2 out of a maximum […]
-
Generative AI Exacerbates Software Supply Chain Risks
by Georgianna Shea, Elaine Ly (darkreading) on June 25, 2025
Malicious actors are exploiting AI-fabricated software components — presenting a major challenge for securing software supply chains.
-
Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 25, 2025
Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information […]
-
XOR Marks the Flaw in SAP GUI
by Jai Vijayan, Contributing Writer (darkreading) on June 25, 2025
The company has patched two vulnerabilities in its Graphical User Interface that would have allowed attackers to grab data from a user's input history feature.
-
Apple Wallet just went full Bono (but with Brad Pitt this time)
by Graham Cluley (Graham Cluley) on June 25, 2025
Apple has spammed millions of iPhones with a promotion for Brad Pitt's new (Apple-backed) F1 movie.
-
Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 25, 2025
Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah. Cybersecurity company Resecurity said the breach […]
-
Beware the Hidden Risk in Your Entra Environment
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 25, 2025
If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk. A gap in access control in Microsoft Entra’s subscription handling is allowing guest users to create and transfer […]
-
Cybercrime is surging across Africa
by Graham Cluley (Graham Cluley) on June 25, 2025
A new INTERPOL report has sounded the alarm over a dramatic increase in cybercrime across Africa, with digital crime now accounting for a significant proportional of all criminal activity across the continent. Read more […]
-
SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 25, 2025
Unknown threat actors have been distributing a trojanized version of SonicWall's SSL VPN NetExtender application to steal credentials from unsuspecting users who may have installed it. "NetExtender enables remote users to […]
-
North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 25, 2025
Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation originating from North Korea. According to Socket, the ongoing supply chain attack […]
-
Africa Sees Surge in Cybercrime as Law Enforcement Struggles
by Robert Lemos, Contributing Writer (darkreading) on June 25, 2025
Cybercrime accounts for more than 30% of all reported crime in East Africa and West Africa, with online scams, ransomware, business email compromise, and digital sextortion taking off.
-
Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 25, 2025
Microsoft on Tuesday announced that it's extending Windows 10 Extended Security Updates (ESU) for an extra year by letting users either pay a small fee of $30 or by sync their PC settings to the cloud. The development comes […]
-
Threat Actor Trojanizes Copy of SonicWall NetExtender VPN App
by Alexander Culafi (darkreading) on June 24, 2025
A threat actor hacked a version of SonicWall's NetExtender SSL VPN application in an effort to trick users into installing a Trojanized version of the product.
-
China-Nexus 'LapDogs' Network Thrives on Backdoored SOHO Devices
by Rob Wright (darkreading) on June 24, 2025
The campaign infected devices in the US and Southeast Asia to build an operational relay box (ORB) network for use as an extensive cyber-espionage infrastructure.
-
New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 24, 2025
The United States Embassy in India has announced that applicants for F, M, and J nonimmigrant visas should make their social media accounts public. The new guideline seeks to help officials verify the identity and […]
-
Steel Giant Nucor Confirms Data Stolen in Cyberattack
by Kristina Beek (darkreading) on June 24, 2025
America's largest steel producer initially disclosed the breach in May and took potentially affected systems offline to investigation the intrusion and contain any malicious activity.
-
The AI Fix #56: ChatGPT traps man in a cult of one, and AI is actually stupid
by Graham Cluley (Graham Cluley) on June 24, 2025
In episode 56 of The AI Fix, Anthropic and Apple have a bar fight, a woman describes her husband falling in love with ChatGPT as “not ideal”, WhatsApp's AI helper isn't helpful, Graham serenades a pack of headless robot […]
-
Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 24, 2025
Cybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets. The methods take advantage of the design of various common mining topologies in order to shut down the […]
-
How the US Military Is Redefining Zero Trust
by Kelly Davis (darkreading) on June 24, 2025
Trust no longer comes from network boundaries alone but from continuously validating and protecting data and identities at every interaction.
-
Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers
by info@thehackernews.com (The Hacker News) (The Hacker News) on June 24, 2025
Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials. Positive Technologies, in a new analysis […]
-
Aflac, one of the USA’s largest insurers, is the latest to fall “under siege” to hackers
by Graham Cluley (Graham Cluley) on June 24, 2025
The Wall Street Journal reports that Aflac is investigating a breach that may have exposed claims information, health details, Social Security numbers, and other personal data.
-
Oh! Canada Added to List of Nations Targeted in Salt Typhoon Telecom Spree
by Elizabeth Montalbano, Contributing Writer (darkreading) on June 24, 2025
The Canadian Center for Cybersecurity has confirmed that the Chinese state-sponsored cyber-threat actor targeted one of its telecommunications companies in February via a Cisco flaw, as part of global attack wave.
Get started protecting your organization today
Tell us a little about yourself, and a member from D2 Cybersecurity we’ll be in touch right away.