🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
30 MayApache Tomcat CGI Servlet Flaw Enables Security Constraint BypassA newly disclosed vulnerability, CVE-2025-46701, has been identified in Apache Tomcat’s CGI servlet, allowing attackers to bypass security constraints under specific conditions. The flaw, announced on May 29, 2025, is rooted in the improper handling of case sensitivity within the…GBHACKERS.COM
30 MayCritical Cisco IOS XE Flaw Permits Arbitrary File Upload — PoC ReleasedA critical security vulnerability, tracked as CVE-2025-20188, has been discovered in Cisco IOS XE Wireless LAN Controllers (WLCs), threatening enterprise wireless infrastructures worldwide. This flaw, scoring a maximum 10.0 on the CVSS scale, allows unauthenticated remote attacke…GBHACKERS.COM
30 MayNext.js Dev Server Vulnerability Leads to Developer Data ExposureA recently disclosed vulnerability, CVE-2025-48068, has raised concerns among developers using the popular Next.js framework. This flaw, affecting versions 13.0.0 through 15.2.1 when the App Router is enabled, allows attackers to exploit the development server via Cross-site WebS…GBHACKERS.COM
30 MayMICI NetFax Server Flaws Allow Attackers to Execute Remote CodeIn a recent security advisory, Rapid7 has disclosed three severe vulnerabilities in MICI Network Co., Ltd’s NetFax Server, affecting all versions before 3.0.1.0. These flaws—CVE-2025-48045, CVE-2025-48046, and CVE-2025-48047—allow attackers to gain root-level access through a cha…GBHACKERS.COM
30 MayNew botnet hijacks AI-powered security tool on Asus routersA newly uncovered botnet is targeting Asus routers — specifically models RT-AC3100 and RT-AC3200 — to hijack and repurpose a built-in, AI-powered security feature. The campaign, detected by GreyNoise in March 2025, employs a multi-stage approach to compromise devices and establis…CSOONLINE.COM
30 MayCritical Icinga 2 Vulnerability Allows Attackers to Obtain Valid CertificatesA critical vulnerability (CVE-2025-48057) has been discovered in Icinga 2, the widely used open-source monitoring platform. The flaw, affecting installations built with OpenSSL versions older than 1.1.0, could allow attackers to obtain valid certificates from the Icinga Certifica…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 25[−]
30 MayU.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ ScamsThe U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams, commonly known as “pig butchering." In January 2…KREBSONSECURITY.COM
30 MaySecuring Windows 11 and Server 2025: What CISOs should know about the latest updatesWindows 11 24H2 and Server 2025 are rolling out new features and enhancements — some of which are aimed to better help you harden your network, while others will need to be reviewed to ensure they don’t undercut your network’s security. Here’s what CISOs should know about the lat…CSOONLINE.COM
30 MayConnectWise Hit by Cyberattack; Nation-State Actor Suspected in Targeted BreachConnectWise, the developer of remote access and support software ScreenConnect, has disclosed that it was the victim of a cyber attack that it said was likely perpetrated by a nation-state threat actor. "ConnectWise recently learned of suspicious activity within our environment t…THEHACKERNEWS.COM
30 MayNorth Korean IT Workers Exploit Legitimate Software and Network Tactics to Evade EDRA North Korean IT worker, operating under a false identity, was uncovered infiltrating a Western organization with a sophisticated remote-control system. This incident, exposed during a U.S. federal raid on a suspected laptop farm, showcases a chilling trend where adversaries lev…GBHACKERS.COM
30 MayPasswortlose Authentifizierung wird für CISOs immer wichtigerSelbst MFA ist vor raffinierten, KI-gesteuerten Phishing-Angriffen nicht sicher. Biometrische Verfahren gelten als vielversprechende Alternative. CC7 – shutterstock.com Die rasante Entwicklung von KI-Agenten eröffnet Cyberkriminellen neue Angriffsmöglichkeiten, die insbesondere f…CSOONLINE.COM
30 MaySafari Flaw Exploited by BitM Attack to Steal User Login DataA new wave of phishing attacks, known as Fullscreen Browser-in-the-Middle (BitM) attacks, is exploiting browser features to steal user credentials with unprecedented stealth. Unlike traditional phishing, which relies on fake websites and visible clues, BitM attacks leverage remot…GBHACKERS.COM
30 MayVoid Blizzard nimmt NATO-Organisationen ins VisierRussische Hacker ändern ihre Taktik von Passwort-Spraying zu Phishing, aber ihre Ziele innerhalb der NATO bleiben gleich. PX Media – Shutterstock.com Seit über einem Jahr hat es eine neue Cyberspionage-Gruppe, die mit der russischen Regierung in Verbindung stehen soll, auf Untern…CSOONLINE.COM
30 MayNovel PumaBot slips into IoT surveillance with stealthy SSH break-insSecurity researchers are warning about a novel Linux botnet, dubbed PumaBot, targeting Internet of Things (IOT) surveillance devices. According to a DarkTrace observation, the botnet >bypasses the usual playbook of conducting internet-wide scanning and instead brute-forces secure…CSOONLINE.COM
30 MayConnectWise Discloses Suspected State-Sponsored HackThe IT software provider says ScreenConnect users were impacted by the attack, which exploited a high-severity ASP.NET vulnerability. The post ConnectWise Discloses Suspected State-Sponsored Hack appeared first on SecurityWeek .SECURITYWEEK.COM
30 MayHackers Use AI-Generated Videos on TikTok to Spread Info-Stealing MalwareTrendMicro has uncovered a sophisticated campaign where threat actors are exploiting TikTok to distribute information-stealing malware. By leveraging AI-generated videos posing as tutorials for unlocking pirated software, cybercriminals trick unsuspecting viewers into executing m…GBHACKERS.COM
30 MayChinese Hacking Group APT41 Exploits Google Calendar to Target GovernmentsChina-linked hackers used a compromised government site to target other government entities with the ToughProgress malware that uses an attacker-controlled Google Calendar for C&C. The post Chinese Hacking Group APT41 Exploits Google Calendar to Target Governments appeared f…SECURITYWEEK.COM
30 MayChina-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and BrazilThe China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in Brazil, India, and Southeast Asia since 2023. "The threat actor mainly targets the SQL …THEHACKERNEWS.COM
30 MayHackers Use Gh0st RAT to Hijack Internet Café Systems for Crypto MiningHackers have been targeting Internet cafés in South Korea since the second half of 2024, exploiting specialized management software to install malicious tools for cryptocurrency mining. According to a detailed report from AhnLab SEcurity intelligence Center (ASEC), the attackers,…GBHACKERS.COM
30 MayOver 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Pluginsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/05/over-100000-wordpress-sites-at-risk.htmlSH.ITJUST.WORKS
30 MayAttackers Exploit Microsoft Entra Billing Roles to Escalate PrivilegesA recent discovery by security researchers at BeyondTrust has revealed a critical, yet by-design, security gap in Microsoft Entra ID that could allow external guest users to gain powerful control over Azure environments. Contrary to common assumptions, Entra B2B guest accounts—ty…GBHACKERS.COM
30 MayBeware: Weaponized AI Tool Installers Infect Devices with RansomwareCisco Talos has uncovered a series of malicious threats masquerading as legitimate AI tool installers, targeting unsuspecting users and businesses across multiple industries. These threats, including the CyberLock and Lucky_Gh0$t ransomware families, along with a newly identified…GBHACKERS.COM
30 MayThreat Actors Exploit Google Apps Script to Host Phishing SitesThe Cofense Phishing Defense Center has uncovered a highly strategic phishing campaign that leverages Google Apps Script a legitimate development platform within Google’s ecosystem to host deceptive phishing pages. This attack, masquerading as an invoice email, exploits the inher…GBHACKERS.COM
30 MaySustaining Digital Certificate Security - Upcoming Changes to the Chrome Root StorePosted by Chrome Root Program, Chrome Security Team Note: Google Chrome communicated its removal of default trust of Chunghwa Telecom and Netlock in the public forum on May 30, 2025. The Chrome Root Program Policy states that Certification Authority (CA) certificates included in …SECURITY.GOOGLEBLOG.COM
30 MayPolice takes down AVCheck site used by cybercriminals to scan malwareAn international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their malware is detected by commercial antivirus software before deploying it in the wild. [...]BLEEPINGCOMPUTER.COM
30 MayAttackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational EnvironmentsA startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID and Azure environments, where attackers can exploit lesser-known billing roles to escalate privileges within organizational tenants. This sophisticated attack vector lever…GBHACKERS.COM
30 MayChina-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazilsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/05/china-linked-hackers-exploit-sap-and.htmlSH.ITJUST.WORKS
30 MayNew Browser Exploit Technique Undermines Phishing Detection - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/browser-exploit-technique/SH.ITJUST.WORKS
30 MayU.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams – Krebs on Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://krebsonsecurity.com/2025/05/u-s-sanctions-cloud-provider-funnull-as-top-source-of-pig-butchering-scams/SH.ITJUST.WORKS
30 MayApple Had Lockdown Mode… Now Android Hits BACK! ⚔️Android just fired back at Apple’s lockdown mode with a powerful new update in Android 16. In this short, Paul breaks down the cutting-edge “Advanced Protection” features—from blocking 2G networks and insecure Wi-Fi to memory tagging that shuts down use-after-free exploits. It ev…YOUTUBE.COM
30 May KEVHackers are exploiting critical flaw in vBulletin forum softwareTwo critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. [...]BLEEPINGCOMPUTER.COM
📋 SECURITY BULLETINS 1[−]
30 MayWindows 11 Security Update for 22H2 & 23H2 May Cause Recovery ErrorsA recent Windows 11 security update, KB5058405, released on May 13, 2025, has caused significant boot failures for some users running Windows 11 versions 22H2 and 23H2—especially in enterprise and virtual environments. Affected systems display a recovery error with code 0xc000009…GBHACKERS.COM
📢 SECURITY ADVISORIES 9[−]
30 MayHackerangriff auf Außenministerium alarmiert Nato und EUsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/05/shutterstock_2420504331.jpg?quality=50&strip=all 4997w, https://b2b-contenthub.com/wp-content/uploads/2025/05/shutterstock_2420504331.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
30 MayU.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto FraudThe U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based company named Funnull Technology Inc. and its administrator Liu Lizhi for providing infrastructure to conduct romance baiting scams that led to massive crypt…THEHACKERNEWS.COM
30 MayCISA Releases Guidance on SIEM and SOAR ImplementationThe guidance outlines the benefits and challenges or SIEM and SOAR platforms, and shares implementation recommendations. The post CISA Releases Guidance on SIEM and SOAR Implementation appeared first on SecurityWeek .SECURITYWEEK.COM
30 MayDamascened Peacock: Russian hackers targeted UK Ministry of DefenceThe UK’s Ministry of Defence has revealed that it was the target of a sophisticated cyber attack that saw Russia-linked hackers pose as journalists. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
30 MayRussian-linked hackers target UK Defense Ministry while posing as journalistssubmitted by kid to cybersecurity 1 points | 0 comments https://kyivindependent.com/russian-linked-hackers-targeted-uk-defense-ministry-while-posing-as-journalists/SH.ITJUST.WORKS
30 MayCISA Releases Guidance on SIEM and SOAR Implementation - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/cisa-releases-guidance-on-siem-and-soar-implementation/SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 16[−]
30 MayCybersecurity Today: Hijacker Scams, Ransomware Attacks, and Summer Travel ThreatsIn this episode of Cybersecurity Today, host Jim Love covers critical updates in the world of cyber threats. The FBI warns of hijackers posing as IT support to infiltrate law firms, a Wisconsin city reveals a ransomware attack affecting 67,000 residents, and a Texas city refuses …CYBERSECURITYTODAY.LIBSYN.COM
30 MaySentinelOne Recovers: Platform Back Online After Extended OutageOn May 29, 2025, SentinelOne, a leading cybersecurity provider, experienced a significant platform outage that disrupted access to its commercial customer consoles worldwide. The incident began earlier in the day and was promptly acknowledged by SentinelOne, which communicated up…GBHACKERS.COM
30 MayConnectWise Hit by Advanced Cyberattack: Internal Data at RiskConnectWise, a leading provider of IT management and remote access software, has confirmed a cyberattack attributed to a sophisticated nation-state actor. The breach, discovered in May 2025, impacted a limited number of customers using the company’s ScreenConnect cloud platform, …GBHACKERS.COM
30 MayInterlock ransomware: what you need to know"We don’t just want payment; we want accountability." The malicious hackers behind the Interlock ransomware try to justify their attacks. Learn more about what you need to know about Interlock in my article on the Tripwire State of Security blog.TRIPWIRE.COM
30 MayHackerangriff auf Arcona Hotelssrcset="https://b2b-contenthub.com/wp-content/uploads/2025/05/vju-ruegen-hotel-ausblick.jpg?quality=50&strip=all 1742w, https://b2b-contenthub.com/wp-content/uploads/2025/05/vju-ruegen-hotel-ausblick.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenth…CSOONLINE.COM
30 MayNew Study Uncovers Multiple Vulnerabilities in WeChat and IM AppsInstant messaging (IM) applications like WeChat have become indispensable for billions, facilitating not only communication but also payments, business, and personal data exchange. However, their ubiquity and complexity make them prime targets for sophisticated cyberattacks. This…GBHACKERS.COM
30 MayWhy Cyber Pros Need Better Communication 🧠💬In the cybersecurity world, coding skills aren’t enough anymore. This short dives into why written and oral communication is now a must-have for every cyber professional. From documenting incidents to explaining architecture decisions, clear communication is becoming just as crit…YOUTUBE.COM
30 MayGermany doxxes Conti ransomware and TrickBot ring leaderThe Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and Conti cybercrime gangs, is a 36-year-old Russian named Vitaly Nikolaevich Kovalev. [...]BLEEPINGCOMPUTER.COM
30 MayGetting Exposure Management Right: Insights from 500 CISOsPentesting isn't just about finding flaws — it's about knowing which ones matter. Pentera's 2025 State of Pentesting report uncovers which assets attackers target most, where security teams are making progress, and which exposures still fly under the radar. Focus on reducing brea…BLEEPINGCOMPUTER.COM
30 MayWhite House investigating how Trump’s chief of staff’s phone was hackedHackers reportedly accessed Wiles' phone contacts, which were used to impersonate her.TECHCRUNCH.COM
30 MayMandatory Ransomware Payment Disclosure Begins in Australia - Infosecurity Magazinesubmitted by kid to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/ransomware-payment-disclosure/SH.ITJUST.WORKS
30 MayThe Hidden Danger in Your Login Credentials!Cybersecurity experts are sounding the alarm—your login credentials might be the biggest security risk you’re overlooking! With identity-related attacks on the rise, companies like MGM have faced massive breaches, proving that traditional security measures aren’t enough. So, why …YOUTUBE.COM
30 MayThreat Actor Claims TikTok Breach, Puts 428 Million Records Up for Salesubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/threat-actor-tiktok-breach-428-million-records-sale/SH.ITJUST.WORKS
30 MayConnectWise breached in cyberattack linked to nation-state hackerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/connectwise-breached-in-cyberattack-linked-to-nation-state-hackers/SH.ITJUST.WORKS
30 MayVictoria’s Secret takes down website after security incidentsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/victorias-secret-takes-down-website-after-security-incident/SH.ITJUST.WORKS
30 MayThe Dark Web Wants Your Credentials!Cybersecurity experts are in for a chilling wake-up call. In this short, ChannelE2E and Flare team up to reveal just how quickly credentials can end up on the dark web. Real-time demos of InfoStealer malware and account takeovers show exactly how attackers operate—and how identit…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 26[−]
30 MayISC Stormcast For Friday, May 30th, 2025 https://isc.sans.edu/podcastdetail/9472, (Fri, May 30th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
30 MayNew Rust-Based InfoStealer Uses Fake CAPTCHA to Deliver EDDIESTEALERA newly discovered Rust-based infostealer, dubbed EDDIESTEALER, has been uncovered by Elastic Security Labs, spreading through a sophisticated social engineering tactic involving fake CAPTCHA verification pages. Mimicking legitimate CAPTCHA systems like Google’s reCAPTCHA, …GBHACKERS.COM
30 MayRSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visibleNon-human service accounts have quietly become one of the biggest liabilities in enterprise security. Related: Why identity is the cornerstone of cyber defense These machine credentials — used to automate connections between systems — now outnumber humans by 30 to … (more…)…LASTWATCHDOG.COM
30 MayWeaponized PyPI Package Executes Supply Chain Attack to Steal Solana Private KeysA chilling discovery by Socket’s Threat Research Team has exposed a meticulously crafted supply chain attack on the Python Package Index (PyPI), orchestrated by a threat actor using the alias “cappership.” The attack leverages a malicious package named semantic-types …GBHACKERS.COM
30 MayNovel Malware Evades Detection by Skipping PE Header in WindowsResearchers have identified a sophisticated new strain of malware that bypasses traditional detection mechanisms by entirely omitting the Portable Executable (PE) header in Windows environments. This innovative evasion tactic represents a significant shift in how malicious softwa…GBHACKERS.COM
30 MayWhy Take9 Won’t Improve CybersecurityThere’s a new cybersecurity awareness campaign: Take9. The idea is that people—you, me, everyone—should just pause for nine seconds and think more about the link they are planning to click on, the file they are planning to download, or whatever it is they are pl…SCHNEIER.COM
30 MayMITRE Publishes Post-Quantum Cryptography Migration RoadmapThe roadmap provides an overview of four key stages of the migration process, namely preparation, baseline understanding, planning and execution, and monitoring and evaluation. The post MITRE Publishes Post-Quantum Cryptography Migration Roadmap appeared first on SecurityWeek .SECURITYWEEK.COM
30 MayYour KnowBe4 Fresh Content Updates from May 2025Check out the 25 new pieces of training content added in May, alongside the always fresh content update highlights, new features and events. KNOWBE4.COM
30 MayMalware Analysis Reveals Sophisticated RAT With Corrupted Headerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/rat-corrupted-headers/SH.ITJUST.WORKS
30 MayMicrosoft Reveals Techniques for Defending Against Evolving AiTM AttacksMicrosoft has exposed the escalating sophistication of phishing attacks, particularly focusing on Adversary-in-the-Middle (AiTM) techniques that are becoming a cornerstone of modern cyber threats. As organizations increasingly adopt multifactor authentication (MFA), passwordless …GBHACKERS.COM
30 MayUnimed's chat leak exposes health secrets | Cybernewssubmitted by kid to cybersecurity 2 points | 0 comments https://cybernews.com/security/unimed-brazil-healthcare-data-leak/SH.ITJUST.WORKS
30 MayCybersecurity Isn’t Technical—Wait, What??Most cybersecurity leaders see themselves as tech experts first—but what if that mindset is holding them back? In this clip, Jason flips the narrative, arguing that true cyber leadership starts with business thinking, not just technical skills. Joined by Summer Craze Fowler and B…YOUTUBE.COM
30 MayPure Crypter Uses Multiple Evasion Methods to Bypass Windows 11 24H2 Security FeaturesPure Crypter, a well-known malware-as-a-service (MaaS) loader, has been recognized as a crucial tool for threat actors targeting Windows-based systems in a thorough technical research carried out by eSentire’s Threat Response Unit (TRU) during 2024 and 2025. This loader, fa…GBHACKERS.COM
30 MayUS Sanctions Philippine Company for Supporting Crypto ScamsThe US Treasury Department US has slapped sanctions on Funnull Technology for providing support to cryptocurrency investment scams. The post US Sanctions Philippine Company for Supporting Crypto Scams appeared first on SecurityWeek .SECURITYWEEK.COM
30 MayFirebase, Google Apps Script Abused in Fresh Phishing CampaignsSecurity researchers flag two phishing campaigns abusing Firebase and Google Apps Script to host malware and fake login pages. The post Firebase, Google Apps Script Abused in Fresh Phishing Campaigns appeared first on SecurityWeek .SECURITYWEEK.COM
30 MayNew EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser DataA new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification pages. "This campaign leverages deceptive CAPTCHA verification pages that trick users int…THEHACKERNEWS.COM
30 MayUS Banks Urge SEC to Repeal Cyber Disclosure Rule - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/us-banks-sec-repeal-cyber/SH.ITJUST.WORKS
30 MayDadsec Hacker Group Uses Tycoon2FA Infrastructure to Steal Office365 CredentialsCybersecurity researchers from Trustwave’s Threat Intelligence Team have uncovered a large-scale phishing campaign orchestrated by the notorious hacker group Storm-1575, also known as “Dadsec.” Since September 2023, this group has been leveraging a Phishing-as-a-Servi…GBHACKERS.COM
30 MayCybersecurity Firm SentinelOne Suffers Major Outagesubmitted by kid to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.com/cybersecurity-firm-sentinelone-suffers-major-outage-a-28554SH.ITJUST.WORKS
30 MayThreat actors abuse Google Apps Script in evasive phishing attackssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/threat-actors-abuse-google-apps-script-in-evasive-phishing-attacks/SH.ITJUST.WORKS
30 MayNew EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Datasubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2025/05/eddiestealer-malware-uses-clickfix.htmlSH.ITJUST.WORKS
30 MayMITRE Publishes Post-Quantum Cryptography Migration Roadmap - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/mitre-publishes-post-quantum-cryptography-migration-roadmap/SH.ITJUST.WORKS
30 MayFriday Night & Suddenly… Kim. Freakin’. suky. 💣 #cyberpanicWhen most people are winding down on a Friday night, cybersecurity professionals are bracing for chaos. In this hilarious short, a routine evening takes a wild turn when a CISO suddenly drops the name "Kimsuky" in an email — and the panic hits mid-bourbon. This moment captures th…YOUTUBE.COM
30 MayThey Made Gold in a Lab… But at What Cost? ⚡Scientists actually made real gold in a lab… but it cost them 800 megawatts of power and only produced 29 picograms — that’s less than a grain of dust. In this short, cybersecurity pros react to this mind-blowing experiment, comparing it to modern-day alchemy. From radioactive si…YOUTUBE.COM
30 MayEdge, Safari, CISO Pay and Loathing, Fake AI, ASUS, OneDrive, Manus, Aaran Leyland... - SWN #481Edge, Safari, CISO Pay and Loathing, Fake AI, ASUS, OneDrive, Manus, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-481YOUTUBE.COM
30 May37 Workflows for One Job… Welcome to SOC HellIn the world of cybersecurity, no two SOCs are the same—but is that a strength or a fatal flaw? This short explores the insane reality where security teams build 37 different phishing workflows... just to do the same task. Adrian Sanabria breaks down the hidden cost of over-custo…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
30 MayMeta Disrupts Influence Ops Targeting Romania, Azerbaijan, and Taiwan with Fake PersonasMeta on Thursday revealed that it disrupted three covert influence operations originating from Iran, China, and Romania during the first quarter of 2025. "We detected and removed these campaigns before they were able to build authentic audiences on our apps," the social media gia…THEHACKERNEWS.COM
30 MayThis month in security with Tony Anscombe – May 2025 editionFrom a flurry of attacks targeting UK retailers to campaigns corralling end-of-life routers into botnets, it's a wrap on another month filled with impactful cybersecurity newsWELIVESECURITY.COM
📡 INFOSEC NEWS 5[−]
30 MayUsage of "passwd" Command in DShield Honeypots, (Fri, May 30th)DShield honeypots &#;x26;#;x5b;1&#;x26;#;x5d; receive different types of attack traffic and the volume of that traffic can change over time. I&#;x26;#;39;ve been collecting data from a half dozen …ISC.SANS.EDU
30 MayFrom the "Department of No" to a "Culture of Yes": A Healthcare CISO's Journey to Enabling Modern CareBreaking Out of the Security Mosh Pit When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn't mince words: "Healthcare loves to walk backwards into the future. And this is how we got here, because there are a lot of things that w…THEHACKERNEWS.COM
30 MayThis 1940s War Strategy is Still Protecting Your Data!In the heat of World War II, the military needed a way to ensure their munitions worked flawlessly in battle. This led to the creation of Acceptable Quality Limits (AQL), a statistical testing method that is now an ISO standard used across industries—including cybersecurity! Toda…YOUTUBE.COM
30 MayMicrosoft now testing Notepad text formatting in Windows 11Microsoft announced today that the Windows 11 Notepad application is getting a text formatting feature supporting Markdown-style input. [...]BLEEPINGCOMPUTER.COM
30 MayUS “insider threat” cybersecurity worker arrested… as insider threatThe wrong way to get out of Trump's America.ARSTECHNICA.COM