100Articles
9Categories
2025-06-02Date
🚨 CISA KEV 2[−]
2 Jun KEVCISA Urged to Enrich KEV Catalog with More Contextual Data - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/cisa-urged-enrich-kev-catalog/SH.ITJUST.WORKS
2 Jun KEVCISA Adds Five Known Exploited Vulnerabilities to CatalogCISA added five new vulnerabilities to its  Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2021-32030 ASUS Routers Improper Authentication Vulnerability CVE-2023-39780  ASUS RT-AX55 Routers OS Command Injection Vulnerabilit…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
2 JunNew Linux Security Bugs Could Expose Password Hashes Across Millions of DevicesThe Qualys Threat Research Unit (TRU) has disclosed two significant local information disclosure vulnerabilities—CVE-2025-5054 and CVE-2025-4598—impacting the core-dump handlers Apport and systemd-coredump on millions of Linux systems. These race-condition vulnerabilities could e…GBHACKERS.COM
2 JunActive Exploits Detected Targeting Critical vBulletin VulnerabilityTwo critical vulnerabilities—CVE-2025-48827 and CVE-2025-48828—have been assigned to vBulletin, the widely used PHP/MySQL forum software, following public disclosure and observed exploitation in the wild. The flaws, affecting vBulletin versions 5.0.0 through 6.0.3, enable unauthe…GBHACKERS.COM
2 JunTechnical Details Published for Critical Cisco IOS XE VulnerabilityThe critical flaw, tracked as CVE-2025-20188 (CVSS score of 10/10), allows attackers to execute arbitrary code remotely. The post Technical Details Published for Critical Cisco IOS XE Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunCritical Denodo Scheduler Flaw Allows Remote Code Execution by AttackersDenodo, a provider of logical data management software, recently faced a critical security vulnerability in its Denodo Scheduler product. This vulnerability, tracked as CVE-2025-26147, allows authenticated users to perform remote code execution (RCE) on affected systems, posing s…GBHACKERS.COM
2 Jun KEVvBulletin Vulnerability Exploited in the WildExploitation of the vBulletin vulnerability tracked as CVE-2025-48827 and CVE-2025-48828 started shortly after disclosure. The post vBulletin Vulnerability Exploited in the Wild appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunRealtek Bluetooth Driver Flaw Allows Attackers to Delete Any File on Windows SystemsA high-severity security vulnerability has been identified in the Realtek Bluetooth Host Controller Interface (HCI) Adaptor, raising significant concerns for device manufacturers and end-users. The flaw, tracked as CVE-2024-11857, was disclosed on June 2, 2025, and published in b…GBHACKERS.COM
2 JunIBM DataStage Bug Exposes Database Credentials in Plain TexA recently disclosed vulnerability in IBM InfoSphere DataStage, tracked as CVE-2025-1499, has raised concerns across the enterprise data management sector. The flaw centers on the cleartext storage of sensitive credential information, potentially exposing database authentication …GBHACKERS.COM
2 JunQualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPUQualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, targeted attacks in the wild. The flaws in question, which were responsibly disclosed to the company by the Google Android Security team, are listed below …THEHACKERNEWS.COM
2 JunPreinstalled Android Apps Found Leaking PINs and Executing Malicious CommandsOn May 30, 2025, CERT Polska coordinated the public disclosure of three significant security vulnerabilities affecting preinstalled Android applications on smartphones from Ulefone and Krüger&Matz. These flaws, tracked as CVE-2024-13915, CVE-2024-13916, and CVE-2024-13917, ex…GBHACKERS.COM
2 JunPreinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PINThree security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed on the device to perform a factory reset and encrypt an application. A brief description of the three flaws is …THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 24[−]
2 JunZero-Knowledge-Protokoll: Was Sie über zk-SNARK wissen solltenZero-Knowledge-Protokolle wie zk-SNARK nutzen die kleinstmögliche Informationsmenge zur Authentifizierung. Nomad Soul | shutterstock.com Unter den Zero-Knowledge-Protokollen nimmt zk-SNARK (Zero-knowledge succinct non-interactive argument or knowledge) eine Sonderrolle ein – es i…CSOONLINE.COM
2 JunCybersecurity Incidents: Eddie Steeler Malware, ConnectWise Breach, and Nova Scotia Power Data TheftIn this episode of Cybersecurity Today, host David Shipley discusses several key cyber incidents affecting organizations and individuals. A new rust-based information stealer, known as Eddie Steeler, is being distributed via deceptive CAPTCHA verification pages. ConnectWise, a ma…CYBERSECURITYTODAY.LIBSYN.COM
2 JunSevere Vulnerabilities in Consilium CS5000 Fire Panels Allow Remote System TakeoverTwo severe cybersecurity vulnerabilities have been disclosed in the Consilium Safety CS5000 Fire Panel, a widely deployed industrial control system integral to fire safety across sectors like commercial facilities, healthcare, transportation, and government services. The U.S. Cyb…GBHACKERS.COM
2 JunIn Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code LeakedNoteworthy stories that might have slipped under the radar: simple PoC code released for Fortinet zero-day, OpenAI O3 disobeys shutdown orders, source code of SilverRAT emerges online. The post In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leake…SECURITYWEEK.COM
2 JunCritical Roundcube Flaw Allows Remote Code Execution by AttackersRoundcube Webmail, one of the most widely used browser-based IMAP clients, has released urgent security updates for its 1.6 and 1.5 LTS versions. The newly published versions, 1.6.11 and 1.5.10, address a critical post-authentication remote code execution (RCE) vulnerability stem…GBHACKERS.COM
2 JunNew Study Reveals Vulnerable Code Pattern Putting GitHub Projects at Risk of Path Traversal AttacksA comprehensive research study has identified a widespread path traversal vulnerability (CWE-22) affecting 1,756 open-source GitHub projects, some of which are highly influential in the software ecosystem. The vulnerability, present in a commonly used Node.js code pattern for cre…GBHACKERS.COM
2 JunCounter Antivirus Service AVCheck Shut Down by Law EnforcementCounter antivirus services such as AVCheck allow cybercriminals to test whether their malware is detected by antivirus products. The post Counter Antivirus Service AVCheck Shut Down by Law Enforcement appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunBuilding Cyber Resilience: AI Threats, Mid-Market Risks & Ransomware Trends - ESW #409Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what’s keeping…YOUTUBE.COM
2 Jun6 hard truths security pros must learn to live withA career in cybersecurity is attractive for a number of reasons. The perpetual shortage of security practitioners means you can always get a job, and the tight talent market ensures a shot at great pay and benefits. Plus, for people who thrive in a fast-paced, high-pressure envir…CSOONLINE.COM
2 JunOver 50,000 Azure AD Users’ Access Tokens Exposed via Unauthenticated API EndpointCloudSEK’s BeVigil platform has uncovered a critical security vulnerability affecting an aviation giant, where an exposed JavaScript file containing an unauthenticated API endpoint led to unauthorized access to Microsoft Graph tokens with elevated privileges. This security …GBHACKERS.COM
2 Jun KEVQualcomm fixes three Adreno GPU zero-days exploited in attacksQualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted attacks. [...]BLEEPINGCOMPUTER.COM
2 JunThe Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber ThreatsThe evolution of cyber threats has forced organizations across all industries to rethink their security strategies. As attackers become more sophisticated — leveraging encryption, living-off-the-land techniques, and lateral movement to evade traditional defenses — security teams …THEHACKERNEWS.COM
2 JunNew PyPI Supply Chain Attacks Target Python and NPM Users on Windows and LinuxCheckmarx Zero researcher Ariel Harush has uncovered a sophisticated malicious package campaign targeting Python and NPM users across Windows and Linux platforms through typo-squatting and name-confusion attacks against popular packages. This coordinated supply chain attack demon…GBHACKERS.COM
2 JunHackers Weaponize Free SSH Client PuTTY to Deliver Malware on WindowsOpenSSH has become a standard tool for secure remote management on both Linux and Windows systems. Since its inclusion as a default component in Windows 10 version 1803, attackers have increasingly exploited its presence, leveraging it as a “Living Off the Land Binary”…GBHACKERS.COM
2 JunExploit details for max severity Cisco IOS XE flaw now publicsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/exploit-details-for-max-severity-cisco-ios-xe-flaw-now-public/SH.ITJUST.WORKS
2 JunFBI cracks down on crypting crew in a global counter-antivirus service disruptionThe US law enforcement, in coordination with global efforts, has disrupted counter-antivirus (CAV) operations by shuttering four leading domains offering these services. According to a Department of Justice (DOJ) press release, the seizure of these domains and their associated se…CSOONLINE.COM
2 Jun⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and MoreIf this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The access? Everything looked normal. The tools? Easy to find. The detection? Came too late. This is how attacks happen now—quiet, convincing, and fast. Defenders aren’t j…THEHACKERNEWS.COM
2 JunHuluCaptcha: Fake Captcha Kit Tricks Users into Executing Code via Windows Run CommandSecurity researchers have identified a sophisticated phishing campaign leveraging a fake CAPTCHA verification system dubbed “HuluCaptcha” that covertly executes malicious code through the Windows Run command. The attack chain begins with seemingly legitimate CAPTCHA c…GBHACKERS.COM
2 JunFrench Users Targeted by Major Phishing CampaignResearchers at IBM Security warn that a major phishing campaign is targeting users in France, incorporating leaked personal data to make the emails more convincing.KNOWBE4.COM
2 JunQualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch UrgentlyChipmaker says there are indications from Google Threat Analysis Group that a trio of flaws “may be under limited, targeted exploitation.” The post Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunCryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHubCybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine cryptocurrencies. Cloud security firm Wiz, which is trackin…THEHACKERNEWS.COM
2 JunHackers Just Went Nuclear: Malware in Microcode ⚠️A researcher just blew the minds of cybersecurity pros everywhere… by turning a CPU microcode exploit into full-blown ransomware. In this short, Sam Bowne and Paul break down how someone bypassed cryptographic signatures to embed malware inside the processor itself — no software …YOUTUBE.COM
2 JunHow Hackers Turn Open Source Into Open Season 🧵 #cybersecurityCyber attackers don’t need zero-days when the patch tells the whole story. In this short, cybersecurity expert Paul breaks down how a simple Firefox commit can expose everything hackers need to reverse-engineer an exploit. With open source software, the fix is the clue—and threat…YOUTUBE.COM
2 JunCartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was ExposedLuxury brand Cartier disclosed a data breach in which an unauthorized party gained access to its systems and obtained some client information. The post Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed appeared first on SecurityWeek .SECURITYWEEK.COM
📋 SECURITY BULLETINS 2[−]
2 JunMicrosoft ships emergency patch to fix Windows 11 installation issuesMicrosoft has released an out-of-band update to address a known issue causing some Windows 11 systems to enter recovery and fail to start while trying to install the KB5058405 May 2025 security update. [...]BLEEPINGCOMPUTER.COM
2 JunCritical MediaTek Flaws Allow Hackers to Gain Elevated Access with No User InputMediaTek has published its latest Product Security Bulletin, revealing several security vulnerabilities affecting a wide range of its chipsets used in smartphones, tablets, AIoT devices, smart displays, smart platforms, OTT devices, computer vision systems, audio equipment, and T…GBHACKERS.COM
📢 SECURITY ADVISORIES 13[−]
2 JunSimple SSH Backdoor, (Mon, Jun 2nd)For most system and network administrators, the free SSH client Putty has been their best friend for years! This tool was also (ab)used by attackers that deployed a trojanized version[ 1 ]. Microsoft had the good idea to include OpenSSH (beta version) in Windows 10…ISC.SANS.EDU
2 JunHaozi’s Plug-and-Play Phishing Attack Steals Over $280,000 From UsersNetcraft security researchers have identified a significant resurgence of the Chinese-language Haozi Phishing-as-a-Service (PhaaS) operation, distinguished by its cartoon mouse mascot and frictionless cybercrime toolkit. The group’s cryptocurrency wallet has processed over …GBHACKERS.COM
2 JunIs “Secure by Design” Just an Illusion?Is “secure by design” just a buzzword in the cybersecurity world? In this short, Jeff Man—a veteran security expert—challenges the developer mindset and explains how biases can dilute true security goals. With over two decades of PCI compliance history, this clip raises the quest…YOUTUBE.COM
2 JunYour KnowBe4 Compliance Plus Fresh Content Updates from May 2025Check out the May updates in Compliance Plus so you can stay on top of featured compliance training content.KNOWBE4.COM
2 JunRed Hat security advisory (AV25-304)Red Hat security advisory (AV25-304)CYBER.GC.CA
2 JunUbuntu security advisory (AV25-305)Ubuntu security advisory (AV25-305)CYBER.GC.CA
2 JunVanta bug exposed customers’ data to other customersThe compliance company said the customer data exposure was caused by a product change.TECHCRUNCH.COM
2 JunIBM security advisory (AV25-307)IBM security advisory (AV25-307)CYBER.GC.CA
2 JunDell security advisory (AV25-306)Dell security advisory (AV25-306)CYBER.GC.CA
2 Jun[Control systems] CISA ICS security advisories (AV25–308)[Control systems] CISA ICS security advisories (AV25–308)CYBER.GC.CA
2 JunGoogle Chrome to distrust Chunghwa Telecom, Netlock certificates in AugustGoogle says it will no longer trust root CA certificates signed by Chunghwa Telecom and Netlock in the Chrome Root Store due to a pattern of compliance failures and failure to make improvements. [...]BLEEPINGCOMPUTER.COM
2 JunRoundcube security advisory (AV25-309)On June 1, 2025, Roundcube published security advisories to address vulnerabilities.CYBER.GC.CA
2 JunHPE security advisory (AV25-310)HPE security advisory (AV25-310)CYBER.GC.CA
🔥 INCIDENT REPORTING 9[−]
2 JunAustralia Requires Ransomware Victims to Declare PaymentsA new Australian law requires larger companies to declare any ransomware payments they have made.SCHNEIER.COM
2 JunJust a moment...submitted by kid to cybersecurity 1 points | 0 comments https://www.tripwire.com/state-of-security/interlock-ransomware-what-you-need-knowSH.ITJUST.WORKS
2 JunWeekly Update 454Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite We're two weeks in from the launch of the new HIBP, and I'm still recovering. Like literally still recovering from the cold I…TROYHUNT.COM
2 JunGermany doxxes Conti ransomware and TrickBot ring leadersubmitted by kid to cybersecurity 4 points | 0 comments https://www.bleepingcomputer.com/news/security/germany-doxxes-conti-ransomware-and-trickbot-ring-leader/SH.ITJUST.WORKS
2 JunRansomware-Bande erpresst VolkswagenIm Darknet ist ein Hinweis auf einen Datendiebstahl bei der Volkswagen Gruppe aufgetaucht. r.classen – shutterstock.com Die Volkswagen Gruppe mit Sitz in Wolfsburg zählt weltweit zu den größten Autokonzernen und ist damit ein attraktives Ziel für Cyberkriminelle. Die Ransomware-B…CSOONLINE.COM
2 JunBeyond Credentials: When Every Data Point Becomes a WeaponYou know what's interesting about data breaches? Everyone focuses on credit card numbers and financial data, but the reality is that every piece of information has value to someone.KNOWBE4.COM
2 JunBKA enthüllt Identität von Trickbot-AnführerInternational gesucht: Hacker-Boss soll sich in Russland verstecken – Hinweise erbeten. DC Studio – shutterstock.com Der Anführer der berüchtigten russischen Cybercrime-Gruppe Trickbot , die seit mindestens 2016 weltweit massive Schäden anrichtet, wurde enttarnt: Vitalii Nikolaev…CSOONLINE.COM
2 JunPodcast: Darknet Diaries – MalwareTechsubmitted by squirrel to cybersecurity 1 points | 0 comments https://darknetdiaries.com/episode/158/ MalwareTech was an anonymous security researcher, until he accidentally stopped WannaCry, one of the largest ransomware attacks in history. That single act of heroism shattered hi…SH.ITJUST.WORKS
2 JunCartier discloses data breach amid fashion brand cyberattacksLuxury fashion brand Cartier is warning customers it suffered a data breach that exposed customers' personal information after its systems were compromised. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 27[−]
2 JunMITRE Releases Roadmap for Transition to Post-Quantum CryptographyThe nonprofit research organization MITRE has unveiled a comprehensive roadmap designed to guide organizations through the critical transition from current cryptographic standards to quantum-resistant algorithms. This strategic framework addresses the emerging threat posed by qua…GBHACKERS.COM
2 JunSimple SSH Backdoorsubmitted by Pro to cybersecurity 1 points | 0 comments https://isc.sans.edu/diary/rss/32000INFOSEC.PUB
2 JunSimple SSH Backdoorsubmitted by Pro to cybersecurity 1 points | 0 comments https://isc.sans.edu/diary/rss/32000SH.ITJUST.WORKS
2 JunUS Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie WilesElected officials, business executives and other prominent figures in recent weeks received messages from someone impersonating Susie Wiles. The post US Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie Wiles appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunSHARED INTEL Q&A: When every IoT Device and AI assistant has an identity — who’s in control?As enterprise adoption of generative AI accelerates, security teams face a new identity dilemma — not just more users and devices, but a growing swarm of non-human agents and autonomous systems requesting access to sensitive assets. Related: Top 10 Microsoft … (more…) The p…LASTWATCHDOG.COM
2 JunAlleged Conti, TrickBot Gang Leader UnmaskedRussian national Vitaly Nikolaevich Kovalev is believed to be the leader of the Conti and TrickBot cybercrime groups. The post Alleged Conti, TrickBot Gang Leader Unmasked appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunCISO Roles Take on Strategic Security Leadership Roles Beyond Cybersecurity as OrganizationsA comprehensive analysis of over 800 Chief Information Security Officers reveals a fundamental transformation in the cybersecurity leadership landscape, with CISOs increasingly assuming strategic business responsibilities that extend far beyond traditional information security fu…GBHACKERS.COM
2 JunChrome to Distrust Chunghwa Telecom and Netlock CertificatesPatterns of concerning behavior led Google to remove trust in certificates from Chunghwa Telecom and Netlock from Chrome. The post Chrome to Distrust Chunghwa Telecom and Netlock Certificates appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunISC Stormcast For Monday, June 2nd, 2025 https://isc.sans.edu/podcastdetail/9474, (Mon, Jun 2nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
2 JunFake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regionssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/06/fake-recruiter-emails-target-cfos-using.htmlSH.ITJUST.WORKS
2 JunTycoon2FA Infra Used by Dadsec Hacker Group to Steal Office365 Credentialssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/tycoon2fa-infra-used-by-dadsec-hacker-group/SH.ITJUST.WORKS
2 JunPure Crypter Employs Multiple Evasion Techniques To Bypass Windows 11 24H2 Security Featuressubmitted by kid to cybersecurity 4 points | 0 comments https://cybersecuritynews.com/pure-crypter-employs-multiple-evasion-techniques/SH.ITJUST.WORKS
2 JunMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
2 JunMicrosoft ships emergency patch to fix Windows 11 startup failuressubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/microsoft/microsoft-ships-emergency-patch-to-fix-windows-11-installation-issues/SH.ITJUST.WORKS
2 JunCritical Linux Vulnerabilities Expose Password Hashes on Millions of Linux Systems Worldwidesubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/linux-vulnerabilities-expose-password-hashes/SH.ITJUST.WORKS
2 JunBackdoors in Python and NPM Packages Target Windows and Linuxsubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/backdoors-python-npm-packages-windows-linux/SH.ITJUST.WORKS
2 JunNew Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headerssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/05/new-windows-rat-evades-detection-for.htmlSH.ITJUST.WORKS
2 JunDownload the ‘New Thinking about Cloud Computing’ Enterprise SpotlightDownload the June 2025 issue of the Enterprise Spotlight from the editors of CIO, Computerworld, CSO, InfoWorld, and Network World. aria-label="Embed of Enterprise Spotlight: New Thinking about Cloud Computing."> Enterprise Spotlight: New Thinking about Cloud Computing DownloadCSOONLINE.COM
2 JunCryptojackers Caught Mining Monero via Exposed DevOps InfrastructureCryptocurrency mining operation hits exposed Consul dashboards, Docker Engine APIs and Gitea code-hosting instances to push Monero miner. The post Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunAnnouncing a new strategic collaboration to bring clarity to threat actor namingMicrosoft and CrowdStrike are teaming up to create alignment across our individual threat actor taxonomies to help security professionals connect insights faster. The post Announcing a new strategic collaboration to bring clarity to threat actor naming appeared first on Microsoft…MICROSOFT.COM
2 JunMicrosoft Said THIS Is Best Practice—Experts Disagree!Microsoft recommends cloud-only accounts for privileged roles in Windows Server 2025… but not everyone agrees. In this short, cybersecurity experts react to the controversial shift away from hybrid setups with serious concerns about security implications. From passkey revocation …YOUTUBE.COM
2 JunDiscover how automatic attack disruption protects critical assets while ensuring business continuityTo help security teams protect critical assets while ensuring business continuity, Microsoft Defender developed automatic attack disruption: a built-in self-defense capability. The post Discover how automatic attack disruption protects critical assets while ensuring business cont…TECHCOMMUNITY.MICROSOFT.COM
2 JunStealth Syscall Technique Allows Hackers to Evade Event Tracing and EDR DetectionAdvanced threat actors have developed sophisticated stealth syscall execution techniques that successfully bypass modern security infrastructure, including Event Tracing for Windows (ETW), Sysmon monitoring, and Endpoint Detection and Response (EDR) systems. These techniques comb…GBHACKERS.COM
2 JunThreat Actors Leverage ClickFix Technique to Deploy EddieStealer MalwareCybersecurity researchers have identified a sophisticated malware campaign utilizing deceptive CAPTCHA interfaces to distribute EddieStealer, a Rust-based information stealing malware that targets sensitive user data across multiple platforms. The attack employs the ClickFix tech…GBHACKERS.COM
2 JunMicrosoft Wants You to MIX Personal Files with Work?! 😳When cybersecurity expert Adrian hears that OneDrive's new feature encourages users to blend personal files with corporate data, his reaction says it all: "This is a terrible idea." With real stories about syncing malware and past disasters, he breaks down why this move could ope…YOUTUBE.COM
2 JunProduct Without Purpose? That’s Not Security, That’s Noise.In this clip, cybersecurity exec Matthew Alderman breaks down a painful truth most teams ignore: building features without focusing on outcomes leads to products that miss the mark. If your cybersecurity solution can’t answer the “so what?”, it’s just adding noise—not real value.…YOUTUBE.COM
2 JunThe Silent AI Meltdown Happening Right NowAs AI continues to evolve, something deeply concerning is happening behind the scenes. In this jaw-dropping clip, cybersecurity expert Adrian Sanabria reveals how AI is now training on content made by other AIs — leading to what experts are calling “model collapse.” When AI learn…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
2 Jun‘Russian Market’ emerges as a go-to shop for stolen credentialsThe "Russian Market" cybercrime marketplace has emerged as one of the most popular platforms for buying and selling credentials stolen by information stealer malware. [...]BLEEPINGCOMPUTER.COM
2 JunNSO Group asks judge for new trial, calling $167 million in damages ‘outrageous’The spyware maker claims the damages it was ordered to pay are "excessive," and that the jury wanted to “bankrupt” the company.TECHCRUNCH.COM
📡 INFOSEC NEWS 11[−]
2 JunFake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global RegionsCybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target Chief Financial Officers (CFOs) and financial executives at banks, energy companies, insurers, and investment firms across Europe, Africa, Can…THEHACKERNEWS.COM
2 JunKaspersky research: what interests kids in 2025 | Kaspersky official blogKids spend a huge amount of time online — but what exactly do they do there? Read our report to find out what Generation Alpha are actually doing on the internet.KASPERSKY.COM
2 JunAn industry first: Sophos Firewall and NDR EssentialsSophos Firewall is once again pioneering new innovations.SOPHOS.COM
2 JunSophos Firewall v21.5 is now availableNew innovations and top-requested featuresSOPHOS.COM
2 JunThe Never-Ending Data Treadmill — A Cybersecurity NightmareThe cybersecurity industry is stuck on a never-ending data treadmill! 🚨 Every year, security teams are drowning in more and more data, but is all that extra information actually helping? 🤔 The truth is, most SOCs want less data, not more—but SaaS vendors are built to charge for i…YOUTUBE.COM
2 JunWhy AI Alone Will NEVER Be Enough for Cybersecurity…AI in cybersecurity sounds promising, but can it really replace SOC teams? 🤔 Security expert Allie Mellen breaks it down, revealing why AI alone will NEVER be enough to stop hackers! 🚨 Attackers are already finding ways around AI just like they do with any other technology. So, w…YOUTUBE.COM
2 JunMicrosoft and CrowdStrike partner to link hacking group namesMicrosoft and CrowdStrike announced today that they've partnered to connect the aliases used for specific threat groups without actually using a single naming standard. [...]BLEEPINGCOMPUTER.COM
2 JunSentinelOne: Last week’s 7-hour outage caused by software flawAmerican cybersecurity company SentinelOne revealed over the weekend that a software flaw triggered a seven-hour-long outage on Thursday. [...]BLEEPINGCOMPUTER.COM
2 JunThe North Face warns customers of April credential stuffing attackOutdoor apparel retailer The North Face is warning customers that their personal information was stolen in credential stuffing attacks targeting the company's website in April. [...]BLEEPINGCOMPUTER.COM
2 JunDon’t let dormant accounts become a doorway for cybercriminalsDo you have online accounts you haven't used in years? If so, a bit of digital spring cleaning might be in order.WELIVESECURITY.COM