matlock.ca // THREAT INTELLIGENCE

126Articles

10Categories

2025-06-03Date

🚨

Vulnerability Report - May 2025submitted by cm0002 to cybersecurity 2 points | 0 comments Introduction This vulnerability report has been generated using data aggregated on Vulnerability-Lookup , with contributions from the platform’s community. It highlights the most frequently mentioned vulnerability for May…

KEVINFOSEC.PUB — 3 Jun 2025

🚨

CISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-21479 Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability CVE-2025-21480 Qualcomm Multiple Chipsets Incorrect Authorizat…

KEVCISA.GOV — Tue, 03 Jun 25 1

🐛

New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch

KEVTHEHACKERNEWS.COM — 03 Jun 2025

🐛

New ModSecurity WAF Vulnerability Enables Attackers to Crash Systems

GBHACKERS.COM — 03 Jun 2025

🐛

Splunk Enterprise XSS Flaw Enables Attackers to Execute Unauthorized JavaScript

GBHACKERS.COM — 03 Jun 2025

🐛

Splunk Universal Forwarder for Windows Flaw Grants Non-Admin Users Full Content Access

GBHACKERS.COM — 03 Jun 2025

🐛

New Linux Vulnerabilities

SCHNEIER.COM — 2025-06-03

🐛

Cisco Wireless LAN Controllers under threat again after critical exploit details go public

CSOONLINE.COM — 03 Jun 2025

🐛

CISA Alerts on ConnectWise ScreenConnect Authentication Vulnerability Actively Exploited

KEVGBHACKERS.COM — 03 Jun 2025

🐛

Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code

THEHACKERNEWS.COM — 03 Jun 2025

🐛

vBulletin Exploits (CVE-2025-48827, CVE-2025-48828), (Tue, Jun 3rd)

ISC.SANS.EDU — 03 Jun 2025

🐛

Google patches third zero-day flaw in Chrome this year

KEVCSOONLINE.COM — 03 Jun 2025

🐛

Chromium: CVE-2025-5068 Use after free in Blink

MSRC.MICROSOFT.COM — 03 Jun 2025

🐛

Chromium: CVE-2025-5419 Out of bounds read and write in V8

MSRC.MICROSOFT.COM — 03 Jun 2025

⚠️

New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch

KEVINFOSEC.PUB — 3 Jun 2025

⚠️

Was ist Federated Identity Management?

CSOONLINE.COM — 03 Jun 2025

⚠️

Threat-Intelligence-Plattformen – ein Kaufratgeber

CSOONLINE.COM — 03 Jun 2025

⚠️

ColoCrossing - 7,183 breached accounts

HAVEIBEENPWNED.COM — 03 Jun 2025

⚠️

„In der Security geht es vor allem um Resilienz“

CSOONLINE.COM — 03 Jun 2025

⚠️

Critical HPE StoreOnce Flaws Allow Remote Code Execution by Attackers

GBHACKERS.COM — 03 Jun 2025

⚠️

AI gives superpowers to BEC attackers

CSOONLINE.COM — 03 Jun 2025

⚠️

159: Vastaamo

DARKNETDIARIES.COM — 03 Jun 2025

⚠️

SolarWinds Dameware Vulnerability Could Let Attackers Gain Elevated Privileges

GBHACKERS.COM — 03 Jun 2025

⚠️

Threat Actors Target PerimeterX CAPTCHA to Automate Microsoft Account Creation

GBHACKERS.COM — 03 Jun 2025

⚠️

Google Researchers Find New Chrome Zero-Day

SECURITYWEEK.COM — 03 Jun 2025

⚠️

AIs, MCPs, and the Acutal Work that LLMs Are Generating - ASW #333

YOUTUBE.COM — 2025-06-03

⚠️

53% of cyber department leaders eyeing the exit

CSOONLINE.COM — 03 Jun 2025

⚠️

Malicious NPM Packages Exploit Ethereum Wallets with Obfuscated JavaScript

GBHACKERS.COM — 03 Jun 2025

⚠️

Google patches new Chrome zero-day bug exploited in attacks

BLEEPINGCOMPUTER.COM — 03 Jun 2025

⚠️

The high cost of misconfigured DevOps: Global cryptojacking hits enterprises

CSOONLINE.COM — 03 Jun 2025

⚠️

Threat Actors Exploit DevOps Web Server Misconfigurations to Deploy Malware

GBHACKERS.COM — 03 Jun 2025

⚠️

Australia Enforces Ransomware Payment Reporting

SECURITYWEEK.COM — 03 Jun 2025

⚠️

New Research Uncovers Strengths and Vulnerabilities in Cloud-Based LLM Guardrails

GBHACKERS.COM — 03 Jun 2025

⚠️

Hackers Abuse AI Tool Misconfigurations to Execute Malicious AI-Generated Payloads

GBHACKERS.COM — 03 Jun 2025

⚠️

New Safari XSS Vulnerability Exploits JavaScript Error Handling to Run Arbitrary Code

GBHACKERS.COM — 03 Jun 2025

⚠️

Qualcomm fixes three Adreno GPU zero-days exploited in attacks

SH.ITJUST.WORKS — 3 Jun 2025

⚠️

Hackers Exploit AI Tools Misconfiguration To Run Malicious AI-generated Payloads

SH.ITJUST.WORKS — 3 Jun 2025

⚠️

One hacker, many names: Industry collaboration aims to fix cyber threat label chaos

CSOONLINE.COM — 03 Jun 2025

⚠️

New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch

KEVSH.ITJUST.WORKS — 3 Jun 2025

⚠️

Apple iOS Activation Flaw Enables Injection of Unauthenticated XML Payloads

GBHACKERS.COM — 03 Jun 2025

⚠️

CISA warns of ConnectWise ScreenConnect bug exploited in attacks

BLEEPINGCOMPUTER.COM — 03 Jun 2025

⚠️

1,000 Instantel Industrial Monitoring Devices Possibly Exposed to Hacking

SECURITYWEEK.COM — 03 Jun 2025

⚠️

Aembit Extends Workload IAM to Microsoft Ecosystem, Securing Hybrid Access for Non-Human Identities

GBHACKERS.COM — 03 Jun 2025

⚠️

If You Touch Tech, You’re in Security 👨‍💻 #ITReality

YOUTUBE.COM — 2025-06-03

⚠️

Scattered Spider: Three things the news doesn’t tell you

BLEEPINGCOMPUTER.COM — 03 Jun 2025

⚠️

Android Security Update Addresses High-Severity Privilege Escalation Flaws

GBHACKERS.COM — 03 Jun 2025

⚠️

News alert: Aembit brings ‘Workload IAM’ to Microsoft stack, secures hybrid AI and app access

LASTWATCHDOG.COM — 03 Jun 2025

⚠️

Researchers Reveal Container-Based Attacks Through Host-Based Log Analysis

GBHACKERS.COM — 03 Jun 2025

⚠️

New Linux PumaBot Targets IoT Devices with SSH Credential Brute-Force Attack

GBHACKERS.COM — 03 Jun 2025

⚠️

Malicious RubyGems pose as Fastlane to steal Telegram API data

BLEEPINGCOMPUTER.COM — 03 Jun 2025

⚠️

CISA Releases Three Industrial Control Systems Advisories

CISA.GOV — Tue, 03 Jun 25 1

⚠️

DollyWay is infecting WordPress sites | Kaspersky official blog

KASPERSKY.COM — 03 Jun 2025

⚠️

New Unrestricted AI Tool Can Assist in Cybercrime

KNOWBE4.COM — 03 Jun 2025

⚠️

Coinbase breach tied to bribed TaskUs support agents in India

BLEEPINGCOMPUTER.COM — 03 Jun 2025

⚠️

Phone chipmaker Qualcomm fixes three zero-days exploited by hackers

TECHCRUNCH.COM — 03 Jun 2025

⚠️

Warning: Critical PHP Deserialization Vulnerability in Roundcube Webmail, Patch Immediately! | CCB Safeonweb

SH.ITJUST.WORKS — 3 Jun 2025

⚠️

One-third of top U.S. cyber force has left since Trump took office

INFOSEC.PUB — 3 Jun 2025

⚠️

The Cyber Vendor You Trusted? It Might Be Game Over.

YOUTUBE.COM — 2025-06-03

⚠️

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

CISECURITY.ORG — 03 Jun 2025

📋

Hewlett Packard Enterprise warns of critical StoreOnce auth bypass

BLEEPINGCOMPUTER.COM — 03 Jun 2025

📢

Trump’s CISA budget lays out deep job cuts, program reductions

INFOSEC.PUB — 3 Jun 2025

📢

Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues

THEHACKERNEWS.COM — 03 Jun 2025

📢

[Control systems] ABB security advisory (AV25-311)

CYBER.GC.CA — 2025-06-03

📢

SolarWinds security advisory (AV25-312)

CYBER.GC.CA — 2025-06-03

📢

Splunk security advisory (AV25-313)

CYBER.GC.CA — 2025-06-03

📢

Google Chrome security advisory (AV25-314)

CYBER.GC.CA — 2025-06-03

📢

Qualcomm security advisory – June 2025 monthly rollup (AV25-315)

CYBER.GC.CA — 2025-06-03

🔥

Cartier discloses data breach amid fashion brand cyberattacks

INFOSEC.PUB — 3 Jun 2025

🔥

Lyrix Ransomware Targets Windows Users with Advanced Evasion Techniques

GBHACKERS.COM — 03 Jun 2025

🔥

Volkswagen data breach claim falls flat on proof | Cybernews

SH.ITJUST.WORKS — 3 Jun 2025

🔥

Cartier Data Breach: Luxury Retailer Warns Customers That Personal Data Was Exposed - SecurityWeek

SH.ITJUST.WORKS — 3 Jun 2025

🔥

Potato packer suffers data breach, hackers claim | Cybernews

SH.ITJUST.WORKS — 3 Jun 2025

🔥

MainStreet reports third-party breach of bank customer data • The Register

SH.ITJUST.WORKS — 3 Jun 2025

🔥

MainStreet Bank Data Breach Impacts Customer Payment Cards

SECURITYWEEK.COM — 03 Jun 2025

🔥

Victoria’s Secret delays earnings release after security incident

BLEEPINGCOMPUTER.COM — 03 Jun 2025

🔥

Health giant Kettering still facing disruption weeks after ransomware attack

TECHCRUNCH.COM — 03 Jun 2025

🔥

North Face Fashion Brand Alerts Customers to Credential Stuffing Attack

GBHACKERS.COM — 03 Jun 2025

🔥

State-Sponsored Groups Intensify Attacks on Manufacturing Sector and OT Systems

GBHACKERS.COM — 03 Jun 2025

🔥

Russian Hacker Black Owl Targets Critical Industries to Steal Financial Data

GBHACKERS.COM — 03 Jun 2025

🔥

Indian grocery startup KiranaPro was hacked and its servers deleted, CEO confirms

TECHCRUNCH.COM — 03 Jun 2025

🔥

The Worsening Landscape of Educational Cybersecurity

KNOWBE4.COM — 03 Jun 2025

🔥

More Tools ≠ More Security

YOUTUBE.COM — 2025-06-03

🔥

Australia Begins New Ransomware Payment Disclosure Rules

INFOSEC.PUB — 3 Jun 2025

🕵️

ISC Stormcast For Tuesday, June 3rd, 2025 https://isc.sans.edu/podcastdetail/9476, (Tue, Jun 3rd)

ISC.SANS.EDU — 03 Jun 2025

🕵️

Falschinformationen im Netz werden nur selten erkannt

CSOONLINE.COM — 03 Jun 2025

🕵️

Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion

THEHACKERNEWS.COM — 03 Jun 2025

🕵️

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names

SECURITYWEEK.COM — 03 Jun 2025

🕵️

Is public WiFi actually dangerous?

SH.ITJUST.WORKS — 3 Jun 2025

🕵️

Beware: Fake Booking.com Sites Spread AsyncRAT Malware to Infect Devices

GBHACKERS.COM — 03 Jun 2025

🕵️

Google Online Security Blog: Sustaining Digital Certificate Security - Upcoming Changes to the Chrome Root Store

SH.ITJUST.WORKS — 3 Jun 2025

🕵️

Over 30 Vulnerabilities Patched in Android

SECURITYWEEK.COM — 03 Jun 2025

🕵️

New Report: Governments Struggle to Regain Backdoor Access to Secure Communications

GBHACKERS.COM — 03 Jun 2025

🕵️

eSentire | When Samsung's Magic Turns Tragic: A Tale of Unauthorized Mining

SH.ITJUST.WORKS — 3 Jun 2025

🕵️

Docker, HashiCorp, Gitea servers targeted in cryptojacking campaign | SC Media

SH.ITJUST.WORKS — 3 Jun 2025

🕵️

Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization

SH.ITJUST.WORKS — 3 Jun 2025

🕵️

The North Face warns customers of April credential stuffing attack

SH.ITJUST.WORKS — 3 Jun 2025

🕵️

Zero Networks Raises $55 Million for Microsegmentation Solution

SECURITYWEEK.COM — 03 Jun 2025

🕵️

Beyond the Pond Phish: Unraveling Lazarus Group's Evolving Tactics | BitMEX Blog

SH.ITJUST.WORKS — 3 Jun 2025

🕵️

CyberheistNews Vol 15 #22 If I Had Only 20 Seconds To Teach People How To Avoid Scams

KNOWBE4.COM — 03 Jun 2025

🕵️

Why Scamming Can’t Be Stopped—But It Can Be Managed

SECURITYWEEK.COM — 03 Jun 2025

🕵️

Mikko Hypponen Leaves Anti-Malware Industry to Fight Against Drones

SECURITYWEEK.COM — 03 Jun 2025

🕵️

Top Russian Dark Web Market Tools Drive Surge in Credential Theft Attacks

GBHACKERS.COM — 03 Jun 2025

🕵️

Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets

SH.ITJUST.WORKS — 3 Jun 2025

🕵️

Cybersecurity Challenges in the Energy and Utilities Sector

PALOALTONETWORKS.COM — 03 Jun 2025

🕵️

How Microsoft Defender for Endpoint is redefining endpoint security

MICROSOFT.COM — 03 Jun 2025

🕵️

The UK Brings Cyberwarfare Out of the Closet

SECURITYWEEK.COM — 03 Jun 2025

🕵️

Can You Beat These Cyber Pros in Malware Trivia? 🧑‍💻👾

YOUTUBE.COM — 2025-06-03

🕵️

Why VPNs Might Be Your Weakest Link 😵‍💫 #technews

YOUTUBE.COM — 2025-06-03

🕵️

MY TAKE: Are we ‘Super f**ked’ by agentic AI — or finally able to take charge of what comes next?

LASTWATCHDOG.COM — 03 Jun 2025

🕵️

Fake Docusign Pages Deliver Multi-Stage NetSupport RAT Malware

SH.ITJUST.WORKS — 3 Jun 2025

🕵️

The Most Overused Phrase in Cybersecurity

YOUTUBE.COM — 2025-06-03

🕵️

90% Right is Enough When You’re Debugging at 3AM

YOUTUBE.COM — 2025-06-03

🕵️

Bovril, Deranged, Crocodilus, Cartier, Jinx, Conti, Scattered Spider, Josh Marpet... - SWN #482

YOUTUBE.COM — 2025-06-03

🌐

Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets

THEHACKERNEWS.COM — 03 Jun 2025

🌐

Android malware Crocodilus adds fake contacts to spoof trusted callers

BLEEPINGCOMPUTER.COM — 03 Jun 2025

🌐

Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack

THEHACKERNEWS.COM — 03 Jun 2025

🎙️

The AI Fix #53: An AI uses blackmail to save itself, and threats make AIs work better

GRAHAMCLULEY.COM — 03 Jun 2025

📡

Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization

THEHACKERNEWS.COM — 03 Jun 2025

📡

Mozilla launches new system to detect Firefox crypto drainer add-ons

BLEEPINGCOMPUTER.COM — 03 Jun 2025

📡

Why This Hacker Wants to Showcase His Biggest Mistake 🔥

YOUTUBE.COM — 2025-06-03

📡

Microsoft adds quick machine recovery to Windows 11 settings

BLEEPINGCOMPUTER.COM — 03 Jun 2025

📡

He Cracked the Code… But It Took Him 2 Years to Start ⏳

YOUTUBE.COM — 2025-06-03

📡

ChatGPT rolls out Memory upgrade for free users

BLEEPINGCOMPUTER.COM — 03 Jun 2025

📡

OpenAI is hopeful GPT-5 will compete a little more

BLEEPINGCOMPUTER.COM — 03 Jun 2025

📡

Delving Into the SparkRAT Remote Access Tool

F5.COM — 03 Jun 2025

📡

Delving Into the SparkRAT Remote Access Tool

F5.COM — 03 Jun 2025