94Articles
7Categories
2025-06-09Date
🚨 CISA KEV 1[−]
9 Jun KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.  CVE-2025-32433 Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability  CVE-2024-42009 RoundCube Webm…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
9 JunJenkins Gatling Plugin Flaw Allows CSP Bypass, Exposing Systems to AttackOn June 6, 2025, the Jenkins Project issued a security advisory (SECURITY-3588 / CVE-2025-5806) affecting the Gatling Plugin, a widely used tool for displaying performance test reports within the Jenkins automation server. The vulnerability carries a high severity rating, with CV…GBHACKERS.COM
9 JunMirai Botnets Exploiting Wazuh Security Platform VulnerabilityCVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets. The post Mirai Botnets Exploiting Wazuh Security Platform Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
9 JunTwo Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based AttacksA now-patched critical security flaw in the Wazur Server is being exploited by threat actors to drop two different Mirai botnet variants and use them to conduct distributed denial-of-service (DDoS) attacks. Akamai, which first discovered the exploitation efforts in late March 202…THEHACKERNEWS.COM
9 Jun KEVOver 84,000 Roundcube instances vulnerable to actively exploited flawOver 84,000 instances of the Roundcube webmail software are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) vulnerability with a publicly available exploit. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 29[−]
9 JunCybersecurity Today: Massive Smart TV Botnets and Major US Cyber Policy OverhaulIn this episode of Cybersecurity Today, host David Shipley delves into alarming developments in the cybersecurity landscape. The FBI has flagged a massive malware campaign named Bad Box 2.0, which has compromised 1 million consumer devices globally, turning them into residential …CYBERSECURITYTODAY.LIBSYN.COM
9 JunCritical Salesforce Vulnerability Exposes Global Users to SOQL Injection AttacksIn June 2025, a security researcher uncovered a critical SOQL (Salesforce Object Query Language) injection vulnerability in a default Salesforce Aura controller, affecting potentially thousands of deployments and millions of user records. The discovery highlights the risks of dyn…GBHACKERS.COM
9 JunWeekly Update 455Presently sponsored by: Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing The bot-fighting is a non-stop battle. In this week's video, I discuss how we're tweaking Cloudflare Turnstile and combining more attributes around ho…TROYHUNT.COM
9 JunThe enterprise security news, more secure by removing credentials, & RSAC interviews -... - ESW #410Segment 1 - Enterprise Security News, Live at IDV This week, in the enterprise security news, 1. Acquisitions 2. potential IPOs 3. Terminator Salvation in real life 4. First $1B one-employee business? 5. Mikko puts in his notice 6. Pitch Black in real life, and more! Segment 2 - …YOUTUBE.COM
9 JunCloud assets have 115 vulnerabilities on average — some several years oldCompanies are having a hard time keeping their cloud infrastructure secure and the race to adopt and integrate AI services into their apps and workflows is making things worse. Having analyzed billions of production assets on AWS, Azure, Google Cloud, Oracle Cloud and Alibaba Clo…CSOONLINE.COM
9 JunCISOs reposition their roles for business leadershipThey may have the word “security” in their title, but the mandate for today’s CISOs is to evolve from being security gatekeepers to architects of business continuity and operational resilience. No longer are CISOs solely focused on locking down things like firewalls and conductin…CSOONLINE.COM
9 JunUnmasking the silent saboteur you didn’t know was running the showYou can have the best firewalls, airtight encryption and the latest SIEM tools. But if your clocks are off, you’re flying blind. System time isn’t just a detail. It’s the backbone of cybersecurity. Every log entry, every digital certificate and every session timeout depends on it…CSOONLINE.COM
9 Jun⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone AttacksBehind every security alert is a bigger story. Sometimes it’s a system being tested. Sometimes it’s trust being lost in quiet ways—through delays, odd behavior, or subtle gaps in control. This week, we’re looking beyond the surface to spot what really matters. Whether it’s poor d…THEHACKERNEWS.COM
9 JunChrome extension privacy promises undone by hardcoded secrets, leaky HTTPSeemingly harmless Chrome extensions aimed at improving browser privacy and analytics could be inadvertently leaking API keys, secrets, and other sensitive machine information. According to a Symantec research, several widely used Chrome extensions, including DualSafe Password Ma…CSOONLINE.COM
9 JunKettering Health Confirms Interlock Ransomware Breach and Data TheftOn the morning of May 20, 2025, Kettering Health, a major Ohio-based healthcare provider operating 14 medical centers and over 120 outpatient facilities, was struck by a sophisticated ransomware attack that forced a system-wide technology outage. The incident, attributed to the I…GBHACKERS.COM
9 JunKaspersky study looks at how cybercriminals use games, TV shows, and anime to target Gen Z | Kaspersky official blogScammers are targeting Gen Zers by exploiting their interests in gaming, TV shows, movies, and anime. Discover the digital threats facing Generation Z, as detailed by Kaspersky experts.KASPERSKY.COM
9 JunGrocery wholesale giant United Natural Foods hit by cyberattackUnited Natural Foods (UNFI), North America's largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack. [...]BLEEPINGCOMPUTER.COM
9 JunHackers Deploy FormBook Malware via Weaponized Excel Files to Target Windows SystemsA critical phishing campaign targeting Windows users has been uncovered by FortiGuard Labs, leveraging malicious Excel attachments to exploit a long-standing vulnerability in older versions of Microsoft Office. This sophisticated attack distributes FormBook, a notorious informati…GBHACKERS.COM
9 JunOver 1,000 Employees Departed CISA Since Trump Administration BeganThe Cybersecurity and Infrastructure Security Agency (CISA), the U.S. government’s frontline civilian cybersecurity force, has lost nearly one-third of its workforce—roughly 1,000 employees—since the start of the current Trump administration, according to multiple sources and int…GBHACKERS.COM
9 JunOpenAI Shuts Down ChatGPT Accounts Linked to Russian, Iranian & Chinese CyberIn an era where artificial intelligence (AI) is reshaping every facet of society, our mission remains steadfast: to ensure that artificial general intelligence (AGI) benefits all of humanity. By advancing AI tools that empower people to solve complex problems, we are laying the g…GBHACKERS.COM
9 JunDesigning Blue Team playbooks with Wazuh for proactive cyber defenseBlue Team playbooks are essential—but tools like Wazuh take them to the next level. From credential dumping to web shells and brute-force attacks, see how Wazuh strengthens real-time detection and automated response. [...]BLEEPINGCOMPUTER.COM
9 JunAPT41 Hackers Leverage Google Calendar for Malware C2 in Attacks on Government EntitiesThe Chinese state-sponsored threat actor APT41, also known as BARIUM, Wicked Panda, and Brass Typhoon, has been reported to exploit Google Calendar as a command-and-control (C2) mechanism in a recent campaign targeting a Taiwanese government website. This sophisticated group, act…GBHACKERS.COM
9 JunMeta Bypassed Privacy Protections to Track Android UsersA recent investigation by cybersecurity researchers has revealed that tech giants Meta (formerly Facebook) and Yandex have been exploiting a fundamental design feature of the Android operating system—the ability for apps to listen on localhost ports—to covertly track users’ web a…GBHACKERS.COM
9 JunGoogle Warns of Surge in Cyberattacks Targeting US Users to Steal Login CredentialsGoogle has highlighted a significant uptick in cyberattacks and scams targeting US consumers, with a particular focus on stealing login credentials. The FBI reports that online scams generated a staggering $16.6 billion in losses last year, reflecting a 33% increase over the prev…GBHACKERS.COM
9 JunSkitnet Malware Actively Adopted by Ransomware Gangs to Enhance Operational EfficiencySkitnet malware, also referred to as Bossnet, has emerged as a critical tool for ransomware gangs in 2025, showcasing a marked increase in operational efficiency for cybercriminals. First advertised on underground forums like RAMP on April 19, 2024, by a threat actor known as LAR…GBHACKERS.COM
9 JunNew AI tool targets critical hole in thousands of open source appsDutch and Iranian security researchers have created an automated genAI tool that can scan huge open source repositories and patch vulnerable code that could compromise applications. Tested by scanning GitHub for a particular path traversal vulnerability in Node.js projects that’s…INFOWORLD.COM
9 JunDesigning Blue Team playbooks with Wazuh for proactive incident responseBlue Team playbooks are essential—but tools like Wazuh take them to the next level. From credential dumping to web shells and brute-force attacks, see how Wazuh strengthens real-time detection and automated response. [...]BLEEPINGCOMPUTER.COM
9 JunEmpowering Developers: Fostering a Culture of Security in AppSec - Danielle Ruderman - CSP #213In this episode, we explore the crucial role of cultivating a strong security culture to drive change in AppSec, where training and collaboration are key. Our distinguished guest, Danielle Ruderman, discusses the importance of executive support in ensuring that application develo…YOUTUBE.COM
9 JunNew Salesforce SOQL Injection 0-Day Vulnerability Exposes Millions of Deploymentssubmitted by kid to cybersecurity 1 points | 0 comments https://cyberpress.org/new-salesforce-soql-injection-0-day-vulnerability/SH.ITJUST.WORKS
9 JunJenkins Gatling Plugin Vulnerability Let Attackers Bypass Content-Security-Policy Protectionsubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/jenkins-gatling-plugin-vulnerability/SH.ITJUST.WORKS
9 JunWarning: Crooks Are Using Vishing Attacks to Compromise Salesforce InstancesA criminal threat actor tracked as “UNC6040” is using voice phishing (vishing) attacks to compromise organizations’ Salesforce instances, according to researchers at Google’s Threat Intelligence Group.KNOWBE4.COM
9 JunGoogle patched bug leaking phone numbers tied to accountsA vulnerability allowed researchers to brute-force any Google account's recovery phone number simply by knowing a their profile name and an easily retrieved partial phone number, creating a massive risk for phishing and SIM-swapping attacks. [...]BLEEPINGCOMPUTER.COM
9 JunTrump takes aim at Biden’s cyber executive order but leaves it largely untouchedThe Trump administration issued an executive order entitled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144.” A fact sheet accompanying the order says that President Trump’s EO modifies “problematic …CSOONLINE.COM
📢 SECURITY ADVISORIES 6[−]
9 JunTrump Cybersecurity Executive Order Targets Digital Identity, Sanctions PoliciesPresident Trump says his new cybersecurity executive order amends problematic elements of Biden- and Obama-era executive orders. The post Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies appeared first on SecurityWeek .SECURITYWEEK.COM
9 JunMultiple QNAP Flaws Allow Remote Attackers to Hijack User AccountsQNAP has issued a security advisory warning users of Qsync Central about two critical vulnerabilities that could allow attackers to access sensitive data or execute malicious code. The affected software is widely used for synchronizing files across QNAP NAS devices and connected …GBHACKERS.COM
🔥 INCIDENT REPORTING 14[−]
9 JunBeware for Developers: 16 React Native Packages with Millions of Downloads Compromised OvernightCybersecurity researchers have uncovered a large-scale attack targeting the npm ecosystem, compromising 16 popular React Native packages with a combined download count exceeding one million per week. The attack, detected on June 6th, 2025, represents a significant escalation in t…GBHACKERS.COM
9 JunNew DuplexSpy RAT Gives Attackers Full Control Over Windows MachinesA new Remote Access Trojan (RAT) named DuplexSpy has surfaced, posing a significant threat to Windows-based systems worldwide. Developed in C# by GitHub user ISSAC/iss4cf0ng and released publicly on April 15, 2025, with a stated intent of “educational purposes,” this …GBHACKERS.COM
9 JunThink Your IdP or CASB Covers Shadow IT? These 5 Risks Prove OtherwiseYou don’t need a rogue employee to suffer a breach. All it takes is a free trial that someone forgot to cancel. An AI-powered note-taker quietly syncing with your Google Drive. A personal Gmail account tied to a business-critical tool. That’s shadow IT. And today, it&…THEHACKERNEWS.COM
9 JunEU Prepares for Transnational Cyberattacks - BankInfoSecuritysubmitted by kid to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.in/eu-prepares-for-transnational-cyberattacks-a-28613SH.ITJUST.WORKS
9 JunTax resolution firm Optima Tax Relief hit by ransomware, data leakedsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/tax-resolution-firm-optima-tax-relief-hit-by-ransomware-data-leaked/SH.ITJUST.WORKS
9 JunShared Intel Q&A: Can risk-informed patching finally align OT security with real-world threats?Cyber threats to the U.S. electric grid are mounting. Attackers—from nation-state actors to ransomware gangs—are growing more creative and persistent in probing utility networks and operational technology systems that underpin modern life. Related: The evolution of OT security An…LASTWATCHDOG.COM
9 JunMajor US grocery distributor warns of disruption after cyberattackUNFI, a grocery distributor for Whole Foods and others, warned of disruptions to customer orders after a cyberattack.TECHCRUNCH.COM
9 JunSensata Technologies says personal data stolen by ransomware gangSensata Technologies is warning former and current employees it suffered a data breach after concluding an investigation into an April ransomware attack. [...]BLEEPINGCOMPUTER.COM
9 JunWhat Happens When a Cyber Attack Hits an Ambulance? 🚨In the world of healthcare cybersecurity, it’s not just about protecting data — it’s about saving lives. Ed Gaudet explains how a cyber attack on an ambulance can turn personal in an instant. Imagine your loved one in critical condition, only for a hacked system to divert their r…YOUTUBE.COM
9 JunNew Report Reveals Chinese Hackers Attempted to Breach SentinelOne ServersSentinelLABS, a sophisticated reconnaissance operation targeting SentinelOne, a leading cybersecurity vendor, has been detailed as part of a broader espionage campaign linked to China-nexus threat actors. Tracked under the activity clusters PurpleHaze and ShadowPad, these operati…GBHACKERS.COM
9 JunGrocery wholesale giant United Natural Foods hit by cyberattacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/grocery-wholesale-giant-united-natural-foods-hit-by-cyberattack/SH.ITJUST.WORKS
9 JunParagon says it canceled contracts with Italy over government’s refusal to investigate spyware attack on journalistThe Italian government claims that accepting Paragon’s help would have compromised national security and classified information.TECHCRUNCH.COM
9 JunSentinelOne shares new details on China-linked breach attemptSentinelOne has shared more details on an attempted supply chain attack by Chinese hackers through an IT services and logistics firm that manages hardware logistics for the cybersecurity firm. [...]BLEEPINGCOMPUTER.COM
9 JunUS infrastructure could crumble under cyberattack, ex-NSA advisor warnssubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.theregister.com/2025/06/08/exnsc_official_not_sure_us/INFOSEC.PUB
🕵️ THREAT INTELLIGENCE 35[−]
9 JunISC Stormcast For Monday, June 9th, 2025 https://isc.sans.edu/podcastdetail/9484, (Mon, Jun 9th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
9 JunOld AT&T data leak repackaged to link SSNs, DOBs to 49M phone numberssubmitted by cm0002 to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/old-atandt-data-leak-repackaged-to-link-ssns-dobs-to-49m-phone-numbers/INFOSEC.PUB
9 JunKimsuky Strikes Again – Coordinated Attacks Target Facebook, Email, and TelegramA recent investigation by Genians Security Center (GSC) has uncovered a highly sophisticated, multi-channel cyber espionage campaign attributed to the North Korea-aligned advanced persistent threat (APT) group known as Kimsuky. Between March and April 2025, the group leveraged Fa…GBHACKERS.COM
9 JunKali GPT-Revolutionizing Penetration Testing with AI on Kali LinuxIn the rapidly shifting digital world, cybersecurity professionals are constantly seeking innovative tools that not only streamline workflows but also empower users with deeper insights and automation. Enter Kali GPT—a groundbreaking AI assistant tailored specifically for the Kal…GBHACKERS.COM
9 JunOpenAI Bans ChatGPT Accounts Used by Russian, Iranian and Chinese Hacker GroupsOpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese nation-state hacking groups to assist with malware development, social media automation, and research about U.S. satellite communications techn…THEHACKERNEWS.COM
9 JunHelloTDS Malware Spread via FakeCaptcha Infrastructure Infects Millions of DevicesIn a Gen Threat Labs, a complex Traffic Direction System (TDS) dubbed “HelloTDS” has been uncovered, orchestrating the delivery of FakeCaptcha and other malicious campaigns to millions of users worldwide. This elaborate infrastructure employs advanced fingerprinting t…GBHACKERS.COM
9 JunMalicious npm Utility Packages Enable Attackers to Wipe Production SystemsSocket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems. Published under the npm alia…GBHACKERS.COM
9 JunAustralian Naval Operations Accidentally Jam New Zealand’s Internet and RadioResidents and businesses across New Zealand’s North and South Islands experienced an unexpected and widespread interruption to wireless internet and radio services. The cause was traced to HMAS Canberra, the Royal Australian Navy’s largest warship, as it navigated the Cook Strait…GBHACKERS.COM
9 JunNigerian Involved in Hacking US Tax Preparation Firms Sentenced to PrisonKingsley Uchelue Utulu has been sentenced to more than 5 years in prison for his role in a scheme that involved hacking, fraud and identity theft. The post Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison appeared first on SecurityWeek .SECURITYWEEK.COM
9 JunUS Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT WorkersThe US is seeking the forfeiture of $7.74 million in cryptocurrency in frozen wallets tied to North Korean fake IT workers schemes. The post US Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT Workers appeared first on SecurityWeek .SECURITYWEEK.COM
9 JunNew Way to Track Covertly Android UsersResearchers have discovered a new way to covertly track Android users. Both Meta and Yandex were using it, but have suddenly stopped now that they have been caught. The details are interesting, and worth reading in detail: >Tracking code that Meta and Russia-based Yandex embe…SCHNEIER.COM
9 JunLibrarian Ghouls carry out attacks with data theft and crypto miner deploymentsubmitted by Pro to cybersecurity 3 points | 1 comments https://securelist.com/librarian-ghouls-apt-wakes-up-computers-to-steal-data-and-mine-crypto/116536/INFOSEC.PUB
9 JuniMessage Zero-Click Attacks Suspected in Targeting of High-Value EU, US IndividualsiVerify links iPhone crashes to sophisticated zero-click attacks via iMessage targeting individuals involved in politics in the EU and US. The post iMessage Zero-Click Attacks Suspected in Targeting of High-Value EU, US Individuals appeared first on SecurityWeek .SECURITYWEEK.COM
9 JunMalware found in NPM packages with 1 million weekly downloadssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/supply-chain-attack-hits-gluestack-npm-packages-with-960k-weekly-downloads/SH.ITJUST.WORKS
9 JunOver 20 Malicious Apps on Google Play Target Users for Seed Phrasessubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/malicious-apps-google-play-users-for-seed-phrases/SH.ITJUST.WORKS
9 JunChinese Hackers Infiltrated U.S. Telecom Networks a Year Earlier Than Previously Knownsubmitted by kid to cybersecurity 1 points | 0 comments https://www.apextechservices.com/topics/articles/462296-chinese-hackers-infiltrated-us-telecom-networks-year-earlier.htmSH.ITJUST.WORKS
9 JunOperation DRAGONCLONE: Chinese Telecom Targeted by VELETRIX & VShell Malwaresubmitted by kid to cybersecurity 1 points | 0 comments https://www.seqrite.com/blog/operation-dragonclone-chinese-telecom-veletrix-vshell-malware/SH.ITJUST.WORKS
9 JunSeraphic Security UnveilsBrowserTotal™ – Free AI-PoweredBrowser Security Assessment For EnterprisesTel Aviv, Israel, June 9th, 2025, CyberNewsWire Available to the public and debuting at the Gartner Security & Risk Management Summit,BrowserTotal is a first of its kind browser security assessment tool conducting more than 120tests to provide posture standing, emerging threa…GBHACKERS.COM
9 JunMalicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe SystemsTwo malicious NPM packages contain code that would delete production systems when triggered with the right credentials. The post Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems appeared first on SecurityWeek .SECURITYWEEK.COM
9 JunReact Native Aria Packages Backdoored in Supply Chain AttackA threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack. The post React Native Aria Packages Backdoored in Supply Chain Attack appeared first on SecurityWeek .SECURITYWEEK.COM
9 JunNew Blitz Malware Targets Windows Servers to Deploy Monero MinerA new Windows-based malware named Blitz has been identified in 2024, with an updated version detected in early 2025. This malware, actively developed and distributed through deceptive game cheats, poses a significant threat by deploying a Monero cryptocurrency miner alongside inf…GBHACKERS.COM
9 JunGuardz Banks $56M Series B for All-in-One SMB SecurityThe Israeli company said the Series B raise was led by ClearSky and included equity stakes for new backer Phoenix Financial. The post Guardz Banks $56M Series B for All-in-One SMB Security appeared first on SecurityWeek .SECURITYWEEK.COM
9 JunU.S. Targets $7.7M in Crypto Tied to North Korean IT Worker ScamOn June 5, 2025, the United States Department of Justice (DOJ) filed a verified civil forfeiture complaint in the US District Court for the District of Columbia, seeking to permanently seize over $7.7 million in cryptocurrency, non-fungible tokens (NFTs), and digital assets linke…GBHACKERS.COM
9 JunBitter Malware Employs Custom-Built Tools to Evade Detection in Advanced AttacksIn a recent research by Proofpoint and Threatray has unveiled the intricate and evolving malware arsenal of the Bitter group, also known as TA397, believed to be a state-backed actor aligned with the interests of the Indian government. Active since 2016, Bitter has transformed it…GBHACKERS.COM
9 JunOver 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage GroupThe reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets between July 2024 and March 2025. "The victimology includes a South Asian government entity, a European media organizati…THEHACKERNEWS.COM
9 JunNo One Checked the Firmware!? Seriously?When a piece of solar gear was found to contain cellular modems, it raised serious questions. But no one checked the firmware. No one verified what it was doing or if it even posed a real threat. In this clip, Paul dives into the reality of cybersecurity assumptions — just becaus…YOUTUBE.COM
9 JunNew DuplexSpy RAT Gives Attackers Full Control Over Windows Machinessubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/new-duplexspy-rat-gives-attackers/SH.ITJUST.WORKS
9 JunMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
9 JunBadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warnssubmitted by kid to cybersecurity 1 points | 0 comments https://securityaffairs.com/178789/malware/badbox-2-0-botnet-infects-millions-of-iot-devices-worldwide-fbi-warns.htmlSH.ITJUST.WORKS
9 JunChinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance CampaignAnti-malware vendor said it spent the past twelve months deflecting a stream of network reconnaissance probes from China-nexus threat actors The post Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
9 JunChinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’Foreign hackers have increasingly identified smartphones, other mobile devices and the apps they use as a weak link in U.S. cyberdefenses. The post Chinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’ appeared first on SecurityWeek .SECURITYWEEK.COM
9 JunSpear-Phishing Campaign Targets Financial ExecutivesResearchers at Trellix warn of a spear-phishing campaign that’s targeting CFOs around the world with phony employment offers.KNOWBE4.COM
9 JunNews alert: Seraphic launches BrowserTotal™ — a free AI-powered tool to stress test browser securityTel Aviv, Israel, June 9, 2025, CyberNewswire — Seraphic Security , a leader in enterprise browser security, today announced the launch of Browser Total , a unique and proprietary public service enabling enterprises to assess their browser security posture in … (more……LASTWATCHDOG.COM
9 JunSecuring AI Agent Innovation with Prisma AIRS MCP ServerPrisma AIRS MCP Server is now available for public preview via PyPI/Github sample code. The new component of the platform helps customers secure AI agents. The post Securing AI Agent Innovation with Prisma AIRS MCP Server appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
9 JunIs Lynis (audit tool) worth using in 2025?submitted by OhVenus_Baby to cybersecurity 1 points | 0 comments The tool Lynis is an auditing tool used to audit Unix systems. Is it still relevant? Worth using? It used to be fairly widely used years ago. Is it still worth its salt or are there other better options? Do you guys…SH.ITJUST.WORKS
📡 INFOSEC NEWS 5[−]
9 JunGoogle fixes bug that could reveal users’ private phone numbersThe bug allowed a researcher to uncover recovery phone numbers of nearly any Google account.TECHCRUNCH.COM
9 JunAdrian Sanabria’s Honest Reaction to MITRE Ingenuity Evaluations 😲Adrian Sanabria couldn't believe the full name of the MITRE Ingenuity ATT&CK Enterprise Evaluations — and honestly, who would? 😅 Allie Mellen (@hackerxbella) explains how these evaluations have evolved over the years, starting with enterprise security tools and now expanding …YOUTUBE.COM
9 JunLinux Foundation unveils decentralized WordPress plugin managerA collective of former WordPress developers and contributors backed by the Linux Foundation has launched the FAIR Package Manager, a new and independent distribution system for trusted WordPress plugins and themes. [...]BLEEPINGCOMPUTER.COM
9 JunStolen Ticketmaster data from Snowflake attacks briefly for sale againThe Arkana Security extortion gang briefly listed over the weekend what appeared to be newly stolen Ticketmaster data but is instead the data stolen during the 2024 Snowflake data theft attacks. [...]BLEEPINGCOMPUTER.COM
9 JunKeeping Pace and Embracing Emerging TechnologiesTrend Micro and the NEOM McLaren Formula E Team stay ahead of the curve by embracing new technologies, fostering a no-blame culture, and making split-second decisions in high-stakes environments.TRENDMICRO.COM