matlock.ca // THREAT INTELLIGENCE

104Articles

9Categories

2025-06-12Date

🚨

Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software ProviderSummary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing soft…

KEVCISA.GOV — 12 Jun 2025

🚨

CISA Releases Cybersecurity Advisory on SimpleHelp RMM VulnerabilityToday, CISA released Cybersecurity Advisory: Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider . This advisory is in response to ransomware actors targeting customers of a utility billing software provi…

KEVCISA.GOV — Thu, 12 Jun 25 1

🐛

0-Click Vulnerability in Microsoft 365 Copilot Exposes Sensitive Data via Teams

GBHACKERS.COM — 12 Jun 2025

🐛

Windows SMB Client Zero-Day Vulnerability Exploited via Reflective Kerberos Relay Attack

GBHACKERS.COM — 12 Jun 2025

🐛

‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot

SECURITYWEEK.COM — 12 Jun 2025

🐛

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

THEHACKERNEWS.COM — 12 Jun 2025

🐛

Trend Micro Apex One Zero-Day Vulnerability Enables Attackers to Inject Malicious Code

GBHACKERS.COM — 12 Jun 2025

🐛

Command Injection Flaw in Palo Alto PAN-OS Allows Root-Level Code Execution

GBHACKERS.COM — 12 Jun 2025

🐛

Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted

INFOSEC.PUB — 12 Jun 2025

🐛

Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted

SH.ITJUST.WORKS — 12 Jun 2025

🐛

Privilege Escalation in PAN-OS Web Interface Allows Admin Users to Perform Root Actions

GBHACKERS.COM — 12 Jun 2025

🐛

First-ever zero-click attack targets Microsoft 365 Copilot

CSOONLINE.COM — 12 Jun 2025

🐛

Unpatched holes could allow takeover of GitLab accounts

CSOONLINE.COM — 12 Jun 2025

🐛

OpenPGP.js Vulnerability Allows Attackers to Bypass Message Signature Verification

GBHACKERS.COM — 12 Jun 2025

⚠️

Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool

THEHACKERNEWS.COM — 12 Jun 2025

⚠️

Nytheon AI Tool Gaining Traction on Hacking Forums for Malicious Activities

GBHACKERS.COM — 12 Jun 2025

⚠️

Smaller organizations nearing cybersecurity breaking point

CSOONLINE.COM — 12 Jun 2025

⚠️

Russian hybrid warfare: Ukraine's success offers lessons for Europe

INFOSEC.PUB — 12 Jun 2025

⚠️

Russian hybrid warfare: Ukraine's success offers lessons for Europe

SH.ITJUST.WORKS — 12 Jun 2025

⚠️

Palo Alto Networks Patches Privilege Escalation Vulnerabilities

SECURITYWEEK.COM — 12 Jun 2025

⚠️

ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

THEHACKERNEWS.COM — 12 Jun 2025

⚠️

New Campaign Targets Entra ID User Accounts Using Pentesting Tool for Account Takeover

GBHACKERS.COM — 12 Jun 2025

⚠️

Fog ransomware attack uses unusual mix of legitimate and open-source tools

BLEEPINGCOMPUTER.COM — 12 Jun 2025

⚠️

The ZTNA Blind Spot: Why Unmanaged Devices Threaten Your Hybrid Workforce

SECURITYWEEK.COM — 12 Jun 2025

⚠️

Cybercriminals Advertise Advanced MaaS Botnet with Blockchain C2 on Hacking Forums

GBHACKERS.COM — 12 Jun 2025

⚠️

FIN6 exploits HR workflows to breach corporate defenses

CSOONLINE.COM — 12 Jun 2025

⚠️

Weekly Update 456

TROYHUNT.COM — 12 Jun 2025

⚠️

Phishing sites posing as DeepSeek downloads drop a proxy backdoor

CSOONLINE.COM — 12 Jun 2025

⚠️

OWASP Nettacker: Open-source scanner for recon and vulnerability assessment - Help Net Security

SH.ITJUST.WORKS — 12 Jun 2025

⚠️

Stealth Falcon APT Exploits Microsoft RCE Zero-Day

SH.ITJUST.WORKS — 12 Jun 2025

⚠️

Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution

SH.ITJUST.WORKS — 12 Jun 2025

⚠️

The Impact of Artificial Intelligence on the Cybersecurity Workforce

NIST.GOV — 12 Jun 2025

⚠️

CSO Awards 2025 showcase world-class security strategies

CSOONLINE.COM — 12 Jun 2025

⚠️

How a 2015 Cyberattack Led to Hacking the Pentagon

YOUTUBE.COM — 2025-06-12

⚠️

The Citizen Lab: Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted

INFOSEC.PUB — 12 Jun 2025

⚠️

The Easiest Way to Upgrade Enterprise Linux! 🔥

YOUTUBE.COM — 2025-06-12

⚠️

CISA Releases Ten Industrial Control Systems Advisories

CISA.GOV — Thu, 12 Jun 25 1

⚠️

From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery

INFOSEC.PUB — 12 Jun 2025

⚠️

From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery

SH.ITJUST.WORKS — 12 Jun 2025

⚠️

OneLogin AD Connector Vulnerabilities Expose Authentication Credentials

GBHACKERS.COM — 12 Jun 2025

⚠️

Apple fixes new iPhone zero-day bug used in Paragon spyware hacks

TECHCRUNCH.COM — 12 Jun 2025

⚠️

See How We’re Fortifying Cloud and AI at AWS re:Inforce 2025

PALOALTONETWORKS.COM — 12 Jun 2025

⚠️

Threat Actors Exploit DeepSeek-R1 Popularity to Target Windows Device Users

GBHACKERS.COM — 12 Jun 2025

⚠️

Trend Micro fixes critical vulnerabilities in multiple products

BLEEPINGCOMPUTER.COM — 12 Jun 2025

⚠️

Cybercriminals Exploiting Expired Discord Invite Links to Deploy Multi-Stage Malware

GBHACKERS.COM — 12 Jun 2025

⚠️

UEFI Vulnerabilities Galore - PSW #878

YOUTUBE.COM — 2025-06-12

⚠️

Malware attack disguises itself as DeepSeek installer

GRAHAMCLULEY.COM — 12 Jun 2025

📋

GitLab patches high severity account takeover, missing auth issues

BLEEPINGCOMPUTER.COM — 12 Jun 2025

📋

Microsoft Resolves Windows Server 2025 Restart Bug Disrupting Active Directory Connectivity

GBHACKERS.COM — 12 Jun 2025

📋

Multiple GitLab Vulnerabilities Expose Users to Complete Account Takeover Risks

GBHACKERS.COM — 12 Jun 2025

📢

CISA Issues Comprehensive Guide to Safeguard Network Edge Devices

GBHACKERS.COM — 12 Jun 2025

📢

NIST touts 19 ways to build "off the shelf" Zero Trust Architecture in new guidance | Cybernews

SH.ITJUST.WORKS — 12 Jun 2025

📢

[Control systems] Siemens security advisory (AV25-341)

CYBER.GC.CA — 2025-06-12

📢

GitLab security advisory (AV25-342)

CYBER.GC.CA — 2025-06-12

📢

Sweden says it is under cyber attack

GRAHAMCLULEY.COM — 12 Jun 2025

🔥

With Retail Cyberattacks on the Rise, Customers Find Orders Blocked and Shelves Empty

SECURITYWEEK.COM — 12 Jun 2025

🔥

Empty shelves after US’s largest natural and organic food distributor suffers cyber attack

BITDEFENDER.COM — 12 Jun 2025

🔥

Unternehmen wiegen sich in falscher Sicherheit

CSOONLINE.COM — 12 Jun 2025

🔥

Surge in Cyberattacks Targeting Journalists: Cloudflare

SECURITYWEEK.COM — 12 Jun 2025

🔥

Researchers confirm two journalists were hacked with Paragon spyware

TECHCRUNCH.COM — 12 Jun 2025

🔥

New ‘SmartAttack’ Steals Air-Gapped Data Using Smartwatches

SECURITYWEEK.COM — 12 Jun 2025

🔥

Erie Insurance confirms cyberattack behind business disruptions

SH.ITJUST.WORKS — 12 Jun 2025

🔥

137,000 SoftBank Customers Affected by Data Leak from Third-Party Vendor

GBHACKERS.COM — 12 Jun 2025

🔥

Cyber resilience begins before the crisis

MICROSOFT.COM — 12 Jun 2025

🕵️

Nominations now open for the CSO30 ASEAN Awards 2025

CSOONLINE.COM — 12 Jun 2025

🕵️

ISC Stormcast For Thursday, June 12th, 2025 https://isc.sans.edu/podcastdetail/9490, (Thu, Jun 12th)

ISC.SANS.EDU — 12 Jun 2025

🕵️

20,000 malicious IPs and domains taken down in INTERPOL infostealer crackdown

INFOSEC.PUB — 12 Jun 2025

🕵️

20,000 malicious IPs and domains taken down in INTERPOL infostealer crackdown

SH.ITJUST.WORKS — 12 Jun 2025

🕵️

Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified

SECURITYWEEK.COM — 12 Jun 2025

🕵️

Hackers Launch Coordinated Attack on Apache Tomcat Manager from 400 Unique IPs

GBHACKERS.COM — 12 Jun 2025

🕵️

SHARED INTEL Q&A: A sharper lens on rising API logic abuse — and a framework to fight back

LASTWATCHDOG.COM — 12 Jun 2025

🕵️

New Campaign Targets Entra ID User Accounts Using Pentesting Tool for Account Takeover

SH.ITJUST.WORKS — 12 Jun 2025

🕵️

Hirundo Raises $8 Million to Eliminate AI’s Bad Behavior

SECURITYWEEK.COM — 12 Jun 2025

🕵️

SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords

SH.ITJUST.WORKS — 12 Jun 2025

🕵️

Global analysis of Adversary-in-the-Middle phishing threats - Sekoia.io Blog

SH.ITJUST.WORKS — 12 Jun 2025

🕵️

GitLab patches high severity account takeover, missing auth issues

SH.ITJUST.WORKS — 12 Jun 2025

🕵️

Deepfakes and the AI Battle Between Generation and Detection

SECURITYWEEK.COM — 12 Jun 2025

🕵️

Automated Tools to Assist with DShield Honeypot Investigations [Guest Diary], (Wed, Jun 11th)

ISC.SANS.EDU — 12 Jun 2025

🕵️

How to Recognize Fraudulent North Korean Job Applicants

KNOWBE4.COM — 12 Jun 2025

🕵️

How a Fake Cybersecurity Firm Became a Real Threat

KNOWBE4.COM — 12 Jun 2025

🕵️

2025 CSO Hall of Fame honorees

CSOONLINE.COM — 12 Jun 2025

🕵️

Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones

SECURITYWEEK.COM — 12 Jun 2025

🕵️

Airlines Secretly Selling Passenger Data to the Government

SCHNEIER.COM — 2025-06-12

🕵️

Threat Actors Using Bat Files to Deploy Quasar RAT

GBHACKERS.COM — 12 Jun 2025

🕵️

New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes

SH.ITJUST.WORKS — 12 Jun 2025

🕵️

Major infostealer network taken down in Interpol raid

CSOONLINE.COM — 12 Jun 2025

🕵️

AitM Phishing Attacks on Microsoft 365 and Google Aimed at Stealing Login Credentials

GBHACKERS.COM — 12 Jun 2025

🕵️

Windows Defender Bypass Using PowerShell and Registry Edits in CyberEYE RAT

GBHACKERS.COM — 12 Jun 2025

🕵️

WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network

THEHACKERNEWS.COM — 12 Jun 2025

🕵️

Goodbye Developers? Hello AI Agents…

YOUTUBE.COM — 2025-06-12

🕵️

Inside a Dark Adtech Empire Fed by Fake CAPTCHAs

KREBSONSECURITY.COM — 12 Jun 2025

🕵️

How She Trains Developers to Outsmart Hackers ⚔️

YOUTUBE.COM — 2025-06-12

🕵️

Internet cut affects Google Cloud and impacts services worldwide

SH.ITJUST.WORKS — 12 Jun 2025

🕵️

Don’t Click “Unsubscribe” links blindly It May Leads to Loss of Credentials

GBHACKERS.COM — 12 Jun 2025

🌐

Graphite spyware used in Apple iOS zero-click attacks on journalists

BLEEPINGCOMPUTER.COM — 12 Jun 2025

📡

Windows 11 24H2 emergency update fixes Easy Anti-Cheat BSOD issue

BLEEPINGCOMPUTER.COM — 12 Jun 2025

📡

Non-Human Identities: How to Address the Expanding Security Risk

THEHACKERNEWS.COM — 12 Jun 2025

📡

AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar

THEHACKERNEWS.COM — 12 Jun 2025

📡

Microsoft Edge now offers secure password deployment for businesses

BLEEPINGCOMPUTER.COM — 12 Jun 2025

📡

New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes

THEHACKERNEWS.COM — 12 Jun 2025

📡

Password-spraying attacks target 80,000 Microsoft Entra ID accounts

BLEEPINGCOMPUTER.COM — 12 Jun 2025

📡

Google Cloud and Cloudflare hit by widespread service outages

BLEEPINGCOMPUTER.COM — 12 Jun 2025

📡

F5 Labs Top CWEs & OWASP Top Ten Analysis

F5.COM — 12 Jun 2025

📡

F5 Labs Top CWEs & OWASP Top Ten Analysis

F5.COM — 12 Jun 2025