112Articles
8Categories
2025-06-17Date
🚨 CISA KEV 2[−]
17 Jun KEVU.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalogsubmitted by kid to cybersecurity 3 points | 0 comments https://securityaffairs.com/179086/security/u-s-cisa-adds-apple-products-and-tp-link-routers-flaws-to-its-known-exploited-vulnerabilities-catalog.htmlSH.ITJUST.WORKS
17 Jun KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.    CVE-2023-0386 Linux Kernel Improper Ownership Management Vulnerability  These types of vulnerabilities are frequent attack vecto…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 11[−]
17 JunZyxel Devices Under Attack as Hackers Exploit UDP Port RCE FlawA sudden and highly coordinated wave of cyberattacks has struck Zyxel firewall and VPN devices worldwide, as hackers exploit a critical remote code execution (RCE) vulnerability tracked as CVE-2023-28771. The attacks, observed on June 16, 2025, leveraged UDP port 500—the Internet…GBHACKERS.COM
17 Jun KEVHackers Weaponize Langflow Vulnerability to Launch Flodrix BotnetA critical security flaw in Langflow, a widely adopted Python-based AI prototyping framework, is being actively exploited by cybercriminals to deploy the rapidly evolving Flodrix botnet. Security researchers have confirmed that attackers are exploiting CVE-2025-3248, a remote cod…GBHACKERS.COM
17 Jun KEVCISA Alerts: iOS Zero‑Click Flaw Actively ExploitedThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert following the discovery and active exploitation of a critical zero-click vulnerability in Apple’s ecosystem, tracked as CVE-2025-43200. This flaw, now patched, enabled attackers to c…GBHACKERS.COM
17 JunRecent Langflow Vulnerability Exploited by Flodrix BotnetA critical Langflow vulnerability tracked as CVE-2025-3248 has been exploited to ensnare devices in the Flodrix botnet. The post Recent Langflow Vulnerability Exploited by Flodrix Botnet appeared first on SecurityWeek .SECURITYWEEK.COM
17 Jun KEVHackers Exploiting Chrome Zero‑Day Vulnerability in the WildA newly discovered zero-day vulnerability in Google Chrome, tracked as CVE-2025-2783, is being actively exploited by hackers in sophisticated cyber-espionage campaigns. Security researchers have observed a surge in targeted attacks leveraging this flaw, with attribution pointing …GBHACKERS.COM
17 Jun KEVTP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate AlertThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.  The vulnerability in question is CVE-2023…THEHACKERNEWS.COM
17 JunCritical sslh Vulnerabilities Allow Remote Denial-of-Service AttacksSecurity researchers disclosed two critical vulnerabilities in sslh, a widely used protocol multiplexer that enables multiple services—such as SSH, HTTPS, and OpenVPN—to share a single network port. These flaws, tracked as CVE-2025-46807 and CVE-2025-46806, could allow remote att…GBHACKERS.COM
17 JunASUS Armoury Crate Vulnerability Lets Hackers Gain System-Level Access on WindowsA critical vulnerability in ASUS’s popular Armoury Crate software has exposed millions of Windows users to the risk of system-level compromise, according to a recent disclosure by Cisco Talos and confirmed by ASUS. The flaw, tracked as CVE-2025-3464, allows attackers to bypass se…GBHACKERS.COM
17 JunSicherheitsrisiko bei Salesforce Industry CloudDie Salesforce Industry Cloud ist mit Konfigurationsrisiken behaftet. Sundry Photography – shutterstock.com Die vertikal ausgerichtete Lösungssuite Salesforce Industry Cloud umfasst eine Low-Code-Plattform, die vorgefertigte Tools für die digitale Transformation für bestimmte Bra…CSOONLINE.COM
17 JunBeyondTrust Tools RCE Vulnerability Allows Attackers Execute Arbitrary CodeA newly disclosed vulnerability in BeyondTrust’s Remote Support (RS) and Privileged Remote Access (PRA) products has raised alarms across the cybersecurity community. The flaw, tracked as CVE-2025-5309 and detailed in advisory BT25-04, allows attackers to execute arbitrary code o…GBHACKERS.COM
17 Jun KEVCritical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix BotnetThis blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data.TRENDMICRO.COM
⚠️ VULNERABILITY DISCLOSURE 41[−]
17 JunApache Tomcat Flaws Allow Auth Bypass and DoS AttacksThe Apache Software Foundation has released critical security updates to address four newly discovered vulnerabilities in Apache Tomcat, one of the world’s most widely used open-source Java servlet containers.  These flaws, affecting Tomcat versions 9.0, 10.1, and 11.0, expo…GBHACKERS.COM
17 JunDeerStealer Malware Deployed Through Exploitation of Windows Run Prompt by Threat ActorsThe eSentire’s Threat Response Unit (TRU) has uncovered a series of malicious campaigns throughout May 2025, where threat actors have been deploying the DeerStealer malware, also known as XFiles Spyware, using the HijackLoader malware loader. This sophisticated information …GBHACKERS.COM
17 Jun8 tips for mastering multicloud securityA growing number of enterprises are adopting multicloud strategies, enabling them to run workloads in the most appropriate locations without adding unnecessary complexity. But there’s a catch. Multicloud environments may also expose security weaknesses, which can quickly negate m…CSOONLINE.COM
17 JunKrimineller Online-Marktplatz abgeschaltetAuf der Darknet-Plattform “Archetyp Market” ist jetzt ein Sicherheitsbanner der Ermittlungsbehörden zu sehen. BKA “Archetyp Market” zählt zu den ältesten Handelsplattformen für Kriminelle im Darknet, über die Drogen wie Heroin, Kokain und Fentanyl verkauft wurden. Wie das Bundesk…CSOONLINE.COM
17 JunAndroid Devices Under Siege: How Threat Actors Abuse OEM Permissions for Privilege EscalationThreat actors are increasingly exploiting legitimate channels to achieve privilege escalation, posing a severe risk to millions of devices worldwide. While conventional exploits remain a concern, a more insidious danger emerges from applications gaining excessive system access th…GBHACKERS.COM
17 JunOperation 999: Ransomware tabletop tests cyber execs’ responseRansomware tabletop exercises confront participants with an attack scenario, offering them a way to test and improve their organization’s readiness and response capabilities. During this month’s Infosecurity Europe conference, CSO took part as a media advisor to a blue team, pitc…CSOONLINE.COM
17 JunThreat Modeling With Good Questions and Without Checklists - Farshad Abasi - ASW #335What makes a threat modeling process effective? Do you need a long list of threat actors? Do you need a long list of terms? What about a short list like STRIDE? Has an effective process ever come out of a list? Farshad Abasi joins our discussion as we explain why the answer to mo…YOUTUBE.COM
17 JunAsus Armoury Crate Vulnerability Leads to Full System CompromiseA high-severity authorization bypass vulnerability in Asus Armoury Crate provides attackers with low-level system privileges. The post Asus Armoury Crate Vulnerability Leads to Full System Compromise appeared first on SecurityWeek .SECURITYWEEK.COM
17 JunNew Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS AttacksCybersecurity researchers have called attention to a new campaign that's actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. "Attackers use the vulnerability to execute downloader scripts on compromised Langflow serve…THEHACKERNEWS.COM
17 JunWater Curse Hacker Group Uses 76 GitHub Accounts to Spread Multistage MalwareA newly identified threat actor known as Water Curse has been linked to a sprawling campaign utilizing at least 76 GitHub accounts to distribute weaponized repositories packed with multistage malware. This financially motivated group leverages the inherent trust in open-source pl…GBHACKERS.COM
17 Jun KEVOrganizations Warned of Vulnerability Exploited Against Discontinued TP-Link RoutersCISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild. The post Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers appeared first on SecurityWeek .SECURITYWEEK.COM
17 JunWhere AI Provides ValueIf you’ve worried that AI might take your job, deprive you of your livelihood, or maybe even replace your role in society, it probably feels good to see the latest AI tools fail spectacularly. If AI recommends glue as a pizza topping , then you’re safe for another day…SCHNEIER.COM
17 JunPyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environmentssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/06/malicious-pypi-package-masquerades-as.htmlSH.ITJUST.WORKS
17 JunHard-Coded 'b' Password in Sitecore XP Sparks Major RCE Risk in Enterprise DeploymentsCybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution. Sitecore Experience Platform is an enterprise-oriented software that provides users with tools …THEHACKERNEWS.COM
17 JunHackers Manipulate Search Engines to Push Malicious SitesA new wave of cybercrime is exploiting the very backbone of internet trust: search engines. Recent research by Netcraft has exposed a sophisticated and organized SEO poisoning operation, where hackers manipulate search engine algorithms to push malicious websites to the top of se…GBHACKERS.COM
17 JunNew Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/06/new-flodrix-botnet-variant-exploits.htmlSH.ITJUST.WORKS
17 JunMalicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secretsA malicious Python package posing as a harmless add-on for the Chimera sandbox environment, an integrated machine learning experimentation and development tool, is helping threat actors steal sensitive corporate credentials. According to new research findings from software supply…CSOONLINE.COM
17 JunPhishing goes prime time: Hackers use trusted sites to hijack search rankingsCybercriminals are exploiting a black-market search engine optimization (SEO) platform called Hacklink to hijack search engine results and promote phishing and other unscrupulous sites. According to a Netcraft research, the clandestine marketplace allows scammers to purchase acce…CSOONLINE.COM
17 JunCritical Vulnerabilities in Sitecore Could Lead to Widespread Enterprise AttacksA series of newly disclosed critical vulnerabilities in the Sitecore Experience Platform (XP) have raised alarm across the enterprise technology sector, with security researchers warning that unpatched systems could be exposed to devastating remote code execution (RCE) attacks. S…GBHACKERS.COM
17 JunZyxel Firewall Vulnerability Again in Attacker CrosshairsGreyNoise warns of a spike in exploitation attempts targeting a two-year-old vulnerability in Zyxel firewalls. The post Zyxel Firewall Vulnerability Again in Attacker Crosshairs appeared first on SecurityWeek .SECURITYWEEK.COM
17 JunHacker steals 1 million Cock.li user records in webmail data breachEmail hosting provider Cock.li has confirmed it suffered a data breach after threat actors exploited flaws in its now-retired Roundcube webmail platform to steal over a million user records. [...]BLEEPINGCOMPUTER.COM
17 JunSecurity, risk and compliance in the world of AI agentsAI agents are rapidly becoming foundational to enterprise operations. Whether triaging service tickets, automating policy enforcement, customizing user experiences or managing regulatory documentation, AI agents are no longer confined to experimental labs or innovation sandboxes.…CSOONLINE.COM
17 JunTwo Factor Insecurity: How Google, Amazon, Meta and thousands of other companies leave customers vulnerable over one-time codes to save time and moneysubmitted by randomname to cybersecurity 2 points | 0 comments https://www.lighthousereports.com/investigation/two-factor-insecurity Archived version Across the world, phone networks carry billions of passwords and login codes on a daily basis. Tech companies need to keep their s…INFOSEC.PUB
17 JunTwo Factor Insecurity: How Google, Amazon, Meta and thousands of other companies leave customers vulnerable over one-time codes to save time and moneysubmitted by randomname to cybersecurity 3 points | 0 comments https://www.lighthousereports.com/investigation/two-factor-insecurity cross-posted from: scribe.disroot.org/post/3159641 Archived version Across the world, phone networks carry billions of passwords and login codes on…SH.ITJUST.WORKS
17 JunSitecore CMS exploit chain starts with hardcoded 'b' passwordA chain of Sitecore Experience Platform (XP) vulnerabilities allows attackers to perform remote code execution (RCE) without authentication to breach and hijack servers. [...]BLEEPINGCOMPUTER.COM
17 JunKubernetes Runs the Internet... But Some Still Don't Trust Open Source?Did you know Kubernetes powers some of the biggest platforms on the internet — including AWS — yet some companies are still hesitant about open source? 🤯 In this clip, cybersecurity experts react to the surprising reality that many organizations don't even realize how deeply open…YOUTUBE.COM
17 JunNew Veeam RCE flaw lets domain users hack backup servers​Veeam has released security updates today to fix several Veeam Backup & Replication (VBR) flaws, including a critical remote code execution (RCE) vulnerability. [...]BLEEPINGCOMPUTER.COM
17 JunXDSpy Threat Actors Exploit Windows LNK Zero-Day Vulnerability to Target Windows System UsersThe XDSpy threat actor has been identified as exploiting a Windows LNK zero-day vulnerability, dubbed ZDI-CAN-25373, to target governmental entities in Eastern Europe and Russia. This ongoing campaign, active since March 2025, employs an intricate multi-stage infection chain to d…GBHACKERS.COM
17 JunNew Veeam RCE flaw lets domain users hack backup serverssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/new-veeam-rce-flaw-lets-domain-users-hack-backup-servers/SH.ITJUST.WORKS
17 JunCISA Releases Five Industrial Control Systems AdvisoriesCISA released five Industrial Control Systems (ICS) advisories on June 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-168-01 Siemens Mendix Studio Pro ICSA-25-168-02 LS Electric GMWin 4 I…CISA.GOV
17 JunHow Social Pressure Silently Controls Cybersecurity DecisionsWhy do cybersecurity pros rarely break builds? It’s not always about technical safeguards — sometimes, social pressure is the strongest force in the room. In this clip, Tanya Janca reveals how she went from breaking builds for fun to realizing why most companies avoid it. The rea…YOUTUBE.COM
17 JunLangSmith Bug Could Expose OpenAI Keys and User Data via Malicious AgentsCybersecurity researchers have disclosed a now-patched security flaw in LangChain's LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts. The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been c…THEHACKERNEWS.COM
17 JunNew Chaos RAT Variants Targeting Windows and Linux Systems to Steal Sensitive DataThe Acronis Threat Research Unit has identified new variants of Chaos RAT, a remote administration tool (RAT) that has evolved from an open-source project first observed in 2022 into a formidable multi-platform malware. These latest iterations of Chaos RAT are now targeting both …GBHACKERS.COM
17 JunYour Favorite Command Line Tool Just Turned 27! 🎉🚀 Your Favorite Command Line Tool Just Turned 27! 🎉 Curl, the powerhouse behind countless cybersecurity and development tasks, is celebrating 27 years! 🎂💻 Originally renamed on March 20, 1998, this essential tool has become the backbone of the internet, used by hackers, developer…YOUTUBE.COM
17 JunBusKill Warrant Canary 2025-2026submitted by buskill to cybersecurity 1 points | 0 comments https://www.buskill.in/canary-010/ This post contains a canary message that’s cryptographically signed by the official BusKill PGP release key The BusKill project just published their Warrant Canary #010 -----BEGIN PGP S…INFOSEC.PUB
17 JunWhy Enterprise Linux Updates Are a Nightmare 😱Enterprise Linux users have been facing a major challenge—seamless in-place upgrades were never an option! Unlike Ubuntu, which allows easy version upgrades without migration, Enterprise Linux users had to rely on costly solutions from Red Hat. 🔥 In this short, discover why upgra…YOUTUBE.COM
17 JunNew ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy HackResearchers identify a previously unknown ClickFix variant exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer via a compromised travel site. The post New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack appeared first on Security…SECURITYWEEK.COM
17 JunMDEAutomator: Open-source endpoint management, incident response in MDEsubmitted by cm0002 to cybersecurity 2 points | 0 comments https://www.helpnetsecurity.com/2025/06/16/mdeautomator-open-source-automation-microsoft-defender-for-endpoint-mde/INFOSEC.PUB
17 JunMY TAKE: Microsoft owns AI jailbreak risk — Google, Meta, Amazon, OpenAI look the other wayLast week at Microsoft Build, Azure CTO Mark Russinovich made headlines by telling the truth. Related: A basis for AI optimism In a rare moment of public candor from a Big Tech executive, Russinovich warned that current AI architectures—particularly autoregressive … (more…)…LASTWATCHDOG.COM
17 JunDid Log4Shell Just Change Open Source Forever?The Log4Shell vulnerability was a wake-up call for the entire cybersecurity world. When a critical flaw in open-source software shook the internet, governments and security experts scrambled to respond. Former Senator Jack shares insights on how this exploit changed the conversat…YOUTUBE.COM
17 JunA Vulnerability in Grafana Could Allow for Arbitrary Code ExecutionA vulnerability exists in Grafana which could result in arbitrary code execution. Grafana is an open-source platform used for visualizing and analyzing time series data. It allows users to connect to various data sources, query and transform data, and create interactive dashboard…CISECURITY.ORG
📢 SECURITY ADVISORIES 4[−]
🔥 INCIDENT REPORTING 12[−]
17 JunGCHQ Intern Sentenced to 7 Years for Illegally Copying Secret Files to SmartphoneA former intern at the UK’s intelligence agency GCHQ has been sentenced to seven and a half years in prison after admitting to smuggling top secret data out of a secure facility using his mobile phone, in a breach described by prosecutors as a “flagrant violation” of national sec…GBHACKERS.COM
17 JunFreedman Healthcare hacked, database software used by 27 state public health departments | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/news/freedman-healthcare-ransomware-attack-data-27-state-public-health-departments/SH.ITJUST.WORKS
17 JunHackers claim attack on Scania, website down​ | Cybernewssubmitted by kid to cybersecurity 3 points | 0 comments https://cybernews.com/security/scania-insurance-data-breach-hackers/SH.ITJUST.WORKS
17 JunBackups Are Under Attack: How to Protect Your BackupsRansomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Today’s ransomware attacks initially target your last line of defense — your backup infrastructure. Before locking up your production environmen…THEHACKERNEWS.COM
17 JunWashington Post Staffer Emails Targeted in Cyber Breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/vulnerabilities-threats/washington-post-staffer-emails-targeted-cyber-breachSH.ITJUST.WORKS
17 JunUK watchdog fines 23andMe over 2023 data breachThe ICO said over 150,000 U.K. residents had data stolen in the breach.TECHCRUNCH.COM
17 JunUK fines 23andMe for ‘profoundly damaging’ breach exposing genetics dataThe UK Information Commissioner's Office (ICO) has fined genetic testing provider 23andMe £2.31 million ($3.12 million) over 'serious security failings' that led to a 'profoundly damaging' data breach in 2023. [...]BLEEPINGCOMPUTER.COM
17 JunHacker steals 1 million Cock.li user records in webmail data breachsubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/hacker-steals-1-million-cockli-user-records-in-webmail-data-breach/SH.ITJUST.WORKS
17 JunPro-Israel hacktivist group claims reponsibility for alleged Iranian bank hackThe apparent cyberattack comes as Israel and Iran engage in a days-long escalating military conflict.TECHCRUNCH.COM
17 JunScania confirms insurance claim data breach in extortion attemptAutomotive giant Scania confirmed it suffered a cybersecurity incident where threat actors used compromised credentials to breach its systems and steal insurance claim documents. [...]BLEEPINGCOMPUTER.COM
17 JunPhysical Security Over Firewalls? Here’s WhyMost cybersecurity pros obsess over digital defenses… but Mike Miller drops a truth bomb: physical security might matter more. 🔐 In this clip, he breaks down why security awareness training, badge access, port control, and camera surveillance are just as critical as any firewall …YOUTUBE.COM
17 JunInfecting insurance firms with ransomware… for dummiesIs it any wonder that ransomware gangs are targeting cyberinsurance companies? There is *so* much valuable data to steal, which can help them earn even more money from more victims.GRAHAMCLULEY.COM
🕵️ THREAT INTELLIGENCE 29[−]
17 JunISC Stormcast For Tuesday, June 17th, 2025 https://isc.sans.edu/podcastdetail/9496, (Tue, Jun 17th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
17 JunCyberbedrohung für Internet-User weiter auf RekordhochLaut einer Studie war rund ein Drittel der Internet-Anwender in den vergangenen zwölf Monaten von einem Phishing-Angriff betroffen. Summit Art Creations – Shutterstock.com Internet-Nutzer in Deutschland sind stärker als je zuvor von Cyberangriffen und Desinformationskampagnen bed…CSOONLINE.COM
17 Jun150K+ Users Affected by Malicious Loan Apps on iOS and Google PlayOver 150,000 users across Google Play and the Apple App Store have fallen victim to a malicious SpyLoan application named “RapiPlata,” which was identified in February 2025 by advanced detection engines. This app, posing as a legitimate financial service primarily tar…GBHACKERS.COM
17 JunHackers Use Fake Verification Prompt and Clickfix Technique to Deploy Fileless AsyncRATThreat actors are leveraging deceptive tactics to distribute a fileless variant of AsyncRAT, a notorious remote access Trojan. Discovered during routine attacker infrastructure analysis, this operation employs a fake verification prompt themed around the “Clickfix” te…GBHACKERS.COM
17 JunWhatsApp’s Status Tab Set to Feature Ads as Meta Monetizes PlatformWhatsApp, the world’s most popular messaging app, is entering a new era as Meta officially begins rolling out advertisements within its Updates tab—a move that marks the platform’s most significant shift in monetization since its inception. The announcement, made on June 16, sign…GBHACKERS.COM
17 JunCircumvent Raises $6 Million for Cloud Security PlatformCloud security startup Circumvent has raised $6 million to develop a network of agents for autonomous prioritization and remediation. The post Circumvent Raises $6 Million for Cloud Security Platform appeared first on SecurityWeek .SECURITYWEEK.COM
17 JunScattered Spider, fresh off retail sector attack spree, pivots to insurance industry | CyberScoopsubmitted by kid to cybersecurity 1 points | 0 comments https://cyberscoop.com/scattered-spider-pivot-insurance-industry/SH.ITJUST.WORKS
17 JunHackers switch to targeting U.S. insurance companiessubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/google-warns-scattered-spider-hackers-now-target-us-insurance-companies/SH.ITJUST.WORKS
17 JunUS Insurance Industry Warned of Scattered Spider AttacksGoogle is warning insurance companies that Scattered Spider appears to have shifted its focus from the retail sector. The post US Insurance Industry Warned of Scattered Spider Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
17 JunKali Linux 2025.2 released with 13 new tools, car hacking updatessubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/kali-linux-20252-released-with-13-new-tools-car-hacking-updates/SH.ITJUST.WORKS
17 JunGoogle Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance FirmsThe notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. and U.S. retailers has begun to target major insurance companies, according to Google Threat Intelligence Group (GTIG). "Google Threat Intelligence Group is now aware of mul…THEHACKERNEWS.COM
17 JunNew Sophisticated Multi-Stage Malware Campaign Weaponizes VBS Files to Execute PowerShell Scriptsubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/new-sophisticated-multi-stage-malware-campaign/SH.ITJUST.WORKS
17 JunApache Tomcat Flaws Allow Auth Bypass and DoS Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/apache-tomcat-flaws/SH.ITJUST.WORKS
17 JunKatz Stealer Enhances Credential Theft Capabilities with System Fingerprinting and Persistence Mechanismssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/katz-stealer-enhances-credential-theft-capabilities/SH.ITJUST.WORKS
17 JunSilver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT MalwareCybersecurity researchers are warning of a new phishing campaign that's targeting users in Taiwan with malware families such as HoldingHands RAT and Gh0stCringe. The activity is part of a broader campaign that delivered the Winos 4.0 malware framework earlier this January by send…THEHACKERNEWS.COM
17 JunTwo Predictions. One’s AI. One’s Football. Both 🔥Two cybersecurity pros sat down and made two bold predictions before this episode even aired. One? That AI governance would take center stage with a surprise guest appearance on a live show. The other? That the Eagles would win the Super Bowl. 🤯 What happened next? One of them al…YOUTUBE.COM
17 JunHow Long Until the Phishing Starts? About Two Weeks, (Tue, Jun 17th)[This is a guest diary by Christopher Crowley, https://montance.com ] ISC.SANS.EDU
17 JunBaby Tigers Bite — The Hidden Risks of Scaling AI Too FastAI systems scale from prototypes to production environments, as do the risks. Is your organization planning for the AI baby tiger or full-grown AI predator? The post Baby Tigers Bite — The Hidden Risks of Scaling AI Too Fast appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
17 JunKimsuky and Konni APT Groups Lead Active Attacks Targeting East AsiaAn significant 20 Advanced Persistent Threat (APT) occurrences were found in April 2025, according to a new report from Fuying Lab’s worldwide threat hunting system. East Asia emerges as a primary hotspot, where the notorious APT groups Kimsuky and Konni have been identifie…GBHACKERS.COM
17 JunKnowBe4 Collaborates with Microsoft: Strengthening Email Security Through Strategic IntegrationIn today's rapidly evolving threat landscape, cybercriminals are becoming increasingly sophisticated in their attack methodologies, particularly when it comes to email-based threats.KNOWBE4.COM
17 JunBeware: Weaponized Research Papers Delivering Malware Through Password-Protected DocumentsThe AhnLab Security Intelligence Center (ASEC) recently made the concerning revelation that the infamous Kimsuky hacking organization was connected to a crafty phishing email campaign that targeted unwary people. Disguised as a seemingly legitimate request for a paper review from…GBHACKERS.COM
17 JunNew Sophisticated Multi-Stage Malware Campaign Uses VBS Files to Execute PowerShell ScriptA recently uncovered malware campaign has revealed a highly sophisticated, multi-stage infection process utilizing heavily obfuscated Visual Basic Script (VBS) files to deploy remote access trojans (RATs) such as Remcos, LimeRAT, DCRat, and AsyncRAT. Discovered across a cluster o…GBHACKERS.COM
17 JunThis Is the 'Talkies' Moment of Cybersecurity 😮Just like the film industry once faced the leap from silent movies to talking pictures, cybersecurity pros are now staring down the same kind of shift—with AI. In this short, cybersecurity expert Doug White draws a brilliant parallel between the rise of AI and Hollywood’s “talkie…YOUTUBE.COM
17 JunThreat Actor Abuses TeamFiltration for Entra ID Account Takeoverssubmitted by cm0002 to cybersecurity 2 points | 0 comments https://www.darkreading.com/cloud-security/threat-actor-teamfiltration-entra-id-attacksINFOSEC.PUB
17 JunNew KimJongRAT Stealer Uses Weaponized LNK File to Deploy PowerShell-Based DropperThe two new variants of the KimJongRAT stealer have emerged, showcasing the persistent and evolving nature of this malicious tool first identified in 2013. Detailed research by Palo Alto Networks’ Unit 42 reveals that these variants, one employing a Portable Executable (PE) file …GBHACKERS.COM
17 JunHackers Can Hide Images in Text Data and Embeds Directly into DNS TXT Recordssubmitted by cm0002 to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/hiding-images-in-dns-txt-records/INFOSEC.PUB
17 JunNew Sorillus RAT Targets European Organizations Through Tunneling ServicesAn important development discovered in March 2025 by Orange Cyberdefense’s Managed Threat Detection teams in Belgium was that a European client was the subject of a malicious infection chain that used the Sorillus Remote Access Trojan (RAT). Further analysis by the Orange C…GBHACKERS.COM
17 JunAI Zombie Lawyer, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet - SWN #486AI Zombie Lawyers, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-486YOUTUBE.COM
🎙️ PODCASTS 1[−]
17 JunThe AI Fix #55: Atari beats ChatGPT at chess, and Apple says AI “thinking” is an illusionIn episode 55 of The AI Fix, Gemini thinks a little meth won't hurt, Mark realises what a terrifying 45mph "robot bird" is really for, Graham finds a surprising number of TikTokers in the bible, an AI discovers dust on Mars, Google forgets what year it is, and Apple finally enter…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 12[−]
17 JunMeta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 AnnouncementMeta Platforms on Monday announced that it's bringing advertising to WhatsApp, but emphasized that the ads are "built with privacy in mind." The ads are expected to be displayed on the Updates tab through its Stories-like Status feature, which allows ephemeral sharing of photos, …THEHACKERNEWS.COM
17 JunGoogle to scale up AI-powered fraud detection and security operations in IndiaGoogle has unveiled its Safety Charter in India, which will expand its AI-led developments for fraud detection and combating scams across the country, the company’s largest market outside the United States. Digital fraud in India is rising. Fraud related to the Indian gover…TECHCRUNCH.COM
17 JunHow to buy and connect a travel eSIM with Kaspersky eSIM Store | Kaspersky official blogGet worldwide internet access while traveling. Whether you're planning ahead or already abroad, purchase and connect an eSIM instantly through the Kaspersky eSIM Store.KASPERSKY.COM
17 JunAre Forgotten AD Service Accounts Leaving You at Risk?For many organizations, Active Directory (AD) service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts (created for legacy applications, scheduled tasks, aut…THEHACKERNEWS.COM
17 JunMicrosoft fixes Surface Hub boot issues with emergency updateMicrosoft has released an emergency update to fix a known issue causing startup failures for some Surface Hub v1 devices running Windows 10. [...]BLEEPINGCOMPUTER.COM
17 JunHow to automate IT ticket handling with AI and TinesTired of drowning in IT tickets? This AI-powered workflow built on Tines auto-triages common issues like known bugs & password resets—saving time for your team and speeding up resolution. Learn more about Tines and get a free account now. [...]BLEEPINGCOMPUTER.COM
17 JunWhy Fixing Security Alerts Might Be a Waste of Time! 🤯Most cybersecurity teams think detecting alerts is enough, but what if fixing them isn’t always the right move? 🤯 Cloud security expert Marina Segal explains why triage and risk management are the real game-changers. Instead of blindly fixing every alert, smart security teams foc…YOUTUBE.COM
17 JunInstagram 'BMO' ads use AI deepfakes to scam banking customersInstagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud. Some ads use AI-powered deepfake videos in an attempt to collect your personal informa…BLEEPINGCOMPUTER.COM
17 JunObservability startup Coralogix becomes a unicorn, eyes India expansionWith the influx of cash, Coralogix is looking to expand its engineering base in India and develop its AI agent.TECHCRUNCH.COM
17 JunPaddle settles for $5 million over facilitating tech support scamsPaddle.com and its U.S. subsidiary will pay $5 million to settle Federal Trade Commission (FTC) allegations that the company facilitated deceptive tech-support schemes that harmed many U.S. consumers, including older adults. [...]BLEEPINGCOMPUTER.COM
17 JunInstagram ads mimicking BMO, EQ Banks are finance scamsInstagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud. Some ads use AI-powered deepfake videos in an attempt to collect your personal informa…BLEEPINGCOMPUTER.COM
17 JunInstagram ads mimicking BMO, EQ Bank are finance scamsInstagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud. Some ads use AI-powered deepfake videos in an attempt to collect your personal informa…BLEEPINGCOMPUTER.COM