🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
23 JunCritical Teleport Vulnerability Allows Remote Authentication BypassA critical security vulnerability, tracked as CVE-2025-49825, has been discovered in Teleport, a widely used open-source platform for secure access to servers, cloud applications, and infrastructure. This flaw enables remote attackers to bypass authentication controls, potentiall…GBHACKERS.COM
23 JunCVE-2025-49763 – Remote DoS via Memory Exhaustion in Apache Traffic Server via ESI Plugin - Security Boulevardsubmitted by kid to cybersecurity 2 points | 0 comments https://securityboulevard.com/2025/06/cve-2025-49763-remote-dos-via-memory-exhaustion-in-apache-traffic-server-via-esi-plugin/SH.ITJUST.WORKS
⚠️ VULNERABILITY DISCLOSURE 23[−]
23 JunCoinMarketCap Doodle Image Vulnerability Lets Attackers Run Malicious Code via API CallCoinMarketCap, the globally recognized cryptocurrency data aggregator, experienced a significant security incident when a vulnerability in its homepage doodle image was exploited to inject malicious code, leading to a phishing campaign targeting user wallets. Incident Overview Th…GBHACKERS.COM
23 JunCritical Meshtastic Flaw Allows Attackers to Decrypt Private MessagesA severe cryptographic vulnerability in the popular open-source Meshtastic project allows attackers to decrypt private messages and hijack nodes across LoRa mesh networks. This flaw stems from duplicated encryption keys and insufficient randomness during key generation. The issue…GBHACKERS.COM
23 JunAmazon EKS Flaws Expose AWS Credentials and Enable Privilege EscalationRecent research has uncovered critical security flaws in Amazon Elastic Kubernetes Service (EKS) that could expose sensitive AWS credentials and enable privilege escalation within cloud environments. The vulnerabilities, rooted in misconfigurations and excessive container privile…GBHACKERS.COM
23 Jun10 tough cybersecurity questions every CISO must answerAs CISOs gain stature and responsibility, the top security role only gets more demanding. In addition to having to continuously evaluate their security postures to determine what adjustments to make to adequately protect their organizations, today’s CISOs must align with the busi…CSOONLINE.COM
23 JunCybersecurity Today: Chinese Hackers Target Canadian Telco, U.S. on Alert for Iranian Cyber Retaliation, and Sitecore XB Critical VulnerabilityIn this episode of Cybersecurity Today, hosted by David Shipley, key cybersecurity incidents and threats are discussed. The Canadian Center for Cybersecurity revealed a breach by Chinese state-sponsored hackers of a Canadian telco, with further threats expected to continue target…CYBERSECURITYTODAY.LIBSYN.COM
23 JunRethinking Identity: IAM, PAM & Passwordless Trends from Identiverse - ESW #412In fast-paced, shared device environments like healthcare, manufacturing, and other critical industries, traditional access management approaches are falling short, quietly eroding both security and productivity. This episode explores how outdated methods, like shared credentials…YOUTUBE.COM
23 Jun⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and MoreNot every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until they are. What if your environment is already being tested, just not in ways you expected? Some of the most dangerous moves are hidden in plain s…THEHACKERNEWS.COM
23 JunHackers Allegedly Selling Intelbras Router 0-Day Exploit on Dark Web ForumsA threat actor has reportedly put up for sale a previously unknown, or “zero-day,” exploit targeting Intelbras routers on dark web forums, raising significant concerns among cybersecurity professionals and end users. The alleged exploit leverages an undisclosed vulner…GBHACKERS.COM
23 JunMicrosoft Reduces Windows 11 24H2 Restore Point Retention from 90 to 60 DaysIn a significant change for Windows 11 users, Microsoft has announced that, beginning with the June 2025 security update (KB5060842), system restore points in Windows 11 version 24H2 will now be retained for up to 60 days, down from the previous 90-day period. This adjustment, wh…GBHACKERS.COM
23 JunSteel Giant Nucor Suffers Cyberattack, IT Systems BreachedNucor Corporation, the largest steel producer and recycler in North America, has confirmed it suffered a significant cybersecurity breach that disrupted operations across multiple facilities and led to the theft of limited company data. The incident, first disclosed in a regulato…GBHACKERS.COM
23 JunCritical Authentication Bypass Flaw Patched in TeleportA critical-severity vulnerability in Teleport could allow remote attackers to bypass SSH authentication and access managed systems. The post Critical Authentication Bypass Flaw Patched in Teleport appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunTurning evasion into detection: Varonis Jitter-Trap redefines beacon defenseOrganizations may soon be able to detect in real time stealthy “beacons,” like Cobalt Strike, Silver, Empire, Mythic, and Havoc. Varonis Threat Labs has unveiled Jitter-Trap, a clever new technique that claims to exploit attackers’ own dodgy tactics against them, detecting the ra…CSOONLINE.COM
23 JunBlueNoroff Hackers Exploit Zoom App to Deploy Infostealer Malware in Targeted AttacksThe Field Effect Analysis team has uncovered a targeted social engineering campaign orchestrated by the North Korean state-sponsored threat actor BlueNoroff, a financially motivated subgroup of the notorious Lazarus Group. A Canadian online gambling provider fell victim to a meti…GBHACKERS.COM
23 JunXDigo Malware Exploits Windows LNK Flaw in Eastern European Government AttacksCybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025. The attack chains are said to have leveraged a collection of Windows shortcut (LNK) files as part of a multi-stag…THEHACKERNEWS.COM
23 JunDDoS Attack on Financial Sector Triggers Multi-Day Service OutagesIn an analysis by FS-ISAC and Akamai, the financial services sector has emerged as the primary target of Distributed Denial of Service (DDoS) attacks, with a dramatic surge in both the frequency and volume of malicious traffic. These attacks, designed to overwhelm systems and dis…GBHACKERS.COM
23 JunMCP-Bug bei Asana könnte Unternehmensdaten offengelegt habenCISOs mit einem MCP-Server von Asana in ihrer Umgebung sollten ihre Protokolle und Metadaten auf Datenlecks überprüfen. Shutter z – shutterstock.com Die Software-as-a-Service-Plattform Asana zählt zu den beliebtesten Projektmanagement-Tools in Unternehmen. Der Anbieter gab kürzli…CSOONLINE.COM
23 JunAI vs Human in Fixing Code—Who Wins? 🏆AI is revolutionizing cybersecurity! 🔥 In this video, watch as cutting-edge AI goes head-to-head with a human to fix vulnerable code. Can artificial intelligence outmatch human expertise in securing applications? 🤖💻 From vulnerability detection to instant remediation, this battle…YOUTUBE.COM
23 JunMcLaren Health Care Data Breach Exposes Personal Information of 743,000 IndividualsMcLaren Health Care, a prominent healthcare provider based at One McLaren Parkway, Grand Blanc, MI, has disclosed a data breach that compromised the personal information of 743,131 individuals, including 25 residents of Maine. The breach, identified as an external system hacking …GBHACKERS.COM
23 JunWhy Scanning Your System Isn’t Enough to Stay Secure!🔒 Why Scanning Your System Isn’t Enough to Stay Secure! 🔥 #CyberSecurity #TechTips Running vulnerability scans with tools like Qualys, Tenable, or Nessus? That’s a great start—but if you’re not following up with remediation, you’re leaving your system exposed! 🚨 Vulnerability man…YOUTUBE.COM
23 JunShadow Vector Malware Uses SVG Images to Deliver AsyncRAT and RemcosRAT PayloadsAcronis Threat Research Unit (TRU) has discovered a startling development: a malicious campaign called “Shadow Vector” is actively targeting Colombian users using malicious Scalable Vector Graphics (SVG) files, a novel attack vector. Disguised as urgent court notifica…GBHACKERS.COM
23 JunGoogle Integrates GenAI to Counter Indirect Prompt Injection Attack VectorsGoogle has revealed a thorough protection technique aimed at indirect prompt injection attacks, a subtle but powerful threat, marking a major advancement in cybersecurity in the age of generative AI. Unlike direct prompt injections, where malicious commands are overtly inserted i…GBHACKERS.COM
23 JunWhy FIDO Passkeys Might Be Your Last Login EverCybersecurity expert Geoff Cairns breaks down the future of authentication with FIDO device-bound passkeys. Designed to make phishing nearly impossible, these passkeys are now being adopted by mobile enterprise apps—transforming how organizations protect workforce access. As pass…YOUTUBE.COM
23 JunCanadian telecom hacked by suspected China state groupsubmitted by BrikoX to cybersecurity 1 points | 0 comments https://arstechnica.com/security/2025/06/suspected-china-state-hackers-exploited-patched-flaw-to-breach-canadian-telecom/ Maximum-security Cisco vulnerability was patched Oct. 2023 and exploited Feb. 2025.SH.ITJUST.WORKS
📢 SECURITY ADVISORIES 8[−]
23 JunNCSC Issues Alert on ‘UMBRELLA STAND’ Malware Targeting Fortinet FortiGate FirewallsThe National Cyber Security Centre (NCSC) has sounded the alarm over a newly identified malware dubbed “UMBRELLA STAND,” specifically targeting internet-facing FortiGate 100D series firewalls manufactured by Fortinet. This medium-sophistication malware, believed to be…GBHACKERS.COM
🔥 INCIDENT REPORTING 21[−]
23 JunSteelmaker Nucor Says Hackers Stole Data in Recent AttackNucor has shared an update on the impact of the recent cyberattack and confirmed that some data has been taken from its IT systems. The post Steelmaker Nucor Says Hackers Stole Data in Recent Attack appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunUS Braces for Cyberattacks After Joining Israel-Iran WarIranian hackers are expected to intensify cyberattacks against the US after the recent air strikes on Iran’s nuclear sites. The post US Braces for Cyberattacks After Joining Israel-Iran War appeared first on SecurityWeek .SECURITYWEEK.COM
23 Jun743,000 Impacted by McLaren Health Care Data BreachThe personal information of 743,000 individuals was compromised in a 2024 ransomware attack on McLaren Health Care. The post 743,000 Impacted by McLaren Health Care Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunSteel giant Nucor confirms hackers stole data in recent breachNucor, North America's largest steel producer and recycler, has confirmed that attackers behind a recent cybersecurity incident have also stolen data from the company's network. [...]BLEEPINGCOMPUTER.COM
23 JunMcLaren Health Care says data breach impacts 743,000 patientsMcLaren Health Care is warning 743,000 patients that the health system suffered a data breach caused by a July 2024 attack by the INC ransomware gang. [...]BLEEPINGCOMPUTER.COM
23 JunUS insurance giant Aflac says customers’ personal data stolen during cyberattackThe U.S. insurance giant provides supplemental insurance to around 50 million customers.TECHCRUNCH.COM
23 JunRevil ransomware members released after time served on carding chargesFour REvil ransomware members arrested in January 2022 were released by Russia on time served after they pleaded guilty to carding and malware distribution charges. [...]BLEEPINGCOMPUTER.COM
23 JunCanada says Salt Typhoon hacked telecom firm via Cisco flawThe Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored 'Salt Typhoon' hacking group is also targeting Canadian telecommunication firms, breaching a telecom provider in February. [...]BLEEPINGCOMPUTER.COM
23 JunCanada says Chinese-backed hackers were likely behind recent malicious activity targeting domestic telecommunications infrastructuresubmitted by randomname to cybersecurity 1 points | 0 comments https://www.insurancejournal.com/news/international/2025/06/23/828727.htm cross-posted from: scribe.disroot.org/post/3248424 Archived version Canada’s cybersecurity agency said Chinese-backed hackers were likely behin…INFOSEC.PUB
23 JunCanada says Chinese-backed hackers were likely behind recent malicious activity targeting domestic telecommunications infrastructuresubmitted by randomname to cybersecurity 3 points | 0 comments https://www.insurancejournal.com/news/international/2025/06/23/828727.htm cross-posted from: scribe.disroot.org/post/3248424 Archived version Canada’s cybersecurity agency said Chinese-backed hackers were likely behin…SH.ITJUST.WORKS
23 JunUS Homeland Security warns of escalating Iranian cyberattack risksThe U.S. Department of Homeland Security (DHS) warned over the weekend of escalating cyberattack risks by Iran-backed hacking groups and pro-Iranian hacktivists. [...]BLEEPINGCOMPUTER.COM
23 JunDHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear StrikesThe United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the Iran–Israel war that commenced on June 13, 2025. Stating that the ongoing conflict has created a "heightened threat environm…THEHACKERNEWS.COM
23 JunThe Silent Threat Killing Cybersecurity (It’s Not Hackers!)Everyone talks about hackers and vulnerabilities, but the biggest threat to cybersecurity isn’t what you think! 🚨 Despite having cutting-edge tools, automation, and threat detection, organizations STILL struggle to reduce risk. Why? Because the weakest link isn’t technology—it’s …YOUTUBE.COM
23 JunCrown Jewels vs. Noise: Know What Actually Matters 🔐In the cybersecurity world, not every threat is worth panicking over. In this short, Michael from CardinalOps breaks down the real difference between business-critical assets—your "crown jewels"—and the everyday noise that won’t land you in headlines. With rising threats across s…YOUTUBE.COM
23 JunCanada says telcos were breached in China-linked espionage hacksSalt Typhoon previously hacked phone and telco giants across the United States.TECHCRUNCH.COM
23 JunUAC-0001 Hackers Target ICS Devices Running Windows-Based Server SystemsThe national team for responding to cyber incidents, CERT-UA, has exposed a sophisticated cyberattack targeting the information and communication system (ICS) of a central executive body in March-April 2024. During the implementation of response measures, a technical device runni…GBHACKERS.COM
23 JunOxford City Council suffers breach exposing two decades of datasubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/oxford-city-council-suffers-breach-exposing-two-decades-of-data/SH.ITJUST.WORKS
23 JunRansomware Gangs Collapse as Qilin Seizes Controlsubmitted by kid to cybersecurity 3 points | 0 comments https://www.cybereason.com/blog/threat-alert-qilin-seizes-controlSH.ITJUST.WORKS
23 JunAflac says it stopped attack launched by ‘sophisticated cybercrime group’ | The Record from Recorded Future Newssubmitted by kid to cybersecurity 2 points | 0 comments https://therecord.media/aflac-cyberattack-potential-data-breachSH.ITJUST.WORKS
23 JunAnubis Ransomware Lists Disneyland Paris as New Victimsubmitted by kid to cybersecurity 2 points | 0 comments https://hackread.com/anubis-ransomware-lists-disneyland-paris-new-victim/SH.ITJUST.WORKS
23 JunMarks & Spencer ransomware attack was good news for other retailersWhen Marks & Spencer paused online orders after it was hit by ransomware, it was bad news for them... but GOOD news for other big online retailers. Fashion rivals like Next, John Lewis, and Zara saw a nice little bump while M&S sales floundered.GRAHAMCLULEY.COM
🕵️ THREAT INTELLIGENCE 35[−]
23 JunISC Stormcast For Monday, June 23rd, 2025 https://isc.sans.edu/podcastdetail/9500, (Mon, Jun 23rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
23 JunWindows Snipping Tool Now Lets Users Export Captures as GIFsMicrosoft has rolled out a significant update to its popular Snipping Tool, introducing the ability to export screen recordings as animated GIFs—a feature long requested by users and now available to Windows 11 Insiders in the Canary and Dev Channels. This enhancement, part of Sn…GBHACKERS.COM
23 Jun16 Milliarden Zugangsdaten im Netz stammen von “Datenhalde”Die offengelegten Zugangsdaten sollen von einer “Datenhalde” stammen. U-STUDIOGRAPHY DD59 – shutterstock.com Bei dem angeblichen riesigen Datenleck, bei dem 16 Milliarden Zugangsdaten zu Apple, Facebook, Google und anderen Anbietern in falsche Hände geraten seien sollen, handelt …CSOONLINE.COM
23 JunFormer JBLM Soldier Admits Attempting to Leak U.S. Military Network Details to China A former U.S. Army sergeant who served at Joint Base Lewis-McChord (JBLM) in Washington has pleaded guilty to federal charges after admitting he tried to deliver sensitive military secrets to Chinese authorities. Joseph Daniel Schmidt, 31, entered his plea in U.S. District …GBHACKERS.COM
23 JunMicrosoft Family Safety Now Blocking All Versions of Google ChromeIn a development that has left students, parents, and educators frustrated, Microsoft’s Family Safety feature is now blocking all versions of Google Chrome from launching on Windows devices. The issue, which first surfaced in early June, has persisted for over two weeks without a…GBHACKERS.COM
23 JunDoes the digital security equilibrium hold under AI?submitted by Pro to cybersecurity 1 points | 0 comments https://www.ox.ac.uk/news/2025-06-23-expert-comment-does-digital-security-equilibrium-hold-under-aiINFOSEC.PUB
23 JunDoes the digital security equilibrium hold under AI?submitted by Pro to cybersecurity 1 points | 0 comments https://www.ox.ac.uk/news/2025-06-23-expert-comment-does-digital-security-equilibrium-hold-under-aiSH.ITJUST.WORKS
23 JunLargest DDoS Attack to DateIt was a recently unimaginable 7.3 Tbps : The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications, a…SCHNEIER.COM
23 JunMassive 170K database filled to the brim with plaintext PII exposedsubmitted by kid to cybersecurity 2 points | 0 comments https://cybernews.com/security/massive-170k-database-exposed/SH.ITJUST.WORKS
23 JunMicrosoft Enhances Defender for Office 365 with Detailed Spam and Phishing AnalysisMicrosoft has announced a significant upgrade to its Defender for Office 365 platform, introducing a new AI-powered capability designed to provide unprecedented clarity into why emails are classified as spam, phishing, or clean. This enhancement, powered by large language models …GBHACKERS.COM
23 JunLinux-Based Firewall IPFire 2.29 Rolls Out Update 194 with Improved VPN FeaturesThe highly anticipated IPFire 2.29 – Core Update 194 has officially landed, delivering a significant upgrade for users of the popular Linux-based firewall. This release stands out for its much-awaited native support for the WireGuard VPN protocol, alongside a suite of impro…GBHACKERS.COM
23 JunConfucius Hackers Target Government and Military Entities Using WooperStealer MalwareThe notorious Confucius hacking organization, first exposed by foreign security vendors in 2016, continues to pose a significant threat to government and military entities across South and East Asia. With attack activities dating back to 2013, this group has recently escalated it…GBHACKERS.COM
23 JunA Clicking Time Bomb: What To Do About Repeat ClickersI recently had several conversations about repeat clickers. First with a Forrester analyst and then, shortly after, at KB4-CON Orlando following a presentation on the subject by Matthew Canham, Executive Director of the Cognitive Security Institute.KNOWBE4.COM
23 JunFTC States That Scams Cost U.S. Consumers $158.3 Billion in One YearI am used to repeating some pretty big numbers when talking about the financial impact of cybercrimes. When you look into the data, it is pretty easy to start talking about tens of billions of dollars.KNOWBE4.COM
23 JunNorth Korean Hackers Weaponize GitHub Infrastructure to Distribute MalwareCybersecurity researchers have uncovered a sophisticated spearphishing campaign orchestrated by the North Korean threat group Kimsuky, leveraging GitHub as a critical piece of attack infrastructure to distribute malware since March 2025. This operation, identified through analysi…GBHACKERS.COM
23 JunMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
23 JunNew AI Jailbreak Bypasses Guardrails With EaseNew "Echo Chamber" attack bypasses advanced LLM safeguards by subtly manipulating conversational context, proving highly effective across leading AI models. The post New AI Jailbreak Bypasses Guardrails With Ease appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunChina’s Salt Typhoon Hackers Target Canadian Telecom FirmsCanada’s Centre for Cyber Security and the FBI warn of Chinese hackers targeting telecommunications and other companies in Canada. The post China’s Salt Typhoon Hackers Target Canadian Telecom Firms appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunSparkKitty Targets iOS and Android Devices via App Store and Google Play AttacksA sophisticated spyware campaign, dubbed SparkKitty, has emerged as a significant threat to both iOS and Android users, infiltrating even the official app stores like Google Play and the App Store. First detected in connection with the earlier SparkCat campaign from January 2025,…GBHACKERS.COM
23 JunSplunk is NOT Your System of Record. Here’s Why.Most security teams are unknowingly burning money by treating Splunk as their system of record. In this short, cybersecurity expert JP Bourget breaks down the real cost of storing data in analysis-tier platforms and why decoupling your data pipeline could save your org thousands.…YOUTUBE.COM
23 JunHow to Make Cyber Intel Actionable in Seconds 🧠Security teams struggle with noise—alerts everywhere, but no clear picture. In this short, Matt asks how Sevco makes complex cyber threat data actually useful. Greg reveals how their Threat Exposure module turns raw threat intel into actionable, visual insight—across any tool. It…YOUTUBE.COM
23 JunNorth Korean Hackers Take Over Victims’ Systems Using Zoom MeetingNorth Korean hackers employ social engineering to trick Zoom Meeting participants into executing system-takeover commands. The post North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunScans for Ichano AtHome IP Cameras, (Mon, Jun 23rd)Ichano&#39&#x3b;s "AtHome Camera" is a bit of a different approach to home surveillance cameras [1]. Instead of a hardware camera solution, this product is a software solution that turns existing devices like computers and tablets into webc…ISC.SANS.EDU
23 JunNavigating cyber risks with Microsoft Security Exposure Management eBookMicrosoft Security Exposure Management's eBook helps educate teams on how to anticipate threats across hybrid environments, transforming risk into resilience. The post Navigating cyber risks with Microsoft Security Exposure Management eBook appeared first on Microsoft Security Bl…MICROSOFT.COM
23 JunWhatsApp messaging app banned on all US House of Representatives devicessubmitted by PhilipTheBucket to cybersecurity 1 points | 0 comments https://www.theguardian.com/technology/2025/jun/23/whatsapp-ban-house-representativesSH.ITJUST.WORKS
23 JunRapperBot Targets DVRs to Hijack Surveillance Cameras and Record VideoWhen the NICT CSRI analysis team presented their three-year investigation into the RapperBot virus at Botconf 1, an international conference on botnets and malware hosted in Angers, France in May 2025, they made a startling discovery. This Mirai variant has evolved into a sophist…GBHACKERS.COM
23 JunAPT36 Hackers Target Indian Defense Personnel with Sophisticated Phishing CampaignAPT36, also known as Transparent Tribe, a Pakistan-based cyber espionage group, has launched a highly sophisticated phishing campaign targeting Indian defense personnel. According to recent findings by CYFIRMA, this group has meticulously crafted phishing emails that deliver mali…GBHACKERS.COM
23 Jun1inch rolls out expanded bug bounties with rewards up to $500K1inch, the leading DeFi aggregator, has launched an upgraded bug bounty initiative, covering five key areas of its platform, with rewards of up to $500,000. Through this initiative 1inch demonstrates its commitment to maintaining the highest level of security across its smart con…GBHACKERS.COM
23 JunAppSec = Vibe Coding Vikings? 😂When asked to describe AppSec in just three words, cybersecurity expert Keith Hoodlet didn't hold back. Instead of one answer, he dropped three sets—ending with the most unexpected mic drop: “Vibe. Coding. Vikings.” This short moment captures the evolving (and often chaotic) natu…YOUTUBE.COM
23 JunCloudflare blocks record 7.3 Tbps DDoS attack against hosting providersubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/cloudflare-blocks-record-73-tbps-ddos-attack-against-hosting-provider/SH.ITJUST.WORKS
23 JunHackers Post Dozens of Malicious Copycat Repos to GitHubsubmitted by kid to cybersecurity 2 points | 0 comments https://www.darkreading.com/threat-intelligence/dozens-malicious-copycat-repos-githubSH.ITJUST.WORKS
23 JunAPT28 hackers use Signal chats to launch new malware attacks on UkraineThe Russian state-sponsored threat group APT28 is using Signal chats to target government targets in Ukraine with two previously undocumented malware families named BeardShell and SlimAgent. [...]BLEEPINGCOMPUTER.COM
23 JunRussian hackers bypass Gmail MFA using stolen app passwordssubmitted by kid to cybersecurity 5 points | 0 comments https://www.bleepingcomputer.com/news/security/russian-hackers-bypass-gmail-mfa-using-stolen-app-passwords/SH.ITJUST.WORKS
23 JunYou Give Me Logs, I Give You Power 💥When Neil Desai shared his approach to cybersecurity collaboration, no one expected a simple “give-get” strategy to be this effective. By offering sysadmins access to their own logs, he created a win-win that boosted trust, transparency, and troubleshooting efficiency. This clip …YOUTUBE.COM
23 JunCloudflare Tunnels Abused in New Malware Campaign - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/cloudflare-tunnels-abused-in-new-malware-campaign/SH.ITJUST.WORKS
🌐 CYBER THREAT LANDSCAPE 2[−]
23 JunSparkKitty: a new stealer in the App Store and Google Play | Kaspersky official blogThe SparkKitty Trojan steals photos from Android and iOS users' galleries.KASPERSKY.COM
23 JunMalware on Google Play, Apple App Store stole your photos—and cryptoA new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 5[−]
23 JunGoogle Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection AttacksGoogle has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems. "Unlike direct…THEHACKERNEWS.COM
23 JunHow AI-Enabled Workflow Automation Can Help SOCs Reduce BurnoutIt sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half the data and twice the pressure. Analysts are overwhelmed—not just by threats, but by the systems and processes in place that are meant to help them respond. Tool…THEHACKERNEWS.COM
23 JunEcho Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful ContentCybersecurity researchers are calling attention to a new jailbreaking method called Echo Chamber that could be leveraged to trick popular large language models (LLMs) into generating undesirable responses, irrespective of the safeguards put in place. "Unlike traditional jailbreak…THEHACKERNEWS.COM
23 JunTwitter refuses to explain what it’s doing about hate speech and misinformation, sues New York State for askingElon Musk’s Twitter is suing New York State. Why? Because apparently being asked to explain how your social media platform handles hate speech and misinformation is an unconstitutional burden.GRAHAMCLULEY.COM