matlock.ca // THREAT INTELLIGENCE

109Articles

9Categories

2025-06-25Date

🚨

CISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2024-54085 AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability CVE-2024-0769 D-Link DIR-859 Router Path Traversal Vulnerabilit…

KEVCISA.GOV — Wed, 25 Jun 25 1

🐛

NVIDIA Megatron LM Flaw Allows Attackers to Inject Malicious Code

GBHACKERS.COM — 25 Jun 2025

🐛

TeamViewer for Windows Vulnerability Lets Hackers Delete Files with SYSTEM Rights

GBHACKERS.COM — 25 Jun 2025

🐛

CentOS Web Panel Vulnerability Allows Remote Code Execution – PoC Released

GBHACKERS.COM — 25 Jun 2025

🐛

Critical Kibana Flaws Enable Heap Corruption and Remote Code Execution

GBHACKERS.COM — 25 Jun 2025

🐛

Kubernetes NodeRestriction Flaw Lets Nodes Bypass Resource Authorization

GBHACKERS.COM — 25 Jun 2025

🐛

Realtek Bluetooth Flaw Allows Attackers to Launch DoS Attacks During Pairing

GBHACKERS.COM — 25 Jun 2025

🐛

SAP GUI flaws expose sensitive data via weak or no encryption

CSOONLINE.COM — 25 Jun 2025

🐛

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

THEHACKERNEWS.COM — 25 Jun 2025

🐛

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

KEVTHEHACKERNEWS.COM — 25 Jun 2025

🐛

WinRAR patches bug letting malware launch from extracted archives

BLEEPINGCOMPUTER.COM — 25 Jun 2025

🐛

Citrix warns of NetScaler vulnerability exploited in DoS attacks

KEVBLEEPINGCOMPUTER.COM — 25 Jun 2025

⚠️

Akamai proposes tool to defang cryptomining botnets

CSOONLINE.COM — 25 Jun 2025

⚠️

New FileFix Exploit Uses Windows File Explorer to Run Malicious Commands

GBHACKERS.COM — 25 Jun 2025

⚠️

CISA Releases New ICS Advisories Highlighting Ongoing Threats and Exploits

GBHACKERS.COM — 25 Jun 2025

⚠️

LLMs hype versus reality: What CISOs should focus on

CSOONLINE.COM — 25 Jun 2025

⚠️

Schutz vor Cybercrime: Verbraucher werden nachlässiger

CSOONLINE.COM — 25 Jun 2025

⚠️

Thriving Through Volatility: Insights for CISOs - Jeff Pollard & RSAC Interviews - BSW #401

YOUTUBE.COM — 2025-06-25

⚠️

SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks

THEHACKERNEWS.COM — 25 Jun 2025

⚠️

APT Attackers Leverage Microsoft ClickOnce to Run Malware as Trusted Applications

GBHACKERS.COM — 25 Jun 2025

⚠️

Code Execution Vulnerability Patched in GitHub Enterprise Server

SECURITYWEEK.COM — 25 Jun 2025

⚠️

Akamai Reveals New Strategies for Defenders to Combat Cryptominer Attacks

GBHACKERS.COM — 25 Jun 2025

⚠️

Threat Actors Manipulate Search Results, Exploit ChatGPT and Luma AI Popularity to Deliver Malicious Payloads

GBHACKERS.COM — 25 Jun 2025

⚠️

Firefox 140 Launches with Critical Code Execution Bug Fix – Update Now

GBHACKERS.COM — 25 Jun 2025

⚠️

Thousands of SaaS Apps Could Still Be Susceptible to nOAuth

SECURITYWEEK.COM — 25 Jun 2025

⚠️

Ransomware: So viel Lösegeld zahlen Unternehmen

CSOONLINE.COM — 25 Jun 2025

⚠️

This Smart Contract LOOKED Safe… Until It Wasn’t! 🚨

YOUTUBE.COM — 2025-06-25

⚠️

Have Fun Teaching - 27,126 breached accounts

HAVEIBEENPWNED.COM — 25 Jun 2025

⚠️

Threat Actors Distribute Compromised SonicWall SSL VPN NetExtender to Steal Sensitive Data

GBHACKERS.COM — 25 Jun 2025

⚠️

Iranian Educated Manticore Targets Leading Tech Academics

INFOSEC.PUB — 25 Jun 2025

⚠️

New 'CitrixBleed 2' NetScaler flaw let hackers hijack sessions

BLEEPINGCOMPUTER.COM — 25 Jun 2025

⚠️

nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery

THEHACKERNEWS.COM — 25 Jun 2025

⚠️

RedirectionGuard: Mitigating unsafe junction traversal in Windows

MSRC.MICROSOFT.COM — 25 Jun 2025

⚠️

Misconfigured MCP servers expose AI agent systems to compromise

CSOONLINE.COM — 25 Jun 2025

⚠️

Multiple Brother Device Vulnerabilities Allow Attackers to Execute Arbitrary HTTP Requests

GBHACKERS.COM — 25 Jun 2025

⚠️

You Ever Try Parsing Logs With Zero Docs? Welcome to Hell 🔥

YOUTUBE.COM — 2025-06-25

⚠️

Multiple Vulnerabilities in Cisco ISE and ISE-PIC Could Allow for Remote Code Execution

CISECURITY.ORG — 25 Jun 2025

⚠️

Risky Business #797 -- Stuxnet vs Massive Ordnance Penetrators

RISKY.BIZ — 25 Jun 2025

📋

Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options

THEHACKERNEWS.COM — 25 Jun 2025

📋

Chrome Releases Security Patch for 11 Code Execution Vulnerabilities

GBHACKERS.COM — 25 Jun 2025

📋

Microsoft offers free Windows 10 security updates, but only for consumers

COMPUTERWORLD.COM — 25 Jun 2025

📋

Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options

SH.ITJUST.WORKS — 25 Jun 2025

📋

Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears

SECURITYWEEK.COM — 25 Jun 2025

📢

CISA Publishes Guide to Address Memory Safety Vulnerabilities in Modern Software Development

GBHACKERS.COM — 25 Jun 2025

📢

Google Chrome security advisory (AV25-369)

CYBER.GC.CA — 2025-06-25

📢

GitLab security advisory (AV25-370)

CYBER.GC.CA — 2025-06-25

📢

Splunk security advisory (AV25-371)

CYBER.GC.CA — 2025-06-25

📢

Trend Micro security advisory (AV25-373)

CYBER.GC.CA — 2025-06-25

📢

TeamViewer security advisory (AV25-372)

CYBER.GC.CA — 2025-06-25

📢

Citrix security advisory (AV25-374)

CYBER.GC.CA — 2025-06-25

📢

VMware security advisory (AV25-375)

CYBER.GC.CA — 2025-06-25

📢

Cisco security advisory (AV25-376)

CYBER.GC.CA — 2025-06-25

🔥

Cybersecurity Today: Balancing Trust, Risks, and Innovations

CYBERSECURITYTODAY.LIBSYN.COM — 25 Jun 2025

🔥

Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People

SECURITYWEEK.COM — 25 Jun 2025

🔥

Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games

THEHACKERNEWS.COM — 25 Jun 2025

🔥

You may qualify for AT&T's $177 million data breach settlement - how to file a claim today

SH.ITJUST.WORKS — 25 Jun 2025

🔥

BreachForums hacking forum operators reportedly arrested in France

BLEEPINGCOMPUTER.COM — 25 Jun 2025

🔥

Robinsons Malls - 195,597 breached accounts

HAVEIBEENPWNED.COM — 25 Jun 2025

🔥

INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern Africa

GBHACKERS.COM — 25 Jun 2025

🔥

Hackers Can Bypass Biometrics. Here’s How 😳

YOUTUBE.COM — 2025-06-25

🔥

Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android Devices

GBHACKERS.COM — 25 Jun 2025

🔥

Europol Warns of Social Engineering Attacks

KNOWBE4.COM — 25 Jun 2025

🔥

Smashing Security podcast #423: Operation Endgame, deepfakes, and dead slugs

GRAHAMCLULEY.COM — 25 Jun 2025

🔥

Hackers breach Norwegian dam

GRAHAMCLULEY.COM — 25 Jun 2025

🕵️

ISC Stormcast For Wednesday, June 25th, 2025 https://isc.sans.edu/podcastdetail/9504, (Wed, Jun 25th)

ISC.SANS.EDU — 25 Jun 2025

🕵️

Russian APT Hits Ukrainian Government With New Malware via Signal

SECURITYWEEK.COM — 25 Jun 2025

🕵️

Anthropic won't fix a bug in its SQLite MCP server

SH.ITJUST.WORKS — 25 Jun 2025

🕵️

North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages

THEHACKERNEWS.COM — 25 Jun 2025

🕵️

Google Plans to Remove Chrome’s Tab Scrolling Feature

GBHACKERS.COM — 25 Jun 2025

🕵️

Chrome 138, Firefox 140 Patch Multiple Vulnerabilities

SECURITYWEEK.COM — 25 Jun 2025

🕵️

NetNerve: AI-Powered Tool for Deep PCAP Threat Detection

GBHACKERS.COM — 25 Jun 2025

🕵️

Why Sincerity Is a Strategic Asset in Cybersecurity

SECURITYWEEK.COM — 25 Jun 2025

🕵️

What LLMs Know About Their Users

SCHNEIER.COM — 2025-06-25

🕵️

New Vulnerabilities Expose Millions of Brother Printers to Hacking

SECURITYWEEK.COM — 25 Jun 2025

🕵️

SonicWall Warns of Trojanized NetExtender Stealing User Information

SECURITYWEEK.COM — 25 Jun 2025

🕵️

Leak of data belonging to 7.4 million Paraguayans traced back to infostealers | The Record from Recorded Future News

SH.ITJUST.WORKS — 25 Jun 2025

🕵️

Malware Campaign Uses Rogue WordPress Plugin to Skim Credit Cards - Infosecurity Magazine

SH.ITJUST.WORKS — 25 Jun 2025

🕵️

Critical Meshtastic Flaw Allows Attackers to Decrypt Private Messages

SH.ITJUST.WORKS — 25 Jun 2025

🕵️

Hackers Abuse ConnectWise to Hide Malware

SECURITYWEEK.COM — 25 Jun 2025

🕵️

SonicWall warns of trojanized NetExtender stealing VPN logins

SH.ITJUST.WORKS — 25 Jun 2025

🕵️

In the Wild: Malware Prototype with Embedded Prompt Injection

INFOSEC.PUB — 25 Jun 2025

🕵️

In the Wild: Malware Prototype with Embedded Prompt Injection

SH.ITJUST.WORKS — 25 Jun 2025

🕵️

Windows 11 Configuration Bug Freezes Update Scanning Process

GBHACKERS.COM — 25 Jun 2025

🕵️

North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages

SH.ITJUST.WORKS — 25 Jun 2025

🕵️

Introducing FileFix – A New Alternative to ClickFix Attacks

SH.ITJUST.WORKS — 25 Jun 2025

🕵️

Hacktivist Groups Target U.S. Companies and Military Domains in Retaliation for Iran Attacks

GBHACKERS.COM — 25 Jun 2025

🕵️

We’ve Been Teaching Cybersecurity All Wrong 😬

YOUTUBE.COM — 2025-06-25

🕵️

The $0 Python Stack That Automated 110 Cyber Tools! 🔥

YOUTUBE.COM — 2025-06-25

🕵️

MITRE ATT&CK Overwhelms Even Smart Analysts 😵

YOUTUBE.COM — 2025-06-25

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 25 Jun 2025

🕵️

Microsoft Named a Leader in the 2025 IDC CNAPP MarketScape: Key Takeaways for Security Buyers

TECHCOMMUNITY.MICROSOFT.COM — 25 Jun 2025

🕵️

Chart Your SASE Transformation with Prisma SD-WAN

PALOALTONETWORKS.COM — 25 Jun 2025

🕵️

This Is the New “Fuzzing” – But for AI Security 😳

YOUTUBE.COM — 2025-06-25

🕵️

North Korean Hackers Pose as Recruiters, Target Developers with 35 New Malicious npm Packages

GBHACKERS.COM — 25 Jun 2025

🕵️

New wave of ‘fake interviews’ use 35 npm packages to spread malware

BLEEPINGCOMPUTER.COM — 25 Jun 2025

🕵️

New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild

GBHACKERS.COM — 25 Jun 2025

🕵️

Can AI Really Handle 14,000 Tabs?

YOUTUBE.COM — 2025-06-25

🕵️

Hackers turn ScreenConnect into malware using Authenticode stuffing

BLEEPINGCOMPUTER.COM — 25 Jun 2025

🕵️

Forget Leadership—Start Being HUMAN.

YOUTUBE.COM — 2025-06-25

🌐

Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks

BLEEPINGCOMPUTER.COM — 25 Jun 2025

📡

New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public

THEHACKERNEWS.COM — 25 Jun 2025

📡

Cybercrime is surging across Africa

BITDEFENDER.COM — 25 Jun 2025

📡

Beware the Hidden Risk in Your Entra Environment

THEHACKERNEWS.COM — 25 Jun 2025

📡

Ring cameras and doorbells now use AI to provide specific descriptions of motion activity

TECHCRUNCH.COM — 25 Jun 2025

📡

Kaspersky's FAQ on using and managing passkeys | Kaspersky official blog

KASPERSKY.COM — 25 Jun 2025

📡

Google releases Gemini CLI with free Gemini 2.5 Pro

BLEEPINGCOMPUTER.COM — 25 Jun 2025

📡

British hacker 'IntelBroker' charged with $25M in cybercrime damages

BLEEPINGCOMPUTER.COM — 25 Jun 2025

📡

The State of Post-Quantum Crypto (PQC) on the Web

F5.COM — 25 Jun 2025

📡

Apple Wallet just went full Bono (but with Brad Pitt this time)

GRAHAMCLULEY.COM — 25 Jun 2025