94Articles
8Categories
2025-06-26Date
🚨 CISA KEV 2[−]
26 Jun KEVCISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, FortinetThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The l…THEHACKERNEWS.COM
26 Jun KEVAMI MegaRAC authentication bypass flaw is being exploitated, CISA warnsA critical authentication bypass by spoofing vulnerability in AMI MegaRAC SPx server management firmware is now being actively exploited by attackers, creating urgent pressure for enterprises still waiting for complete vendor patches across their infrastructure. The US Cybersecur…NETWORKWORLD.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 13[−]
26 JunIBM i Vulnerability Allows Attackers to Escalate PrivilegesA critical security vulnerability has been identified in IBM i, potentially allowing attackers to escalate privileges and execute arbitrary code with administrator rights. The flaw, tracked as CVE-2025-36004, affects IBM Facsimile Support for i across multiple versions of the IBM…GBHACKERS.COM
26 Jun KEVCISA Issues Alert on Active Exploitation of D-Link Path Traversal FlawThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert following evidence of active exploitation of a critical vulnerability (CVE-2024-0769) in legacy D-Link DIR-859 WiFi routers. The flaw, which enables attackers to gain unauthorized access a…GBHACKERS.COM
26 JunHPE OneView for VMware vCenter Vulnerability Allows Elevated AccessHewlett Packard Enterprise (HPE) has issued a critical security bulletin warning customers of a significant vulnerability in its OneView for VMware vCenter (OV4VC) software. The flaw, tracked as CVE-2025-37101, could allow attackers with only read-only privileges to escalate thei…GBHACKERS.COM
26 JunSAP-Schwachstellen gefährden Windows-NutzerdatenSchwachstellen in SAP GUI geben sensible Daten durch schwache oder fehlende Verschlüsselung preis. LALAKA – shutterstock.com Die Forscher Jonathan Stross von Pathlock, und Julian Petersohn von Fortinet warnen vor zwei neuen Sicherheitslücken in einer Funktion von SAP GUI, die für…CSOONLINE.COM
26 JunCritical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root AccessCisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user. The vulnerabilities, assigned the…THEHACKERNEWS.COM
26 JunIBM WebSphere Application Server Flaw Enables Arbitrary Code ExecutionA severe security flaw has been identified in IBM WebSphere Application Server, potentially allowing remote attackers to execute arbitrary code on affected systems. Tracked under CVE-2025-36038, this vulnerability stems from a deserialization of untrusted data issue, classified u…GBHACKERS.COM
26 JunCVE-2025-47182 Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityImproper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2025-6555 Use after free in AnimationThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunCVE-2025-47964 Microsoft Edge (Chromium-based) Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2025-6556 Insufficient policy enforcement in LoaderThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2025-6557 Insufficient data validation in DevToolsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunCVE-2025-47963 Microsoft Edge (Chromium-based) Spoofing VulnerabilityNo cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 33[−]
26 JunThe top red teamer in the US is an AI botAI is getting so good that it’s outperforming human red teamers. The hacker “Xbow” now tops an eminent US security industry leaderboard that ranks red teamers based on reputation — and it’s an AI chatbot. On HackerOne, which connects organizations with ethical hackers to particip…CSOONLINE.COM
26 JunAuthorities Arrest Five Operators Behind Infamous BreachForums Cybercrime HubIn a sweeping crackdown that has sent shockwaves through the global cybercrime community, French authorities have arrested five key operators behind BreachForums, one of the world’s most notorious online marketplaces for stolen data. The arrests mark a significant victory for int…GBHACKERS.COM
26 JunMOVEit Transfer Systems Hit by Wave of Attacks Using Over 100 Unique IPsA dramatic surge in scanning and exploitation activity targeting Progress Software’s MOVEit Transfer file-sharing platform has alarmed cybersecurity researchers and enterprise defenders worldwide. Over the past 90 days, threat intelligence firm GreyNoise has detected 682 unique I…GBHACKERS.COM
26 JunCritical Citrix NetScaler Flaw Exploited as Zero-DayCitrix has released patches for a critical vulnerability in NetScaler ADC and NetScaler Gateway exploited as a zero-day. The post Critical Citrix NetScaler Flaw Exploited as Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunHow to make your multicloud security more effectiveThe days of debating whether cloud or on-premises is the best location for your servers are thankfully far behind us. But lately, more enterprises are shifting their workloads as they realize that security and simplicity matter. This movement isn’t uniform because of the richness…CSOONLINE.COM
26 JunCyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across AfricaCybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain access. Palo Alto Networks Unit 42 is tracking the activity un…THEHACKERNEWS.COM
26 JunResearchers Demonstrate Windows Registry Manipulation via C++ ProgramCybersecurity researchers have developed a C++ program demonstrating how attackers manipulate the Windows Registry to establish persistence, evade defenses, and alter system behavior. This technique, central to many cyberattacks, exploits the registry’s role as Windows̵…GBHACKERS.COM
26 JunCISA: AMI MegaRAC bug enabling server hijacks exploited in attacksCISA says a maximum severity vulnerability in AMI's MegaRAC Baseboard Management Controller (BMC) software, which enables attackers to hijack and brick servers, is currently under active exploitation. [...]BLEEPINGCOMPUTER.COM
26 JunCritical Cisco ISE Vulnerabilities Allow Remote Code ExecutionTwo critical vulnerabilities in Cisco ISE could allow remote attackers to execute arbitrary code with root privileges. The post Critical Cisco ISE Vulnerabilities Allow Remote Code Execution appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunCybercriminals Use TeamFiltration Pentesting Framework to Breach Microsoft Teams, OneDrive, Outlook, and MoreProofpoint threat researchers have exposed an active account takeover (ATO) campaign, dubbed UNK_SneakyStrike, exploiting the TeamFiltration pentesting framework to target Microsoft Entra ID user accounts. Since December 2024, this malicious operation has impacted over 80,000 use…GBHACKERS.COM
26 Jun KEVCrowdStrike is cutting jobs in favor of AI. Here’s why you shouldn’t.Security giant CrowdStrike announced via an official SEC filing last month that it plans to cut approximately 500 jobs — about 5% of its global workforce — as part of a strategic shift toward greater reliance on artificial intelligence to drive efficiency and growth. The security…CSOONLINE.COM
26 Jun KEVCISA Warns AMI BMC Vulnerability Exploited in the WildCISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17. The post CISA Warns AMI BMC Vulnerability Exploited in the Wild appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunChinese Hackers Deploy Pubload Malware Using Tibetan Community Lures and Weaponized FilenamesIBM X-Force researchers have uncovered a series of targeted cyberattacks orchestrated by the China-aligned threat actor Hive0154. Throughout 2025, this group has been deploying the Pubload malware, a potent backdoor, through meticulously crafted phishing lures aimed at the Tibeta…GBHACKERS.COM
26 JunCybercriminals Exploit LLM Models to Enhance Hacking ActivitiesCybercriminals are increasingly leveraging large language models (LLMs) to amplify their hacking operations, utilizing both uncensored versions of these AI systems and custom-built criminal variants. LLMs, known for their ability to generate human-like text, write code, and solve…GBHACKERS.COM
26 JunCisco ISE Vulnerability Allows Remote Attackers to Execute Malicious CommandsCisco has issued urgent security patches addressing two critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) platforms. These flaws, which both carry the highest possible CVSS severity score of 10.0, could allow unauthenticat…GBHACKERS.COM
26 Jun3 key takeaways from the Scattered Spider attacks on insurance firmsIdentity is the new battleground—and Scattered Spider exploits it. Join Push Security to unpack how identity-based attacks are reshaping the threat landscape, and how to defend against MFA bypass, help desk scams, and more. Watch the webinar now. [...]BLEEPINGCOMPUTER.COM
26 JunHow We Built the OWASP Top 10 for Smart Contracts! 🔥In this YouTube Shorts clip, cybersecurity expert Shashank from CredShields reveals how years of research led to the creation of the OWASP Top 10 for Smart Contract Security. By analyzing every major hack since 2024, his team identified the most critical vulnerabilities in blockc…YOUTUBE.COM
26 JunnOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discoverysubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/06/noauth-vulnerability-still-affects-9-of.htmlSH.ITJUST.WORKS
26 JunNew FileFix Method Emerges as a Threat Following 517% Rise in ClickFix AttacksThe ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of 2024 and the first half of this year, according to data from ESET. "The list of threats that ClickFix attacks lead to is growing by the…THEHACKERNEWS.COM
26 JunAndroxgh0st Continues Exploitation: Operators Compromise a US University For Hosting C2 Logger | CloudSEKsubmitted by kid to cybersecurity 1 points | 0 comments https://www.cloudsek.com/blog/androxgh0st-continues-exploitation-operators-compromise-a-us-university-for-hosting-c2-loggerSH.ITJUST.WORKS
26 JunCisco warns of max severity RCE flaws in Identity Services EngineCisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector (ISE-PIC). [...]BLEEPINGCOMPUTER.COM
26 JunThreat Actors Exploit ChatGPT, Cisco AnyConnect, Google Meet, and Teams in Attacks on SMBsThreat actors are increasingly leveraging the trusted names of popular software and services like ChatGPT, Cisco AnyConnect, Google Meet, and Microsoft Teams to orchestrate sophisticated cyberattacks. According to a recent report by Kaspersky Lab, SMBs, often perceived as less fo…GBHACKERS.COM
26 JunUS indicts one for role in BreachForums, France arrests four others-Shweta Sharma A US court indicted a man accused of being IntelBroker, a key administrator of stolen data marketplace BreachForums, on Wednesday, just days after four others accused of running the site alongside him were arrested in France British national Kai West, 25, was arres…CSOONLINE.COM
26 JunStart Here. Not There. Rethink Your Cyber Game.Most cybersecurity teams build their defenses from the wrong direction. In this short, JP Bourget breaks down why starting with threat models and crown jewels—not logs or tools—is the future of smart security design. It’s not just a shift in thinking... it’s a total pivot in stra…YOUTUBE.COM
26 JunCISA Releases Two Industrial Control Systems AdvisoriesCISA released two Industrial Control Systems (ICS) advisories on June 26, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-177-01 Mitsubishi Electric Air Conditioning Systems ICSA-25-177-02 Tre…CISA.GOV
26 JunThis Is What Hackers Look Like in YOUR Network 🪂Hackers don’t kick down digital doors — they parachute in silently, landing deep inside your network without warning. In this short, cybersecurity expert Michael from CardinalOps explains how attackers are like paratroopers in enemy territory — unfamiliar with the landscape, expo…YOUTUBE.COM
26 JunnOAuth Exploit Enables Full Account Takeover of Entra Cross-Tenant SaaS ApplicationsA severe security flaw, dubbed nOAuth, has been identified in certain software-as-a-service (SaaS) applications integrated with Microsoft Entra ID, potentially allowing attackers to achieve full account takeover across tenant boundaries. Research conducted by Semperis, disclosed …GBHACKERS.COM
26 JunHere’s What AI Can’t Do in Security 🔐AI might be transforming everything—but when it comes to real-world cybersecurity threats, it still has blind spots. In this short, Keith Hoodlet breaks down why expecting large language models to stop well-resourced threat actors might be wishful thinking. Sure, they handle yest…YOUTUBE.COM
26 JunCritical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain AttacksCybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry ("open-vsx[.]org") that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk. …THEHACKERNEWS.COM
26 JunWhat Happens When Log Files Vanish Forever?When cybersecurity expert Neil Desai had just minutes to react before logs vanished, every second mattered. This short dives into how timing and asset priority shape real-world incident response. From 7-minute failover windows to remote sites with 20-day delays, it's a chilling r…YOUTUBE.COM
26 JunIs Vuln Management Dead? - HD Moore - PSW #880This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber …YOUTUBE.COM
26 JunWhat If AI Turned Against You in Cyber Defense?AI was built to protect us from cyber threats... but what if it flips the script? In this clip, cybersecurity experts discuss how tools like Microsoft’s CoPilot are finding vulnerabilities faster than ever — and how attackers are already using the same AI to exploit them. The lin…YOUTUBE.COM
26 JunTaking the shine off BreachForumsShinyHunters threat group members were arrested in a coordinated law enforcement action for their association with BreachForumsSOPHOS.COM
📢 SECURITY ADVISORIES 6[−]
26 JunCISA Issues Alert on ControlID iDSecure Flaws Enabling Bypass AuthenticationThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding critical vulnerabilities in ControlID’s iDSecure On-premises software, a widely used vehicle control and access management platform. The alert, designated ICSA-25-175-05 and released …GBHACKERS.COM
26 JunEnergienetze: Neue Regeln sollen Sicherheitslücke schließenBetreiber von Energieanlagen müssen künftig die Sicherheit ihrer kritischen IT-Komponenten prüfen lassen. Pand P Studio – shutterstock.com Im Energiesektor müssen Betreiber von kritischer Infrastruktur aus Sicherheitsgründen ab sofort den Einbau von bestimmten IT-Komponenten dem …CSOONLINE.COM
26 JunBonfy.AI Raises $9.5 Million for Adaptive Content Security PlatformBonfy.AI has emerged from stealth mode to help organizations prevent cybersecurity, privacy and compliance risks. The post Bonfy.AI Raises $9.5 Million for Adaptive Content Security Platform appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunMicrosoft Teams Adds Feature for Admins to Control 365 Certified Apps with Custom RulesMicrosoft is rolling out a major update to Microsoft Teams, empowering administrators with enhanced control over third-party app availability through new rule-based settings in the Teams admin center. This change—detailed in Microsoft’s recent Message Center update (MC1085133)—is…GBHACKERS.COM
26 JunBrother printer bug in 689 models exposes default admin passwordsA total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 7[−]
26 JunCentral Kentucky Radiology Data Breach Impacts 167,000The personal information of 167,000 individuals was compromised in an October 2024 data breach at Central Kentucky Radiology. The post Central Kentucky Radiology Data Breach Impacts 167,000 appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunMan Who Hacked Organizations to Advertise Security Services Pleads GuiltyNicholas Michael Kloster has pleaded guilty to computer hacking after targeting at least two organizations. The post Man Who Hacked Organizations to Advertise Security Services Pleads Guilty appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunGlasgow City Council impacted by ‘cyber incident’ | The Record from Recorded Future Newssubmitted by kid to cybersecurity 1 points | 0 comments https://therecord.media/glasgow-city-council-cyber-incidentSH.ITJUST.WORKS
26 JunCybersecurity's Dirty Little Secret: Humans 🫣When cybersecurity expert Jinan Budge speaks, professionals listen—and in this short, she exposes the real problem plaguing the industry: people. For years, the narrative has flip-flopped between calling humans the weakest link and our strongest defense. But with inconsistent bre…YOUTUBE.COM
26 JunEx-student charged over hacking university for cheap parking, data breachesNew South Wales police in Australia have arrested a 27-year-old former Western Sydney University (WSU) student for allegedly hacking into the University's systems on multiple occasions, starting with a scheme to obtain cheaper parking. [...]BLEEPINGCOMPUTER.COM
26 JunUS, French authorities confirm arrest of BreachForums hackersKai West was arrested in France, along with four other hackers, all suspected of being part of the well-known hacking forum, BreachForums.TECHCRUNCH.COM
26 JunHomeland Security warns of Iran-backed cyberattacks targeting US networksDHS said low-level cyberattacks targeting U.S. networks are "likely" in the wake of military conflict between the US and Israel, and Iran.TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 22[−]
26 JunISC Stormcast For Thursday, June 26th, 2025 https://isc.sans.edu/podcastdetail/9506, (Thu, Jun 26th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
26 JunBritish Man Suspected of Being the Hacker IntelBroker Arrested, Charged25-year-old Kai West, believed to be the hacker IntelBroker, was arrested in France and charged by the United States. The post British Man Suspected of Being the Hacker IntelBroker Arrested, Charged appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunIranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing AttacksAn Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel. "In some of those campaigns, I…THEHACKERNEWS.COM
26 JunUS University Targeted by Androxgh0st Botnet Operators for C2 Logger HostingCloudSEK’s TRIAD team has made the shocking discovery that the Androxgh0st botnet is a persistent and dynamic cyberthreat. It has targeted a subdomain of the University of California, San Diego, specifically the “USArhythms” portal associated with the USA Basketball MenR…GBHACKERS.COM
26 JunIranian Spear-Phishing Attack Impersonates Google, Outlook, and Yahoo DomainsCheck Point Research has uncovered a renewed global spear-phishing campaign orchestrated by the Iranian threat actor Educated Manticore, also known as APT42, Charming Kitten, and Mint Sandstorm. Linked to the IRGC Intelligence Organization, this group has intensified its operatio…GBHACKERS.COM
26 JunWhite House Bans WhatsAppReuters is reporting that the White House has banned WhatsApp on all employee devices: The notice said the “Office of Cybersecurity has deemed WhatsApp a high risk to users due to the lack of transparency in how it protects user data, absence of stored data encryption, and …SCHNEIER.COM
26 JunAuthorities Charge 25-Year-Old British National Linked to IntelBroker Hacks In a major breakthrough in the fight against cybercrime, U.S. and French authorities have charged and detained 25-year-old British national Kai West, believed to be the notorious hacker known as “IntelBroker.” West was arrested in France in February and is currently awaitin…GBHACKERS.COM
26 JunWhatsApp to Introduce AI-Powered Message Summaries for Faster Catch-UpWhatsApp has announced the upcoming launch of “Message Summaries”—an AI-powered feature designed to help users quickly catch up on unread messages. Powered by Meta AI, this innovation aims to provide concise, private summaries of chats, making it easier than ever to stay updated,…GBHACKERS.COM
26 JunHardwear.io USA 2025submitted by ashar to security_cpe 1 points | 0 comments https://youtube.com/playlist?list=PL8tHFrmzAuvSE0Lwu1Jcp7ZOlGQULk0Q0 Hardwear.io USA 2025INFOSEC.PUB
26 JunHack Glasgow 2025submitted by ashar to security_cpe 1 points | 0 comments https://youtube.com/playlist?list=PL5HAhh4PPAFfULxYGE7yO4wbNUtK_G5sq Hack Glasgow 2025INFOSEC.PUB
26 JunCharming Kitten APT Tries Spying on Israeli Cyber Expertssubmitted by kid to cybersecurity 3 points | 0 comments https://www.darkreading.com/threat-intelligence/iran-apt-spying-israeli-cybersecurity-expertsSH.ITJUST.WORKS
26 JunCisco warns of critical flaws in Identity Services Engine rated 10.0 | SC Mediasubmitted by kid to cybersecurity 1 points | 0 comments https://www.scworld.com/news/cisco-warns-of-critical-flaws-in-identity-services-engine-rated-100SH.ITJUST.WORKS
26 JunSurge in MOVEit Transfer Scanning Activity Could Signal Emerging Threat Activitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.greynoise.io/blog/surge-moveit-transfer-scanning-activitySH.ITJUST.WORKS
26 JunBipartisan Bill Aims to Block Chinese AI From Federal AgenciesThe proposal seeks to ban all use of the technology in the U.S. government, with exceptions for use in research and counterterrorism efforts. The post Bipartisan Bill Aims to Block Chinese AI From Federal Agencies appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunBuilding security that lasts: Microsoft’s journey towards durability at scale ​​In late 2023, Microsoft launched its most ambitious security transformation to date, the Microsoft Secure Future Initiative (SFI). An initiative with the equivalent of 34,000 engineers working across 14 product divisions, supporting more than 20,000 cloud services on 1.2 million …MICROSOFT.COM
26 JunResearchers Weaponize and Obfuscate .NET Assemblies Using MacroPackResearchers at BallisKit have introduced a sophisticated scenario within their MacroPack Pro tool to obfuscate and weaponize .NET assemblies, significantly enhancing their stealth against modern security solutions. As .NET has become a preferred language for crafting prominent of…GBHACKERS.COM
26 JunWhat Is Human Risk Management?Cybersecurity has long focused on fortifying networks, securing endpoints and blocking malicious code.KNOWBE4.COM
26 JunGlobal Reach — The New Scale of Chinese CyberthreatsDavid Moulton and Wendi Whitmore of Palo Alto Networks, put today's threat landscape in stark historical perspective as they discuss Chinese cyberthreats. The post Global Reach — The New Scale of Chinese Cyberthreats appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
26 JunIranian APT35 Hackers Targeting High-Profile Cybersecurity Experts and Professors in IsraelThe Iranian threat group Educated Manticore, also tracked as APT35, APT42, Charming Kitten, or Mint Sandstorm, has intensified its cyber-espionage operations targeting Israeli cybersecurity experts, computer science professors, and journalists. Associated with the Islamic Revolut…GBHACKERS.COM
26 JunHack a Phone, Steal a Fingerprint? It’s Easier Than You Think!Most people think biometric data is foolproof. But cybersecurity expert Jackie McGuire reveals a chilling truth — if someone hacks your phone’s PIN, they might add their own fingerprint or face scan without you ever knowing. This short exposes the hidden trust flaw in mobile auth…YOUTUBE.COM
26 JunWarning: Scammers are Targeting WhatsApp UsersResearchers at Bitdefender warn of a wave of social engineering attacks targeting WhatsApp accounts.KNOWBE4.COM
26 JunHow to Hack Your Boss's Brain (Psychologically Speaking)Ever wonder why some cybersecurity pros always get the green light from their boss? In this short, Adrian Sanabria breaks down the hidden psychology behind a “yes” from leadership. It’s not about technical jargon—it’s about understanding your boss’s emotions, complaints, and fear…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
26 JunESET Threat Report H1 2025A view of the H1 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research expertsWELIVESECURITY.COM
📡 INFOSEC NEWS 10[−]
26 JunWhatsApp Adds AI-Powered Message Summaries for Faster Chat PreviewsPopular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature, called Message Summaries, is currently rolling out in the English language to users in…THEHACKERNEWS.COM
26 JunMicrosoft confirms Family Safety blocks Google Chrome from launchingMicrosoft has confirmed that its Family Safety parental control service is blocking users from launching Google Chrome and other web browsers on Windows systems. [...]BLEEPINGCOMPUTER.COM
26 JunMicrosoft fixes Outlook bug causing crashes when opening emailsMicrosoft has fixed a known issue that will cause the classic Outlook email client to crash when opening emails or starting a new message. [...]BLEEPINGCOMPUTER.COM
26 JunThe Hidden Risks of SaaS: Why Built-In Protections Aren't Enough for Modern Data ResilienceSaaS Adoption is Skyrocketing, Resilience Hasn’t Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: …THEHACKERNEWS.COM
26 JunMicrosoft 365 'Direct Send' abused to send phishing as internal usersAn ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called "Direct Send" to evade detection by email security and steal credentials. [...]BLEEPINGCOMPUTER.COM
26 JunMan pleads guilty to hacking networks to pitch security servicesA Kansas City man has pleaded guilty to hacking multiple organizations to advertise his cybersecurity services, the U.S. Department of Justice announced on Wednesday. [...]BLEEPINGCOMPUTER.COM
26 JunHow to survive digitalization | Kaspersky official blogThe main threats to business as per the INTERPOL Africa Cyberthreat Assessment Report 2025KASPERSKY.COM
26 JunFTC approves $126 million in Fortnite refunds over ‘dark patterns’The Federal Trade Commission (FTC) has approved $126,000,000 in refunds to be sent to 969,173 Fortnite players as part of a settlement over allegations that Epic Games tricked users into making unwanted purchases. [...]BLEEPINGCOMPUTER.COM
26 JunThe State of Post-Quantum Cryptography (PQC) on the WebWe analyze the world’s most popular websites and most widely used web browsers to determine the current state of PQC adoption on the web.F5.COM
26 JunThe State of Post-Quantum Cryptography (PQC) on the WebWe analyze the world’s most popular websites and most widely used web browsers to determine the current state of PQC adoption on the web.F5.COM