⚠️ VULNERABILITY DISCLOSURE 7[−]
28 JunBridging the Gap: AI and Cybersecurity in the EnterpriseIn this episode of Cybersecurity Today, host Jim Love is joined by Krish Banerjee, the Canada Managing Director at Accenture for AI and Data. They begin the discussion with a report from Accenture that highlights the gap between the perceived and actual preparedness for cybersecu…CYBERSECURITYTODAY.LIBSYN.COM
28 JunCitrix Bleed 2 flaw now believed to be exploited in attackssubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/citrix-bleed-2-flaw-now-believed-to-be-exploited-in-attacks/INFOSEC.PUB
28 JunCybercriminals Exploit CapCut Popularity to Steal Apple ID Credentials and Credit Card DataThreat actors have capitalized on the immense popularity of CapCut, the leading short-form video editing app, to orchestrate a highly deceptive phishing campaign. According to the Cofense Phishing Defense Center (PDC), attackers are deploying meticulously crafted fake invoices th…GBHACKERS.COM
28 JunWeaponized DeepSeek Installers Deploy Sainbox RAT and Hidden RootkitNetskope Threat Labs has uncovered a malicious campaign exploiting fake software installers, including those mimicking popular tools like DeepSeek, Sogou, and WPS Office, to deliver dangerous malware payloads such as the Sainbox RAT (a variant of Gh0stRAT) and the Hidden rootkit.…GBHACKERS.COM
28 JunThreat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web ShellsThreat actors have been observed exploiting file upload vulnerabilities to deploy web shells and advanced malware on both Windows and Linux systems. The campaign, which showcases a blend of publicly available tools and custom malicious payloads, indicates a highly coordinated eff…GBHACKERS.COM
28 JunESET Warns Cybercriminals Are Targeting NFC Data for Contactless PaymentsESET researchers have uncovered a sophisticated attack vector exploiting Near Field Communication (NFC) data, initially targeting Czech banking customers but now spreading worldwide. According to the ESET Threat Report H1 2025, the incidence of NFC-related attacks has skyrocketed…GBHACKERS.COM
28 JunThe Cyber Risk No One Talks About 😶 #ceoawarenessEveryone talks about firewalls, phishing, and zero-days — but Jinan Budge reveals the one cybersecurity risk often ignored: humans. In this eye-opening short, she explains why boards and executives need to understand the human side of security to truly protect their organizations…YOUTUBE.COM
📢 SECURITY ADVISORIES 2[−]
28 JunCanada orders China's Hikvision to close Canadian operations over national security concernssubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://www.reuters.com/markets/emerging/ottawa-orders-chinese-manufacturer-hikvision-shutter-canadian-operations-2025-06-28 cross-posted from: lemmy.sdf.org/post/37599025 Archived The Canadian government has ordered…INFOSEC.PUB
28 JunCanada orders China's Hikvision to close Canadian operations over national security concernssubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://www.reuters.com/markets/emerging/ottawa-orders-chinese-manufacturer-hikvision-shutter-canadian-operations-2025-06-28 cross-posted from: lemmy.sdf.org/post/37599025 Archived The Canadian government has ordered…SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 7[−]
28 JunGIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering ToolThe threat actor behind the GIFTEDCROOK malware has made significant updates to turn the malicious program from a basic browser data stealer to a potent intelligence-gathering tool. "Recent campaigns in June 2025 demonstrate GIFTEDCROOK's enhanced ability to exfiltrate a broad ra…THEHACKERNEWS.COM
28 JunBreachForums broken up? French police arrest five members of notorious cybercrime siteSuspected high-ranking members of one of the world's largest online marketplaces for leaked data have been arrested by French police. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
28 JunInitial Access Isn’t The End… It’s Just Step One ⚠️Most people think stopping a phishing email means the job is done — but cybersecurity pros know better. In this short, Michael from CardinalOps reveals why “Initial Access Isn’t The End… It’s Just Step One.” He breaks down how attackers move beyond the breach using kill chains an…YOUTUBE.COM
28 JunCan Identity Security Ever Be “Finished”?Identity security is a never-ending battle—and cybersecurity pros know it. In this clip, Geoff Cairns explains why attackers keep adapting faster than our defenses and why no amount of technology alone will ever be enough. The human element, processes, and evolving strategies are…YOUTUBE.COM
28 JunInside the Mind of a Modern Adversary 🔍A cybersecurity expert breaks down one of the most shocking SaaS breaches they’ve ever seen. From passwords stored in Slack to spreadsheets full of credentials just sitting in a SOC, this short exposes how modern adversaries think—and why SaaS is their new playground. As infrastr…YOUTUBE.COM
28 JunYour Whole OneDrive Is at Risk 😳 #CyberAlertA shocking new security flaw has cybersecurity pros on edge 😳 According to Oasis Security, any app using the OneDrive file picker could gain access to your entire OneDrive — not just the file you selected. And the worst part? That access might persist even after you're done. Popu…YOUTUBE.COM
28 JunThis month in security with Tony Anscombe – June 2025 editionFrom Australia's new ransomware payment disclosure rules to another record-breaking DDoS attack, June 2025 saw no shortage of interesting cybersecurity newsWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 7[−]
28 JunMalicious Passlib Python Package Triggers Windows Shutdowns with Invalid InputsA deceptive and destructive Python package named psslib, uncovered by Socket’s Threat Research Team, poses a severe risk to developers by masquerading as a legitimate password security solution. Published by the threat actor identified as umaraq, this malicious package typosquats…GBHACKERS.COM
28 JunBeware of Trending TikTok Videos Promoting Pirated Apps That Deliver Stealer MalwareA sophisticated social engineering campaign has surfaced on TikTok, leveraging the platform’s massive user base and algorithmic reach to distribute information-stealing malware, specifically Vidar and StealC. Identified by Trend Research, this attack uses potentially AI-gen…GBHACKERS.COM
28 JunTreat Your Data Like a Library, Not a DumpsterWhen Neil Desai compares messy data to a bin of random, free books, cybersecurity professionals everywhere feel the hit. In this short, Neil and Adrian Sanabria reveal a simple but powerful metaphor: most companies store data like it’s thrown in a dumpster—unorganized, inaccessib…YOUTUBE.COM
28 JunWhose AI Is Bigger? Cybersecurity's Wild New Flex 💥In the world of cybersecurity, it’s no longer just about defense — it’s about whose AI is "bigger." Rob Allen breaks down the absurdity of today’s AI flexing trend in the infosec industry. While companies compete in a not-so-subtle game of artificial intelligence one-upmanship, R…YOUTUBE.COM
28 JunThe Easiest Way to Practice Social Skills (Even If You're an Introvert)Most people think cybersecurity is all about tech... but Evgeniy Kharam drops a surprising tip: start at the grocery store. In this short, he reveals how striking up small talk with strangers—like cashiers—can sharpen your social engineering skills and boost human connection. No …YOUTUBE.COM
28 JunWhen “Don’t Be Evil” Gets an Update…👀 Welcome to AI-Powered AdsGoogle used to say “Don’t be evil” — but things have changed. In this short, Doug breaks down how Google’s new AI Overviews are now filled with ads, even in incognito mode. Is this the future of search or just another way to sell clicks? Cyber pros, you’ll want to see this. →Subs…YOUTUBE.COM
28 JunThreat Actors Transform GIFTEDCROOK Stealer into an Intelligence-Gathering ToolThe Arctic Wolf Labs team has uncovered a dramatic transformation in the capabilities of the GIFTEDCROOK infostealer, wielded by the threat group UAC-0226. Initially identified as a rudimentary browser data stealer in early 2025, this malware has undergone rapid evolution through…GBHACKERS.COM
📡 INFOSEC NEWS 3[−]
28 JunFacebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy ConcernsFacebook, the social network platform owned by Meta, is asking for users to upload pictures from their phones to suggest collages, recaps, and other ideas using artificial intelligence (AI), including those that have not been directly uploaded to the service. According to TechCru…THEHACKERNEWS.COM
28 JunFBI Warns of Scattered Spider's Expanding Attacks on Airlines Using Social EngineeringThe U.S. Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening its targeting footprint to strike the airline sector. To that end, the agency said it's actively working with aviation and industry partners…THEHACKERNEWS.COM
28 JunLet’s Encrypt ends certificate expiry emails to cut costs, boost privacyLet's Encrypt has announced it will no longer notify users about imminent certificate expirations via email due to high costs, privacy concerns, and unnecessary complexities. [...]BLEEPINGCOMPUTER.COM