🐛 COMMON VULNERABILITIES AND EXPOSURES 12[−]
3 JulCl0p Ransomware’s Exfiltration Process Exposes RCE VulnerabilityA newly disclosed vulnerability in the Python-based data-exfiltration utility used by the notorious Cl0p ransomware group has exposed the cybercrime operation itself to potential attack. The flaw, cataloged as GCVE-1-2025-0002, was identified by Italian security researcher Lorenz…GBHACKERS.COM
3 JulCritical Cisco Vulnerability in Unified CM Grants Root Access via Static CredentialsCisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) that could permit an attacker to login to a susceptible device as the root…THEHACKERNEWS.COM
3 JulModSecurity WAF Vulnerability Enables DoS Using Empty XML ElementsA newly disclosed vulnerability in ModSecurity, a widely used open-source web application firewall (WAF), exposes servers to denial-of-service (DoS) attacks by exploiting a flaw in the way the software parses empty XML elements. The flaw, registered as CVE-2025-52891, affect…GBHACKERS.COM
3 JulCisco Unified CM Vulnerability Lets Remote Attacker Gain Root AccessA newly disclosed, critical vulnerability in Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME) has exposed organizations to the risk of full system compromise. Tracked as CVE-2025-20309 and assigned a maximum CVSS score of 10.0, the…GBHACKERS.COM
3 JulWing FTP Server Vulnerability Allows Full Server Takeover by AttackersA newly disclosed critical vulnerability in Wing FTP Server threatens thousands of organizations worldwide, enabling attackers to achieve full server takeover through unauthenticated remote code execution (RCE). The flaw, tracked as CVE-2025-47812, has been assigned a maximu…GBHACKERS.COM
3 JulApache Seata Flaw Enables Deserialization of Untrusted DataA newly disclosed vulnerability in Apache Seata, a popular open-source distributed transaction solution, has raised security concerns for organizations relying on affected versions. The flaw, tracked as CVE-2025-32897, enables the deserialization of untrusted data within the Seat…GBHACKERS.COM
3 JulAnthropic MCP Server Flaw Allows Sandbox Escape and Code ExecutionTwo newly disclosed vulnerabilities in Anthropic’s Filesystem Model Context Protocol (MCP) Server—CVE-2025-53110 and CVE-2025-53109—have exposed AI-powered environments to severe risks, including sandbox escapes, unauthorized file access, and arbitrary code execution. T…GBHACKERS.COM
3 Jul12-Year-Old Sudo Vulnerability Exposes Linux Systems to Root Privilege EscalationA newly disclosed vulnerability in the Sudo command-line tool, present for over 12 years, has exposed countless Linux and Unix-like systems to the risk of local privilege escalation, allowing attackers to gain root access without sophisticated exploits. The flaw, tracked as CVE-2…GBHACKERS.COM
3 Jul KEVMicrosoft Edge Fixes Actively Exploited Chromium Flaw — Update ImmediatelyMicrosoft has released a critical security update for its Edge browser, addressing a high-severity vulnerability in the Chromium engine that is currently being exploited in the wild. The update, available in Microsoft Edge Stable Channel Version 138.0.3351.65, patches CVE-2025-65…GBHACKERS.COM
3 JulHardcoded root credentials in Cisco Unified CM trigger max-severity alertCisco has patched a max severity flaw in its Unified Communications Manager (Unified CM) and Session Management Edition (Unified CM SME) products that could let attackers walk right in using a hardcoded root login. The enterprise communications giant said the static credentials w…CSOONLINE.COM
3 JulApache Tomcat and Camel Vulnerabilities Actively Targeted in CyberattacksThe Apache Foundation disclosed several critical vulnerabilities affecting two of its widely used software platforms, Apache Tomcat and Apache Camel, sparking immediate concern among cybersecurity experts and organizations worldwide. Apache Tomcat, a popular platform for running …GBHACKERS.COM
3 JulCVE-2025-32726 Visual Studio Code Elevation of Privilege VulnerabilityAdded an acknowledgement. This is an informational change only.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 26[−]
3 JulFrance: Chinese Hackers Exploited Ivanti Flaw Targeting Government Agencies, Telecoms, Firms In Media, Finance, Transport Sectorssubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.com/chinese-hackers-exploited-ivanti-flaw-in-france-a-28888 cross-posted from: lemmy.sdf.org/post/37887750 Archived Here is the report (pdf) . The French National Agency for Information S…INFOSEC.PUB
3 JulFrance: Chinese Hackers Exploited Ivanti Flaw Targeting Government Agencies, Telecoms, Firms In Media, Finance, Transport Sectorssubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.com/chinese-hackers-exploited-ivanti-flaw-in-france-a-28888 cross-posted from: lemmy.sdf.org/post/37887750 Archived Here is the report (pdf) . The French National Agency for Information S…SH.ITJUST.WORKS
3 Jul5 multicloud security challenges — and how to address themA multicloud environment is now standard for midsize and large organizations, with tech leaders opting to use multiple cloud providers for the improved flexibility, resiliency, and additional advantages that operating in multiple clouds brings. But a multicloud approach also come…CSOONLINE.COM
3 JulThird-party risk management: How to avoid compliance disasterWhether your organization is aware or not, it does relly on third-party services providers that help to make business processes more effective and efficient. However, working with third parties also involves risk. Companies should therefore establish a third-party risk management…CSOONLINE.COM
3 JulKeymous+ Hacker Group Claims Responsibility for Over 700 Global DDoS AttacksA shadowy group known as Keymous+ has emerged as a formidable force in the cyber landscape, claiming responsibility for over 700 Distributed Denial of Service (DDoS) attacks in 2025 alone. Operating with a self-proclaimed identity as “North African hackers,” the group has targete…GBHACKERS.COM
3 JulHow I Scanned all of GitHub’s “Oops Commits” for Leaked Secretssubmitted by Pro to cybersecurity 2 points | 0 comments https://trufflesecurity.com/blog/guest-post-how-i-scanned-all-of-github-s-oops-commits-for-leaked-secrets GitHub Archive logs every public commit, even the ones developers try to delete. Force pushes often cover up mistakes …SH.ITJUST.WORKS
3 JulHow I Scanned all of GitHub’s “Oops Commits” for Leaked Secretssubmitted by Pro to cybersecurity 1 points | 0 comments https://trufflesecurity.com/blog/guest-post-how-i-scanned-all-of-github-s-oops-commits-for-leaked-secrets GitHub Archive logs every public commit, even the ones developers try to delete. Force pushes often cover up mistakes …INFOSEC.PUB
3 JulChinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, TelecomsThe French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-da…THEHACKERNEWS.COM
3 JulMicrosoft to Lay Off 9,000 Employees, Affecting 4% of WorkforceMicrosoft announced that it will lay off approximately 9,000 employees worldwide, representing nearly 4% of its global workforce of 228,000 as of June 2024. This move marks the company’s second significant round of job cuts this year, following the elimination of about 6,000 posi…GBHACKERS.COM
3 JulSurveillance Used by a Drug CartelOnce you build a surveillance system, you can’t control who will use it: A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone records and use Mexico City’s surveillance cameras to help track and kill the agency’s informants in 2018, accord…SCHNEIER.COM
3 JulUndetectable Android Spyware Backfires, Leaks 62,000 User LoginsA vulnerability in the Catwatchful spyware allowed a security researcher to retrieve the usernames and passwords of over 62,000 accounts. The post Undetectable Android Spyware Backfires, Leaks 62,000 User Logins appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulCritical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentialssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/07/critical-cisco-vulnerability-in-unified.htmlSH.ITJUST.WORKS
3 JulForminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover - SecurityWeeksubmitted by kid to cybersecurity 3 points | 0 comments https://www.securityweek.com/forminator-wordpress-plugin-vulnerability-exposes-400000-websites-to-takeover/SH.ITJUST.WORKS
3 JulChinese Hackers Target France in Ivanti Zero-Day Exploit Campaign - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/chinese-hackers-france-ivanti/SH.ITJUST.WORKS
3 Jul13-Year-Old Dylan Joins Forces with Microsoft Security Response Center as the Youngest Security ResearcherDylan, 13, has accomplished a remarkable achievement by becoming the youngest security researcher to work with the Microsoft Security Response Center (MSRC), leaving his mark on the history of cybersecurity. His journey from tinkering with Scratch, a visual programming language f…GBHACKERS.COM
3 JulCitrix Alerts on Authentication Failures After NetScaler Update to Resolve Auth VulnerabilityCitrix has issued an urgent advisory for NetScaler users following the release of builds 14.1.47.46 and 13.1.59.19, warning of potential authentication disruptions stemming from a 16c3 a newly implemented security feature. As part of Citrix’s secure-by-design and secure-by-…GBHACKERS.COM
3 JulThreat Actors Exploit .COM TLD to Host Widespread Credential Phishing SitesThreat actors have dramatically increased their exploitation of the cybersecurity sector, which is a disturbing development. Spain’s country code TLD, ES, is used to plan credential phishing attacks. According to recent findings from Cofense Intelligence, the abuse of .ES T…GBHACKERS.COM
3 JulCISA Releases Four Industrial Control Systems AdvisoriesCISA released four Industrial Control Systems (ICS) advisories on July 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-184-01 Hitachi Energy Relion 670/650 and SAM600-IO Series ICSA-25-184-…CISA.GOV
3 JulAzure API Vulnerabilities Expose VPN Keys and Grant Over-Privileged Access via Built-In RolesToken Security experts recently conducted a thorough investigation that exposed serious security weaknesses in Microsoft Azure’s Role-Based Access Control (RBAC) architecture. Azure RBAC, the backbone of permission management in the cloud platform, allows administrators to …GBHACKERS.COM
3 JulNew Hpingbot Exploits Pastebin for Payload Delivery and Uses Hping3 for DDoS AttacksNSFOCUS Fuying Lab’s Global Threat Hunting System has discovered a new botnet family called “hpingbot” that has been quickly expanding since June 2025, marking a significant shift in the cybersecurity scene. This cross-platform botnet, built from scratch using t…GBHACKERS.COM
3 JulBeware of Fake Chinese E-Commerce Sites Imitating Apple, Wrangler, and Exploiting Payment Services like MasterCard and PayPalA sophisticated phishing campaign, initially spotlighted by Mexican journalist Ignacio Gómez Villaseñor, has evolved into a sprawling global threat, as revealed by Silent Push Threat Analysts. What began as a targeted attack on Spanish-language audiences during Mexico’s “Hot Sale…GBHACKERS.COM
3 JulNation-State Level Hack? 8,000 Routers Infected 💻 #cyberattackOver 8,000 ASUS routers have reportedly been hijacked by a mysterious botnet named “Ayshush” — an unclaimed cyberattack campaign that cybersecurity experts say shows signs of a nation-state operation. In this short, Doug White reacts in real-time as the story unfolds, highlightin…YOUTUBE.COM
3 JulHunters International shuts ransomware operations, reportedly becomes an extortion-only gang called World LeaksRansomware gang Hunters International says it’s shutting down its operations for unexplained reasons, and is offering decryption keys to victim organizations. The offer of decryption keys could be good news for CISOs whose data were recently scrambled and who can’t find a way to …CSOONLINE.COM
3 JulWhat Makes Southeast Asia the “Ground Zero of Cybercrime”?Author: Bex Bailey Our 2025 Phishing By Industry Benchmarking Report examines why organizations across Asia face some of the highest levels of cybersecurity risk worldwide.KNOWBE4.COM
3 JulThey Hacked Us Through Microsoft Teams!?In 2025, former BlackBasta ransomware affiliates are back—and they're smarter than ever. This short exposes how these cybercriminals are using Microsoft Teams chats and Python scripts to launch spear phishing attacks, impersonate IT support, and exploit trusted domains. It's a ch…YOUTUBE.COM
3 JulCatwatchful - 61,641 breached accountsIn June 2025, spyware maker Catwatchful suffered a data breach that exposed over 60k customer records . The breach was due to a SQL injection vulnerability that enabled email addresses and plain text passwords to be extracted from the system.HAVEIBEENPWNED.COM
📋 SECURITY BULLETINS 1[−]
3 JulGrafana releases critical security update for Image Renderer pluginGrafana Labs has addressed four Chromium vulnerabilities in critical security updates for the Grafana Image Renderer plugin and Synthetic Monitoring Agent. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 10[−]
3 JulRussland nutzt Medienplattform für DesinformationDie Bundesregierung macht Russland für Desinformation im Netz verantwortlich. Skorzewiak – shutterstock.com Die Bundesregierung macht Russland für Desinformation verantwortlich, die über eine von der Türkei aus agierende Medienplattform verbreitet wird. Moskau nutze die dort regi…CSOONLINE.COM
3 JulErneute Cyberattacke auf Internationalen StrafgerichtshofDer Internationale Strafgerichtshof wurde bereists zum zweiten Mal von einer Cyberattacke getroffen. Nominesine – shutterstock.com Der Internationale Strafgerichtshof (IStGH) ist Opfer eines raffinierten Cyberangriffs geworden, dem zweiten großen Cyberspionageversuch gegen das Kr…CSOONLINE.COM
3 JulMicrosoft Acknowledges Error Entry in Windows Firewall With Advanced SecurityMicrosoft has officially confirmed that its recent Windows 11 update, KB5060829, is causing unexpected error entries in the Windows Firewall With Advanced Security logs. The company has assured users and IT administrators that these errors, while potentially alarming, do not indi…GBHACKERS.COM
3 JulRegulations Suck… But This One Might Not 😅Regulations suck... but this one might not 😅 Cybersecurity expert Summer Craze Fowler breaks down why the NIST AI Risk Management Framework is actually a game-changer. Unlike most red-tape policies, this one's voluntary, actionable, and packed with real value for pros developing …YOUTUBE.COM
🔥 INCIDENT REPORTING 14[−]
3 JulRansomware Attacks on Organizations Surge 213% in Q1 of 2025Ransomware assaults on businesses around the world have increased by 213% in the first quarter of 2025, with 2,314 victims reported over 74 distinct data breach sites, compared to just 1,086 in the first quarter of 2024. This is a startling increase in cyber dangers. According to…GBHACKERS.COM
3 JulHunters International ransomware shuts down after World Leaks rebrandThe Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data without paying a ransom. [...]BLEEPINGCOMPUTER.COM
3 JulBitpanda denies hacker claims of massive data breach | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/crypto/bitpanda-data-breach/SH.ITJUST.WORKS
3 JulPro-Russian Hackers Forge New Alliances for High-Profile CyberattacksThe ongoing Russia-Ukraine conflict, which intensified in 2022, continues to reshape the cybercrime landscape in 2025, with hacktivism emerging as a potent weapon in geopolitical disputes. Since the war’s outbreak, pro-Russian and pro-Ukrainian hacktivist groups have waged …GBHACKERS.COM
3 JulData breach likely impacted over 100K Medicare accounts | SC Mediasubmitted by kid to cybersecurity 1 points | 0 comments https://www.scworld.com/brief/data-breach-likely-impacted-over-100k-medicare-accountsSH.ITJUST.WORKS
3 JulAfter a hack many firms still say nothing, and that’s a problem - Help Net Securitysubmitted by kid to cybersecurity 2 points | 0 comments https://www.helpnetsecurity.com/2025/06/27/cybersecurity-risk-reduction-breach-transparency/SH.ITJUST.WORKS
3 JulVerizon and T-Mobile Deny Data Breaches as Millions of User Records Sold Onlinesubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/verizon-t-mobile-deny-data-breaches-user-records-sold/SH.ITJUST.WORKS
3 JulDeny Everything First. Trust Nothing. Here’s Why.When cybersecurity expert Danny Jenkins explains the real power of the “default deny” principle, it’s not just theory—it’s how real attacks like SolarWinds could’ve been stopped cold. In this short, he breaks down why apps like PowerShell don’t need access to the whole internet o…YOUTUBE.COM
3 JulRansomware gang Hunters International says it’s shutting downThe cybercriminal group, which said it's releasing its decryption tools to victims, may be transitioning to new infrastructure under a different name.TECHCRUNCH.COM
3 JulMicrosoft investigates ongoing SharePoint Online access issuesMicrosoft is investigating an ongoing incident causing intermittent issues for users attempting to access SharePoint Online sites. [...]BLEEPINGCOMPUTER.COM
3 JulIdeaLab confirms data stolen in ransomware attack last yearIdeaLab is notifying individuals impacted by a data breach incident last October when hackers accessed sensitive information. [...]BLEEPINGCOMPUTER.COM
3 JulWhen too much access is not enough: a story about Confluence and tokensDuring a Red Team engagement, we compromised an AWS account containing a Confluence instance hosted on an EC2 virtual machine. Although we fully compromised the machine hosting the Confluence instance, we did not have valid credentials to log in but were able to interact with the…QUARKSLAB.COM
3 JulCyberattack on Brazil tech provider affects reserve accounts of some financial institutionssubmitted by kid to cybersecurity 1 points | 0 comments https://www.reuters.com/world/americas/brazils-cm-software-hit-by-cyberattack-central-bank-says-2025-07-02/SH.ITJUST.WORKS
3 JulHow government cyber cuts will affect you and your businessDeep cuts in cybersecurity spending risk creating ripple effects that will put many organizations at a higher risk of falling victim to cyberattacksWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 22[−]
3 JulISC Stormcast For Thursday, July 3rd, 2025 https://isc.sans.edu/podcastdetail/9512, (Thu, Jul 3rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
3 JulSurge in LNK File Weaponization by 50%, Fueling Four Major Malware TypesThe weaponization of Windows shortcut (LNK) files for malware distribution has increased by an astounding 50%, according to telemetry data, with dangerous samples rising from 21,098 in 2023 to 68,392 in 2024. These LNK files, typically used as virtual links to access files or app…GBHACKERS.COM
3 JulPro-Russian hacktivism: Shifting alliances, new groups and riskssubmitted by Pro to cybersecurity 1 points | 0 comments https://intel471.com/blog/pro-russian-hacktivism-shifting-alliances-new-groups-and-risksINFOSEC.PUB
3 JulPro-Russian hacktivism: Shifting alliances, new groups and riskssubmitted by Pro to cybersecurity 1 points | 0 comments https://intel471.com/blog/pro-russian-hacktivism-shifting-alliances-new-groups-and-risksSH.ITJUST.WORKS
3 JulNorth Korean Hackers Use Fake Zoom Updates to Install macOS MalwareSentinelOne says the fake Zoom update scam delivers ‘NimDoor’, a rare Nim-compiled backdoor. The post North Korean Hackers Use Fake Zoom Updates to Install macOS Malware appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulAI Tools Like GPT, Perplexity Misleading Users to Phishing SitesA new wave of cyber risk is emerging as AI-powered tools like ChatGPT and Perplexity become default search and answer engines for millions. Recent research by Netcraft has revealed that these large language models (LLMs) are not just making innocent mistakes—they are actively put…GBHACKERS.COM
3 JulCisco Warns of Hardcoded Credentials in Enterprise SoftwareHardcoded SSH credentials in Cisco Unified CM and Unified CM SME could allow attackers to execute commands as root. The post Cisco Warns of Hardcoded Credentials in Enterprise Software appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulLet’s Encrypt Expands to Issue SSL/TLS Certificates for IP AddressesLet’s Encrypt, a leading certificate authority (CA) known for providing free SSL/TLS certificates since 2015, has issued its first-ever certificate for an IP address. This development, announced earlier in January, marks a significant step in expanding secure communication option…GBHACKERS.COM
3 JulNew ‘BUBBAS GATE’ Malware Advertised on Telegram Boasts SmartScreen and AV/EDR BypassA new malware loader dubbed “BUBBAS GATE” has surfaced on underground forums and Telegram channels, drawing attention for its bold claims of advanced evasion capabilities, including bypassing Microsoft’s SmartScreen and modern AV/EDR solutions. The loader was first adve…GBHACKERS.COM
3 JulCo-CEOs: The Unexpected Fix to Founder Burnout?Being a startup founder is tough, but what if two CEOs could fix burnout? In this clip, Paul Nguyen hilariously explains why going solo as a founder sucks—and how teaming up as co-CEOs might just be the secret to building a mega company. With Adrian Sanabria and Ayman Elsawah chi…YOUTUBE.COM
3 JulHackademia 2025submitted by ashar to security_cpe 1 points | 0 comments https://youtube.com/playlist?list=PLqNh-rANBq5kLiweJYTmxBYZEdpH0nL96 Hackademia 2025INFOSEC.PUB
3 JulBSides Prague 2025submitted by ashar to security_cpe 1 points | 0 comments https://youtube.com/playlist?list=PLydF1lVc7uqbg0G6yMaWZWIcU14SGuOE4 BSides Prague 2025INFOSEC.PUB
3 JulBSides Buffalo 2025submitted by ashar to security_cpe 1 points | 0 comments https://www.youtube.com/@bsidesbuffalo/search?query=2025 BSides Buffalo 2025 Videos from BSides Buffalo, Western New York’s favorite community-driven infosec and technology conference.INFOSEC.PUB
3 JulMassive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC ScamsA mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN. The identified apps were designed to load out-of-context ads on a user's screen and hide their icons from the device home screen launcher, makin…THEHACKERNEWS.COM
3 JulGen Z Hackers vs. Blue Books: Who Wins?Gen Z cybersecurity students just got hit with a plot twist — no more laptops, no more AI tools… just old-school blue books. In this short, Joshua Marpet throws us back to the era of handwritten exams, exposing how traditional testing methods are making a comeback to outsmart dig…YOUTUBE.COM
3 JulChatGPT creates phisher’s paradise by serving wrong URLssubmitted by cm0002 to cybersecurity 2 points | 1 comments https://www.theregister.com/2025/07/03/ai_phishing_websites/INFOSEC.PUB
3 JulThreat Intelligence Executive Report – Volume 2025, Number 3This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during March and AprilSOPHOS.COM
3 JulWe Went Agentless… Now We’re Screaming For Agents 😅In the ever-evolving world of cybersecurity, trends don’t just change—they come full circle. This short captures a hilarious yet insightful moment where cybersecurity pros reflect on how the industry went from loving agents, to hating them… and now desperately embracing “agentic”…YOUTUBE.COM
3 JulWho Attacked Us?! Bloated Wombat or Deranged Hookworm?!In the chaotic world of cybersecurity, even the hacker group names cause confusion. Doug White highlights the absurdity of naming conventions with examples like “Bloated Wombat” and “Deranged Hookworm,” questioning how security teams can respond effectively when companies use dif…YOUTUBE.COM
3 JulExploring Meshtastic and LoRa Mesh Networks - Rob Allen - PSW #881This week, we dive into the world of Meshtastic and LoRa—two technologies empowering secure, long-range, and infrastructure-free communication. We'll talk about the origins of Meshtastic, how LoRa radio works, and why mesh networking is revolutionizing off-grid messaging for adve…YOUTUBE.COM
3 JulBotSailor’s NPM Trap — Did You Fall for It?A new malicious NPM package just exposed a massive security flaw, and cybersecurity pros are stunned. Posing as a helpful utility, "express-api-sync" and others published by the user BotSailor opened a hidden backdoor that could remotely wipe project directories. The packages pro…YOUTUBE.COM
3 JulWhy Diverse Cloud Environments Require Flexible SecurityCan multicloud environments rely on one CSP to secure all their cloud environments? The post Why Diverse Cloud Environments Require Flexible Security appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
3 JulAI Dilemma: Emerging Tech as Cyber Risk EscalatesAs AI adoption accelerates, businesses face mounting cyber threats—and urgent choices about secure implementationTRENDMICRO.COM
📡 INFOSEC NEWS 11[−]
3 JulSophos Firewall Recognized as the #1 Overall Firewall Solution by G2 UsersThis marks the 10th consecutive G2 Seasonal Report where Sophos Firewall is the top-ranked FirewallSOPHOS.COM
3 JulMicrosoft asks users to ignore Windows Firewall config errorsMicrosoft asked customers this week to disregard incorrect Windows Firewall errors that appear after rebooting their systems following the installation of the June 2025 preview update. [...]BLEEPINGCOMPUTER.COM
3 JulThe Hidden Weaknesses in AI SOC Tools that No One Talks AboutIf you’re evaluating AI-powered SOC platforms, you’ve likely seen bold claims: faster triage, smarter remediation, and less noise. But under the hood, not all AI is created equal. Many solutions rely on pre-trained AI models that are hardwired for a handful of specific use cases.…THEHACKERNEWS.COM
3 JulOver 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User AssetsCybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users' digital assets at risk. "These extensions impersonate legitimate wallet tools from widely-used platforms such…THEHACKERNEWS.COM
3 JulMicrosoft: Exchange Server Subscription Edition now availableMicrosoft has announced that the Exchange Server Subscription Edition (SE) is now available to all customers of its enterprise email service. [...]BLEEPINGCOMPUTER.COM
3 JulBest travel apps: maps, taxis, food, internet | Kaspersky official blogDiscover which apps help you avoid getting lost, find great food, explore new places, and stay connected — even far from home.KASPERSKY.COM
3 JulBig Tech’s Mixed Response to U.S. Treasury SanctionsIn May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But more than a month later, the accused continues to openly operate accounts at a slew of Americ…KREBSONSECURITY.COM
3 JulPolice dismantles investment fraud ring stealing €10 millionThe Spanish police have dismantled a large-scale investment fraud operation based in the country, which has caused cumulative damages exceeding €10 million ($11.8M). [...]BLEEPINGCOMPUTER.COM
3 JulxAI prepares Grok 4 Code as it plans to take on Claude and GeminixAI is preparing the rollout of Grok 4, which replaces Grok 3 as the new state-of-the-art model. [...]BLEEPINGCOMPUTER.COM
3 JulLeaks hints at Operator-like tool in ChatGPT ahead of GPT-5 launchA few new code references in the ChatGPT web app and Android point to an Operator-like tool in GPT's chain of thoughts. [...]BLEEPINGCOMPUTER.COM
3 JulLeaks hint at Operator-like tool in ChatGPT ahead of GPT-5 launchA few new code references in the ChatGPT web app and Android point to an Operator-like tool in GPT's chain of thoughts. [...]BLEEPINGCOMPUTER.COM