🚨 CISA KEV 1[−]
8 Jul KEVCISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active ExploitationThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is as follows - CVE-2014-3931 (CVSS score: 9.8) - A buf…THEHACKERNEWS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 152[−]
8 Jul KEVCISA Issues Alert Over Actively Exploited Flaw in Zimbra Collaboration SuiteThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding an actively exploited vulnerability in Synacor’s Zimbra Collaboration Suite (ZCS), urging organizations to take immediate action to mitigate the threat. The flaw, tracked as CVE-2019…GBHACKERS.COM
8 JulEnd of life for Microsoft Office puts malicious macros in the security spotlightThe upcoming end of life for Windows 10 has IT teams busy. From planning on migrations, to testing Windows 11 24H2, many of us are reviewing our options on how to handle that platform going forward. But there are several more daunting end-of-life deadlines in the Microsoft ecosys…CSOONLINE.COM
8 JulCISA Alerts on Active Exploitation of PHPMailer Command Injection Flaw The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding the active exploitation of a long-standing vulnerability in PHPMailer, a widely used open-source email-sending library for PHP applications. The flaw, tracked as CVE-2016-10033…GBHACKERS.COM
8 JulmacOS SMBClient Flaw Enables Remote Code Execution and Kernel CrashesA critical vulnerability has been discovered in Apple’s macOS SMBClient, exposing millions of users to the risk of remote code execution (RCE) and potentially catastrophic kernel crashes. Tracked as CVE-2025-24269, this flaw is rated with a CVSS score of 9.8, marking it as one of…GBHACKERS.COM
8 JulSAP July 2025 Patch Day: Fixes for 27 Flaws, Including 7 CriticalSAP released critical security updates on July 8, 2025, addressing 27 vulnerabilities across its enterprise software portfolio, with seven classified as critical-severity flaws. The monthly Security Patch Day also included three updates to previously released security notes, unde…GBHACKERS.COM
8 JulDNN Vulnerability Exposes NTLM Credentials via Unicode Normalization BypassSecurity researchers have discovered a critical vulnerability in DNN (formerly DotNetNuke), one of the oldest open-source content management systems, that allows attackers to steal NTLM credentials through a sophisticated Unicode normalization bypass technique. The vulnerability,…GBHACKERS.COM
8 JulRondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS AttacksCybersecurity researchers are calling attention to a malware campaign that's targeting security flaws in TBK digital video recorders (DVRs) and Four-Faith routers to rope the devices into a new botnet called RondoDox. The vulnerabilities in question include CVE-2024-3721, a mediu…THEHACKERNEWS.COM
8 JulExploits, Technical Details Released for CitrixBleed2 VulnerabilityResearchers released technical information and exploit code targeting a critical vulnerability (CVE-2025-5777) in Citrix NetScaler. The post Exploits, Technical Details Released for CitrixBleed2 Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
8 JulHow a 12-year-old bug in Sudo is still haunting Linux usersTwo new vulnerabilities have been found in Sudo, a privileged command-line tool installed on Linux systems, that can allow privilege escalation and unintended command execution on affected Ubuntu and Debian systems. According to a Stratascale research, the command-line tool has t…CSOONLINE.COM
8 JulPoC Exploits Released for CitrixBleed2: 127 Bytes Exfiltrated Per RequestSecurity researchers have released proof-of-concept exploits for CVE-2025-5777, a critical vulnerability in Citrix NetScaler ADC and Gateway devices dubbed “CitrixBleed2.” The flaw allows unauthenticated attackers to extract sensitive data from device memory, inc…GBHACKERS.COM
8 Jul KEVCISA Alerts on Active Exploit of Ruby on Rails Path Traversal FlawThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a critical path traversal vulnerability in Ruby on Rails, designated as CVE-2019-5418. The agency added this five-year-old security flaw to its Known Exploi…GBHACKERS.COM
8 JulCVE-2022-33637 Microsoft Defender for Endpoint Tampering VulnerabilityUpdated links to security updates. This is an informational change only.MSRC.MICROSOFT.COM
8 JulCVE-2022-23278 Microsoft Defender for Endpoint Spoofing VulnerabilityUpdated links to security updates. This is an informational change only.MSRC.MICROSOFT.COM
8 JulFortiOS Buffer Overflow vulnerability Enables Remote Code Execution by AttackersFortinet has disclosed a critical security vulnerability in FortiOS that could allow authenticated attackers to execute arbitrary code through a heap-based buffer overflow in the cw_stad daemon, affecting multiple versions of the popular network security operating system. Critica…GBHACKERS.COM
8 JulCVE-2025-26636 Windows Kernel Information Disclosure VulnerabilityProcessor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-33054 Remote Desktop Spoofing VulnerabilityInsufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-47159 Windows Virtualization-Based Security (VBS) Elevation of Privilege VulnerabilityProtection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-21195 Azure Service Fabric Runtime Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47971 Microsoft Virtual Hard Disk Elevation of Privilege VulnerabilityBuffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47972 Windows Input Method Editor (IME) Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-47976 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityUse after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47984 Windows GDI Information Disclosure VulnerabilityProtection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-47985 Windows Event Tracing Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47986 Universal Print Management Service Elevation of Privilege VulnerabilityUse after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47987 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48824 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49657 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49658 Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure VulnerabilityOut-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49661 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49670 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49671 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49672 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49674 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49676 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49677 Microsoft Brokering File System Elevation of Privilege VulnerabilityUse after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49686 Windows TCP/IP Driver Elevation of Privilege VulnerabilityNull pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49687 Windows Input Method Editor (IME) Elevation of Privilege VulnerabilityOut-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49688 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityDouble free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49689 Microsoft Virtual Hard Disk Elevation of Privilege VulnerabilityInteger overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49690 Capability Access Management Service (camsvc) Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49691 Windows Miracast Wireless Display Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49694 Microsoft Brokering File System Elevation of Privilege VulnerabilityNull pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47991 Windows Input Method Editor (IME) Elevation of Privilege VulnerabilityUse after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47993 Microsoft PC Manager Elevation of Privilege VulnerabilityImproper access control in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47994 Microsoft Office Elevation of Privilege VulnerabilityDeserialization of untrusted data in Microsoft Office allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-36357 AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data QueueThe vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and…MSRC.MICROSOFT.COM
8 JulCVE-2025-36350 AMD: CVE-2024-36350 Transient Scheduler Attack in Store QueueThe vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and…MSRC.MICROSOFT.COM
8 JulCVE-2025-48812 Microsoft Excel Information Disclosure VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49711 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49716 Windows Netlogon Denial of Service VulnerabilityUncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49717 Microsoft SQL Server Remote Code Execution VulnerabilityHeap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-27613 MITRE: CVE-2025-27613 Gitk Arguments Vulnerability[CVE-2025-27613](https://www.cve.org/CVERecord?id=CVE-2025-27613) is regarding a vulnerability in Gitk where when a user clones an untrusted repository and runs Gitk without additional command arguments, any writable file can be created and truncated. The option "Support per-file…MSRC.MICROSOFT.COM
8 JulCVE-2025-27614 MITRE: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability[CVE-2025-27614](https://www.cve.org/CVERecord?id=CVE-2025-27614) is regarding a vulnerability in Gitk where a Git repository can be crafted in such a way that a user who has cloned the repository can be tricked into running any script supplied by the attacker by invoking `gitk f…MSRC.MICROSOFT.COM
8 JulCVE-2025-46334 MITRE: CVE-2025-46334 Git Malicious Shell Vulnerability[CVE-2025-46334](https://www.cve.org/CVERecord?id=CVE-2025-46334) is regarding a vulnerability in Git GUI (Windows only) where a malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. On Windows, path lookup can find such executa…MSRC.MICROSOFT.COM
8 JulCVE-2025-46835 MITRE: CVE-2025-46835 Git File Overwrite Vulnerability[CVE-2025-46835](https://www.cve.org/CVERecord?id=CVE-2025-46835) is regarding a vulnerability in Git GUI where when a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and ov…MSRC.MICROSOFT.COM
8 JulCVE-2025-48384 MITRE: CVE-2025-48384 Git Symlink Vulnerability[CVE-2025-48384](https://www.cve.org/CVERecord?id=CVE-2025-48384) is regarding a vulnerability in Git where when reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing th…MSRC.MICROSOFT.COM
8 JulCVE-2025-48385 MITRE: CVE-2025-48385 Git Protocol Injection Vulnerability[CVE-2025-48385](https://www.cve.org/CVERecord?id=CVE-2025-48385) is regarding a vulnerability in Git where when cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts of the clone to a CDN. The G…MSRC.MICROSOFT.COM
8 JulCVE-2025-48386 MITRE: CVE-2025-48386 Git Credential Helper Vulnerability[CVE-2025-48386](https://www.cve.org/CVERecord?id=CVE-2025-48386) is regarding a vulnerability in Git where the wincred credential helper uses a static buffer (`target`) as a unique key for storing and comparing against internal storage. This credential helper does not properly b…MSRC.MICROSOFT.COM
8 JulCVE-2025-49719 Microsoft SQL Server Information Disclosure VulnerabilityImproper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49721 Windows Fast FAT File System Driver Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49723 Windows StateRepository API Server file Tampering VulnerabilityMissing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49726 Windows Notification Elevation of Privilege VulnerabilityUse after free in Windows Notification allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49731 Microsoft Teams Elevation of Privilege VulnerabilityImproper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49735 Windows KDC Proxy Service (KPSSVC) Remote Code Execution VulnerabilityUse after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-47178 Microsoft Configuration Manager Remote Code Execution VulnerabilityImproper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49753 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49756 Office Developer Platform Security Feature Bypass VulnerabilityUse of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49760 Windows Storage Spoofing VulnerabilityExternal control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-47973 Microsoft Virtual Hard Disk Elevation of Privilege VulnerabilityBuffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47975 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityDouble free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47978 Windows Kerberos Denial of Service VulnerabilityOut-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-47980 Windows Imaging Component Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47981 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-47982 Windows Storage VSP Driver Elevation of Privilege VulnerabilityImproper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47996 Windows MBT Transport Driver Elevation of Privilege VulnerabilityInteger underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47998 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-48000 Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityUse after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48001 BitLocker Security Feature Bypass VulnerabilityTime-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
8 JulCVE-2025-48002 Windows Hyper-V Information Disclosure VulnerabilityInteger overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network.MSRC.MICROSOFT.COM
8 JulCVE-2025-48003 BitLocker Security Feature Bypass VulnerabilityProtection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
8 JulCVE-2025-48799 Windows Update Service Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48800 BitLocker Security Feature Bypass VulnerabilityProtection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
8 JulCVE-2025-48802 Windows SMB Server Spoofing VulnerabilityImproper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-48803 Windows Virtualization-Based Security (VBS) Elevation of Privilege VulnerabilityMissing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48804 BitLocker Security Feature Bypass VulnerabilityAcceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
8 JulCVE-2025-48805 Microsoft MPEG-2 Video Extension Remote Code Execution VulnerabilityHeap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48806 Microsoft MPEG-2 Video Extension Remote Code Execution VulnerabilityUse after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48808 Windows Kernel Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48809 Windows Secure Kernel Mode Information Disclosure VulnerabilityProcessor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48810 Windows Secure Kernel Mode Information Disclosure VulnerabilityProcessor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48811 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege VulnerabilityMissing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48814 Remote Desktop Licensing Service Security Feature Bypass VulnerabilityMissing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-48815 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityAccess of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48816 HID Class Driver Elevation of Privilege VulnerabilityInteger overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48817 Remote Desktop Client Remote Code Execution VulnerabilityRelative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-48818 BitLocker Security Feature Bypass VulnerabilityTime-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.MSRC.MICROSOFT.COM
8 JulCVE-2025-48819 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege VulnerabilitySensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.MSRC.MICROSOFT.COM
8 JulCVE-2025-48820 Windows AppX Deployment Service Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48821 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege VulnerabilityUse after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.MSRC.MICROSOFT.COM
8 JulCVE-2025-48822 Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution VulnerabilityOut-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-48823 Windows Cryptographic Services Information Disclosure VulnerabilityCryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49659 Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege VulnerabilityBuffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49660 Windows Event Tracing Elevation of Privilege VulnerabilityUse after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49663 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49664 Windows User-Mode Driver Framework Host Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49665 Workspace Broker Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49666 Windows Server Setup and Boot Event Collection Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49667 Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityDouble free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49668 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49669 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49673 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49675 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityUse after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49678 NTFS Elevation of Privilege VulnerabilityNull pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49679 Windows Shell Elevation of Privilege VulnerabilityNumeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49680 Windows Performance Recorder (WPR) Denial of Service VulnerabilityImproper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49681 Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityOut-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49682 Windows Media Elevation of Privilege VulnerabilityUse after free in Windows Media allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49683 Microsoft Virtual Hard Disk Remote Code Execution VulnerabilityInteger overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49684 Windows Storage Port Driver Information Disclosure VulnerabilityBuffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49685 Windows Search Service Elevation of Privilege VulnerabilityUse after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49693 Microsoft Brokering File System Elevation of Privilege VulnerabilityDouble free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49695 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49696 Microsoft Office Remote Code Execution VulnerabilityOut-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49697 Microsoft Office Remote Code Execution VulnerabilityHeap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49698 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49699 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49700 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49701 Microsoft SharePoint Remote Code Execution VulnerabilityImproper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49702 Microsoft Office Remote Code Execution VulnerabilityAccess of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49703 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49704 Microsoft SharePoint Remote Code Execution VulnerabilityImproper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49705 Microsoft PowerPoint Remote Code Execution VulnerabilityHeap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49706 Microsoft SharePoint Server Spoofing VulnerabilityImproper authentication in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49714 Visual Studio Code Python Extension Remote Code Execution VulnerabilityTrust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49718 Microsoft SQL Server Information Disclosure VulnerabilityUse of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49722 Windows Print Spooler Denial of Service VulnerabilityUncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49724 Windows Connected Devices Platform Service Remote Code Execution VulnerabilityUse after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49725 Windows Notification Elevation of Privilege VulnerabilityUse after free in Windows Notification allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49727 Win32k Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49729 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49730 Microsoft Windows QoS Scheduler Driver Elevation of Privilege VulnerabilityTime-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49732 Windows Graphics Component Elevation of Privilege VulnerabilityHeap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49733 Win32k Elevation of Privilege VulnerabilityUse after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47999 Windows Hyper-V Denial of Service VulnerabilityMissing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49737 Microsoft Teams Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49738 Microsoft PC Manager Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49739 Visual Studio Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49740 Windows SmartScreen Security Feature Bypass VulnerabilityProtection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
8 JulCVE-2025-49742 Windows Graphics Component Remote Code Execution VulnerabilityInteger overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-49744 Windows Graphics Component Elevation of Privilege VulnerabilityHeap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
8 JulCVE-2025-47988 Azure Monitor Agent Remote Code Execution VulnerabilityImproper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network.MSRC.MICROSOFT.COM
8 JulJuly Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severityMicrosoft’s July Patch Tuesday fixes are a mix of good news and bad news for CSOs: Fourteen of the vulnerabilities are rated as critical, but on the other hand, there are no zero-days and only one vulnerability with a publicly available proof of concept. CSOs need to immediately …CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 34[−]
8 JulDiscovery of compromised Shellter security tool raises disclosure debateCISOs whose staff use the commercial Shellter Elite antivirus evasion software to detect vulnerabilities need to immediately update to the latest version after the recent discovery that threat actors are using a stolen version to distribute malware. It’s not because the abuse of …CSOONLINE.COM
8 JulHow talent-strapped CISOs can tap former federal government cyber prosSince January, thousands of federal government jobs have vanished through a combination of firings, layoffs and resignations. The cuts, a part of the zealous Department of Government Efficiency (DOGE) strategy, include swaths of cyber talent. The Cybersecurity and Infrastructure …CSOONLINE.COM
8 JulChinese wegen US-Spionageverdacht in Mailand festgenommenEin Chinese wurde wegen Cyberbetrug und Identitätsdiebstahl festgenommen. Brian A Jackson – shutterstock.com Wegen des Verdachts der US-Spionage ist ein Chinese am größten Flughafen Mailands festgenommen worden. Wie die italienische Nachrichtenagentur Ansa berichtet, soll der 33-…CSOONLINE.COM
8 JulWeekly Update 459Presently sponsored by: Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing New week, different end of the world! After a fleeting stop at home, we're in Japan for a proper holiday (yet somehow I'm still here writing this...) …TROYHUNT.COM
8 JulChecking in on the State of Appsec in 2025 - Sandy Carielli, Janet Worthington - ASW #338Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those …YOUTUBE.COM
8 JulCall of Duty Gamers Hacked via RCE Exploit Allowing Player-to-Player AttacksThe Call of Duty team removed the PC edition of Call of Duty: WWII off the internet on Saturday after numerous allegations of a serious security flaw surfaced, which is concerning for the gaming community. The culprit appears to be a Remote Code Execution (RCE) vulnerability an e…GBHACKERS.COM
8 JulThe trust crisis in the cloud…and why blockchain deserves a seat at the tableAs a cybersecurity consultant guiding organizations across the globe through digital transformation, I’ve observed one recurring pattern: We place immense trust in cloud services without fully questioning the fragility of their trust foundations. While cloud computing delivers un…CSOONLINE.COM
8 JulSAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System TakeoverSAP has released patches for multiple insecure deserialization vulnerabilities in NetWeaver that could lead to full system compromise. The post SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover appeared first on SecurityWeek .SECURITYWEEK.COM
8 JulClickFix-Attacken bedrohen UnternehmenssicherheitCyberkriminelle greifen immer häufiger auf ClickFix-Angriffe zurück. NAJA x -shutterstock.com Weniger bekannt als Phishing ist die Social-Engineering -Methode ClickFix . Ziel solcher Attacken ist es, die Opfer dazu zu bewegen, bösartige Befehle in Tools wie PowerShell oder die Wi…CSOONLINE.COM
8 JulOvercoming Technical Barriers in Desktop and Application VirtualizationExposed RDP ports are an open door for attackers. TruGrid SecureRDP enforces Zero Trust and MFA, blocks lateral movement, and secures remote access—no open firewall ports required. Learn more and get a free trial. [...]BLEEPINGCOMPUTER.COM
8 JulMediaTek July 2025 Security Update Addresses Multiple Chipset VulnerabilitiesMediaTek has released a comprehensive security bulletin addressing 16 critical vulnerabilities across its extensive chipset portfolio, including smartphone, tablet, AIoT, smart display, smart platform, OTT, computer vision, audio, and TV chipsets. The July 2025 security update re…GBHACKERS.COM
8 JulVLAI: A RoBERTa-Based Model for Automated Vulnerability Severity Classificationsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://huggingface.co/papers/2507.03607INFOSEC.PUB
8 JulVenusTech and Salt Typhoon Breach Sheds Light on China's Covert Cyber Mercenary Networkssubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/venustech-and-salt-typhoon-breach/SH.ITJUST.WORKS
8 JulIvanti Products Connect Secure and Policy Secure Hit by Denial-of-Service VulnerabilitiesIvanti has released critical security updates for its Connect Secure and Policy Secure products, addressing six medium-severity vulnerabilities that could potentially lead to denial-of-service attacks and unauthorized access. The cybersecurity firm announced today that while no c…GBHACKERS.COM
8 JulCISA Releases One Industrial Control Systems AdvisoryCISA released one Industrial Control Systems (ICS) advisory on July 8, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-189-01 Emerson ValveLink Products CISA encourages users and administrator…CISA.GOV
8 JulMicrosoft July 2025 Patch Tuesday fixes one zero-day, 137 flawsToday is Microsoft's July 2025 Patch Tuesday, which includes security updates for 137 flaws, including one publicly disclosed zero-day vulnerability in Microsoft SQL Server. [...]BLEEPINGCOMPUTER.COM
8 JulNetSupport RAT Spreads Through Compromised WordPress Sites Using ClickFix TechniqueThe Cybereason Global Security Operations Center (GSOC) has uncovered a sophisticated campaign by threat actors who are exploiting compromised WordPress websites to distribute malicious versions of the legitimate NetSupport Manager Remote Access Tool (RAT). This campaign, detaile…GBHACKERS.COM
8 JulMicrosoft Patch Tuesday July 2025: 130 Vulnerabilities Patched, Including 1 Zero-Day and 41 RCE FlawsMicrosoft released its July 2025 Patch Tuesday security updates on July 8, 2025, addressing 130 vulnerabilities across its software ecosystem, including one publicly disclosed zero-day vulnerability and numerous critical security flaws that pose significant risks to organizations…GBHACKERS.COM
8 JulHackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT MalwareIn yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute stealer malware. The company behind the software said a company that had recen…THEHACKERNEWS.COM
8 JulNew LogoKit Phishing Campaign Exploits Cloudflare Turnstile and Amazon S3 for Higher Success RatesCyble Research and Intelligence Labs (CRIL) recently discovered a very advanced phishing campaign that used the LogoKit phishing kit, which was initially discovered in 2021, to pose as reliable organizations such as Hungary’s Computer Emergency Response Team (HunCERT). This…GBHACKERS.COM
8 JulActivision took down Call of Duty game after PC players hacked, says sourceGames giant Activision took down Call of Duty: WWII due to hackers exploiting a flaw in a specific PC version of the game, which led to several players getting their computers hacked, TechCrunch has learned. Last week, Activision announced that it brought offline the Micros…TECHCRUNCH.COM
8 JulGit security vulnerabilities announcedsubmitted by Pro to cybersecurity 1 points | 0 comments https://github.blog/open-source/git/git-security-vulnerabilities-announced-6/INFOSEC.PUB
8 JulGit security vulnerabilities announcedsubmitted by Pro to cybersecurity 1 points | 0 comments https://github.blog/open-source/git/git-security-vulnerabilities-announced-6/SH.ITJUST.WORKS
8 JulCritical Patches Issued for Microsoft Products, July 8, 2025Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
8 JulHackers Manipulate Search Results to Target IT Pros with Trojanized PuTTY and WinSCPArctic Wolf has uncovered a cunning cybersecurity threat that exploits search engine optimization (SEO) poisoning and malvertising tactics to distribute Trojanized versions of widely used IT tools such as PuTTY and WinSCP. This campaign cunningly targets IT professionals and syst…GBHACKERS.COM
8 JulAdvancing Protection in Chrome on AndroidPosted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team Android recently announced Advanced Protection , which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalis…SECURITY.GOOGLEBLOG.COM
8 JulMicrosoft Patch Tuesday, July 2025, (Tue, Jul 8th)Today, Microsoft released patches for 130 Microsoft vulnerabilities and 9&#;x26;#;xc2;&#;x26;#;xa0;additional&#;x26;#;xc2;&#;x26;#;xa0;vulnerabilities not part of Micro…ISC.SANS.EDU
8 JulNew Android TapTrap attack fools users with invisible UI trickA novel tapjacking technique can exploit user interface animations to bypass Android's permission system and allow access to sensitive data or trick users into performing destructive actions, such as wiping the device. [...]BLEEPINGCOMPUTER.COM
8 JulBERT Ransomware Can Force Shutdown of ESXi Virtual Machines to Hinder RecoveryA newly identified ransomware group, BERT, tracked by Trend Micro as Water Pombero, has emerged as a significant threat to organizations across Asia, Europe, and the US. First observed in April, BERT targets critical sectors such as healthcare, technology, and event services, emp…GBHACKERS.COM
8 JulMalicious Open Source Packages Surge 188% Annually - Infosecurity Magazinesubmitted by kid to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/malicious-open-source-surge-188/SH.ITJUST.WORKS
8 JulA Vulnerability in FortiWeb Could Allow for SQL InjectionA vulnerability has been discovered FortiWeb, which could allow for SQL injection. FortiWeb is a web application firewall (WAF) developed by Fortinet. It's designed to protect web applications and APIs from a wide range of attacks, including those targeting known vulnerabilities …CISECURITY.ORG
8 JulM&S confirms social engineering led to massive ransomware attackM&S confirmed today that the retail outlet's network was initially breached in a "sophisticated impersonation attack" that ultimately led to a DragonForce ransomware attack. [...]BLEEPINGCOMPUTER.COM
8 JulMicrosoft Patches 130 Vulnerabilities for July 2025 Patch TuesdayPatch Tuesday July 2025: Microsoft rolled out fixes for 130 vulnerabilities, including a zero-day in SQL Server. The post Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday appeared first on SecurityWeek .SECURITYWEEK.COM
8 Jul11 Google-Verified Chrome Extensions Infected Over 1.7 Million UsersA chilling discovery by Koi Security has exposed a sophisticated browser hijacking campaign dubbed “RedDirection,” compromising over 1.7 million users through 11 Google-verified Chrome extensions. This operation, which also spans Microsoft Edge with additional extensi…GBHACKERS.COM
📢 SECURITY ADVISORIES 7[−]
🔥 INCIDENT REPORTING 13[−]
8 JulNordDragonScan Targets Windows Users to Steal Login CredentialsFortiGuard Labs has discovered a current campaign that targets Microsoft Windows users with the NordDragonScan infostealer, which is a worrying trend for cybersecurity. This high-severity threat leverages a complex infection chain to infiltrate systems, harvest sensitive data, an…GBHACKERS.COM
8 JulAtomic macOS Info-Stealer Updated with New Backdoor for Persistent AccessThe Atomic macOS Stealer (AMOS), a notorious piece of info-stealing malware targeting Apple users, has undergone a significant update, introducing an embedded backdoor for the first time. This development, reported by Moonlock a cybersecurity division of MacPaw marks a critical e…GBHACKERS.COM
8 Jul5 Ways Identity-based Attacks Are Breaching RetailFrom overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and access. Here’s how five retail breaches unfolded, and what they reveal about... In recent months, major retailers like Adidas, The North Face, Dior, Victo…THEHACKERNEWS.COM
8 JulQantas Hit with Extortion Demand After Data BreachThe Australian airline says a cybercriminal attempted to extort it after customer data was stolen from a contact center. The post Qantas Hit with Extortion Demand After Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
8 JulQantas is being extorted in recent data-theft cyberattacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/qantas-is-being-extorted-in-recent-data-theft-cyberattack/SH.ITJUST.WORKS
8 JulSurmodics & Kentfield Hospital Fall Victim to Cyberattackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.hipaajournal.com/surmodics-kentfield-hospital-cyberattacks/SH.ITJUST.WORKS
8 JulMarks & Spencer chair refuses to say if retailer paid hackers after ransomware attackThe retail giant's chair confirmed the breach was caused by ransomware.TECHCRUNCH.COM
8 JulDPRK macOS 'NimDoor' Malware Targets Web3, Crypto Platformssubmitted by kid to cybersecurity 2 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/dprk-macos-nimdoor-malware-web3-crypto-platformsSH.ITJUST.WORKS
8 Jul4 Critical Steps in Advance of 47-Day SSL/TLS Certificatessubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/critical-steps-advance-ssl-tls-certificatesSH.ITJUST.WORKS
8 JulRansomware negotiator investigated over criminal gang kickbacks | Malwarebytessubmitted by kid to cybersecurity 1 points | 0 comments https://www.malwarebytes.com/blog/news/2025/07/ransomware-negotiator-investigated-over-criminal-gang-kickbacksSH.ITJUST.WORKS
8 JulBladed Feline: Iran's Cyber Cat Is Real and DangerousAn Iranian cyber espionage group nicknamed "Bladed Feline" went undetected inside a target network for nearly a decade. In this short, cybersecurity expert Doug White unveils how this clawed menace operated stealthily and why Iran's hacker groups are always oddly feline-themed. W…YOUTUBE.COM
8 Jul$200K Gone in a Zoom Call!A crypto CEO joined what looked like a routine Zoom interview... and walked out $200,000 poorer. The scammer never turned on their camera, spoke with a convincing voice, and asked for a “quick demo” of the CEO’s crypto tool. In a single moment of trust, remote access was granted …YOUTUBE.COM
8 JulImpostor Uses AI to Impersonate Rubio and Contact Foreign and US Officialsimpersonator, with a similar incident revealed in May involving President Donald Trump’s chief of staff, Susie Wiles. The misuse of AI to deceive people is likely to grow as the technology improves and becomes more widely available. The post Impostor Uses AI to Impersonate Rubio …SECURITYWEEK.COM
🕵️ THREAT INTELLIGENCE 21[−]
8 JulISC Stormcast For Tuesday, July 8th, 2025 https://isc.sans.edu/podcastdetail/9516, (Tue, Jul 8th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
8 JulCritical Vulnerabilities in KIA Infotainment Let Attackers Inject Code with PNG FilesA recent security analysis has uncovered critical vulnerabilities in the infotainment systems of KIA vehicles, raising alarm across the automotive cybersecurity community. These flaws allow attackers to inject and execute malicious code through specially crafted PNG ima…GBHACKERS.COM
8 JulResearchers Share CitrixBleed 2 Detection Analysis After Initial Hold - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/citrixbleed-2-detection-analysis/SH.ITJUST.WORKS
8 JulChrome Store Features Extension Poisoned With Sophisticated Spywaresubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/endpoint-security/chrome-store-features-extension-poisoned-sophisticated-spywareSH.ITJUST.WORKS
8 JulHackers abuse leaked Shellter red team tool to deploy infostealerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/hackers-abuse-leaked-shellter-red-team-tool-to-deploy-infostealers/SH.ITJUST.WORKS
8 JulCyberheistNews Vol 15 #27 Is Your Human Risk Management Program Really Making a Difference? Measure It NowKNOWBE4.COM
8 JulMalware Attacks on Android Devices Surge in Q2, Driven by Banking Trojans and Spywaresubmitted by kid to cybersecurity 2 points | 0 comments https://gbhackers.com/malware-attacks-on-android-devices-surge-in-q2/SH.ITJUST.WORKS
8 JulThe Wild Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to IgnoreAs organizations rush to adopt agentic AI, security leaders must confront the growing risk of invisible threats and new attack vectors. The post The Wild Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore appeared first on SecurityWeek .SECURITYWEEK.COM
8 JulModernizing Cybersecurity for State and Local GovernmentState IT must shift to integrated, efficient and smarter cybersecurity investments, leveraging public/private partnerships for innovation. The post Modernizing Cybersecurity for State and Local Government appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
8 JulEmployee gets $920 for credentials used in $140 million bank heistsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/employee-gets-920-for-credentials-used-in-140-million-bank-heist/SH.ITJUST.WORKS
8 JulLegit Shellter Pen-Testing Tool Used in Malware AttacksA stolen copy of Shellter Elite shows how easily legitimate security tools can be repurposed by threat actors when vetting and oversight fail. The post Legit Shellter Pen-Testing Tool Used in Malware Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
8 JulResearchers Reveal Scatter Spider’s Tools, Tactics, and Key IndicatorsCheck Point Research has revealed important details about the phishing domain patterns and advanced attack techniques of the infamous Scattered Spider organization, which has brought a new wave of cyberthreats under close investigation. Known for their aggressive social engineeri…GBHACKERS.COM
8 JulAndroid malware Anatsa infiltrates Google Play to target US bankssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/android-malware-anatsa-infiltrates-google-play-to-target-us-banks/SH.ITJUST.WORKS
8 JulOver 500 Scattered Spider Phishing Domains Poised to Target Multiple I - Infosecurity Magazinesubmitted by kid to cybersecurity 4 points | 0 comments https://www.infosecurity-magazine.com/news/scattered-spider-phishing-domains/SH.ITJUST.WORKS
8 JulEnhancing Microsoft 365 security by eliminating high-privilege accessIn this blog you will hear directly from Microsoft’s Deputy Chief Information Security Officer (CISO) for Experiences and Devices, Naresh Kannan, about eliminating high-privileged access across all Microsoft 365 applications. This blog is part of an ongoing series where our Depu…MICROSOFT.COM
8 JulXMRig Malware Disables Windows Updates and Scheduled Tasks to Maintain PersistenceMonero (XMR), a cryptocurrency, saw a spectacular surge in early 2025, rising 45% from $196 to $285 by May, with a notable peak in April. This surge coincided with a high-profile Bitcoin theft in the US, where the stolen assets were reportedly converted into Monero by a single in…GBHACKERS.COM
8 JulChina-Linked VELETRIX Loader Used in Attacks on Telecommunications InfrastructureA China-Nexus Threat Actor has launched a highly advanced assault against China Mobile Tietong Co., Ltd., a division of China Mobile, one of the biggest telecom behemoths in the nation, in a compelling illustration of state-aligned cyberwarfare. Named “DragonClone” by…GBHACKERS.COM
8 JulNew Report Finds Billions of Leaked Credentials and ULP Files on Dark Web Are OutdatedA recent in-depth analysis by threat intelligence experts sheds critical light on the pervasive issue of outdated and unreliable data circulating on the dark web. The report, spanning a comprehensive 26-minute read, delves into the world of combolists text files containing userna…GBHACKERS.COM
8 JulAdobe Patches Critical Code Execution BugsAdobe patches were also released for medium-severity flaws in After Effects, Audition, Dimension, Experience Manager Screens, FrameMaker, Illustrator, Substance 3D Stager, and Substance 3D Viewer. The post Adobe Patches Critical Code Execution Bugs appeared first on SecurityWeek …SECURITYWEEK.COM
8 JulBrowser hijacking campaign infects 2.3M Chrome, Edge userssubmitted by PhilipTheBucket to cybersecurity 3 points | 0 comments https://www.theregister.com/2025/07/08/browser_hijacking_campaign/SH.ITJUST.WORKS
8 JulSpying on your kids, Bank Robberies, Qantas, LOTL, sudo, Hunters, Aaran Leyland... - SWN #492Spying on your kids, Bank Robberies, Qantas, LOTL, sudo, Hunters, Aaran Leyland, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-492YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
8 JulResearchers Uncover Batavia Windows Spyware Stealing Documents from Russian FirmsRussian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia. The activity, per cybersecurity vendor Kaspersky, has been active since July 2024. "The targeted attack begins with bait emails containi…THEHACKERNEWS.COM
8 JulMalicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code ExtensionCybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times. The compromise, per ReversingLabs, occurred via a GitHub pull request that was opened by a u…THEHACKERNEWS.COM
8 JulAndroid malware Anatsa infiltrates Google Play to target US banksThe Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than 50,000 downloads. [...]BLEEPINGCOMPUTER.COM
8 JulAnatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google PlayCybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target users in North America using malicious apps published on Google's official app marketplace. The malware, disguised as a "PDF Update" to a document view…THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
8 JulThe AI Fix #58: An AI runs a shop into the ground, and AI’s obsession with the number 27In episode 58 of "The AI Fix" podcast, our hosts discover a pair of AI headphones that don't electrocute you, Microsoft invents "medical superintelligence", Chucky opens a hotel, some robot footballers fall over, Jony Ive invents a $6 billion pen, and Malcolm Gladwell fears a dys…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 7[−]
8 JulShrinking your digital footprint: a checklist by Kaspersky | Kaspersky official blogWe share tips to help you reduce your daily digital footprint.KASPERSKY.COM
8 JulBaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud GloballyA newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 countries. These BNS pages are made to look like real news …THEHACKERNEWS.COM
8 JulMalicious Chrome extensions with 1.7M installs found on Web StoreAlmost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses. [...]BLEEPINGCOMPUTER.COM
8 JulWindows 10 KB5062554 cumulative update released with 13 changes, fixesMicrosoft has released the KB5062554 cumulative update for Windows 10 22H2 and Windows 10 21H2, with thirteen new fixes or changes. [...]BLEEPINGCOMPUTER.COM
8 JulWindows 11 KB5062553 & KB5062552 cumulative updates releasedMicrosoft has released Windows 11 KB5062553 and KB5062552 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]BLEEPINGCOMPUTER.COM
8 JulSamsung announces major security enhancements coming to One UI 8Samsung has announced multiple data security and privacy enhancements for its upcoming Galaxy smartphones running One UI 8, its custom user interface on top of Android. [...]BLEEPINGCOMPUTER.COM
8 JulUS government confirms arrest of Chinese national accused of stealing COVID research and mass-hacking email serversAccused hacker and Chinese national Xu Zewei was arrested in Italy at the request of U.S. prosecutors.TECHCRUNCH.COM