matlock.ca // THREAT INTELLIGENCE — 2025-07-10

91Articles

9Categories

2025-07-10Date

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-5777 Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability These types of vulnerabilities are frequent attack vectors f…

KEVCISA.GOV — Thu, 10 Jul 25 1

🐛

Warning to ServiceNow admins: Fix your access control lists now

CIO.COM — 10 Jul 2025

🐛

Critical mcp‑remote Vulnerability Enables LLM Clients to Remote Code Execution

GBHACKERS.COM — 10 Jul 2025

🐛

ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

THEHACKERNEWS.COM — 10 Jul 2025

🐛

Hackers Exploit GeoServer RCE Flaw to Deploy Cryptocurrency Miners

GBHACKERS.COM — 10 Jul 2025

🐛

AMD discloses new CPU flaws that can enable data leaks via timing attacks

CSOONLINE.COM — 10 Jul 2025

🐛

ServiceNow Platform Vulnerability Enables Attackers to Exfiltrate Sensitive Data

GBHACKERS.COM — 10 Jul 2025

🐛

CVE-2025-6514 Threatens LLM clients

SH.ITJUST.WORKS — 10 Jul 2025

🐛

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

THEHACKERNEWS.COM — 10 Jul 2025

⚠️

McDonald’s AI Hiring Bot Exposed with ‘123456’ Password — Millions of Job‑Seekers’ Data at Risk

GBHACKERS.COM — 10 Jul 2025

⚠️

MCP is fueling agentic AI — and introducing new security risks

CSOONLINE.COM — 10 Jul 2025

⚠️

Ruckus Networks leaves severe flaws unpatched in management devices

INFOSEC.PUB — 10 Jul 2025

⚠️

Researchers Trick ChatGPT into Leaking Windows Product Keys

GBHACKERS.COM — 10 Jul 2025

⚠️

New “Opossum” Attack Breaches Secure TLS by Injecting Malicious Messages

GBHACKERS.COM — 10 Jul 2025

⚠️

Critical Ruckus Wireless Flaws Threaten Enterprise Wi‑Fi Security

GBHACKERS.COM — 10 Jul 2025

⚠️

Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack

SECURITYWEEK.COM — 10 Jul 2025

⚠️

Critical Bluetooth Protocol Vulnerabilities Expose Devices to RCE Attacks

GBHACKERS.COM — 10 Jul 2025

⚠️

Four Hackers Arrested by UK Police After Attacks on M&S Co‑op and Harrods

GBHACKERS.COM — 10 Jul 2025

⚠️

A Vulnerability in FortiWeb Could Allow for SQL Injection

SH.ITJUST.WORKS — 10 Jul 2025

⚠️

FBI's CJIS demystified: Best practices for passwords, MFA & access control

BLEEPINGCOMPUTER.COM — 10 Jul 2025

⚠️

North American APT Uses Exchange Zero-Day to Attack China

SH.ITJUST.WORKS — 10 Jul 2025

⚠️

eSIM Hack Allows for Cloning, Spying

SECURITYWEEK.COM — 10 Jul 2025

⚠️

PerfektBlue Bluetooth flaws impact Mercedes, Volkswagen, Skoda cars

BLEEPINGCOMPUTER.COM — 10 Jul 2025

⚠️

CISA Releases Thirteen Industrial Control Systems Advisories

CISA.GOV — Thu, 10 Jul 25 1

⚠️

News alert: INE Security debuts advanced eMAPT certification to close mobile security talent gap

LASTWATCHDOG.COM — 10 Jul 2025

⚠️

The Solidity Language open-source package was used in a $500,000 crypto heist

INFOSEC.PUB — 10 Jul 2025

⚠️

The Solidity Language open-source package was used in a $500,000 crypto heist

SH.ITJUST.WORKS — 10 Jul 2025

⚠️

Cyberattacks on User Logins Jump 156%, Fueled by Infostealers and Phishing Toolkits

GBHACKERS.COM — 10 Jul 2025

⚠️

Hackers Exploit GitHub to Distribute Malware Disguised as VPN Software

GBHACKERS.COM — 10 Jul 2025

⚠️

Weaponized AI Extension Used by Hackers to Swipe $500,000 in Crypto

GBHACKERS.COM — 10 Jul 2025

📋

July Patch Tuesday offers 127 fixes

SOPHOS.COM — 10 Jul 2025

📢

US Treasury Department sanctions individuals and entities over illegal IT worker scheme

CSOONLINE.COM — 10 Jul 2025

📢

The Czech Republic bans DeepSeek in state administration over cybersecurity concerns

INFOSEC.PUB — 10 Jul 2025

📢

The Czech Republic bans DeepSeek in state administration over cybersecurity concerns

SH.ITJUST.WORKS — 10 Jul 2025

📢

CISA Warns ValveLink Products May Expose Sensitive System Information

GBHACKERS.COM — 10 Jul 2025

📢

Juniper Networks security advisory (AV25-415)

CYBER.GC.CA — 2025-07-10

📢

Drupal security advisory (AV25-416)

CYBER.GC.CA — 2025-07-10

📢

Wing FTP security advisory (AV25-391) - Update 1

CYBER.GC.CA — 2025-07-10

📢

Schneider Electric Flaws Expose Systems to OS Command Injection Attacks

GBHACKERS.COM — 10 Jul 2025

🔥

“Ransomware, was ist das?”

CSOONLINE.COM — 10 Jul 2025

🔥

Ransomware Activity Spikes Amid Qilin’s New Wave of Targeted Attacks

GBHACKERS.COM — 10 Jul 2025

🔥

Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods

THEHACKERNEWS.COM — 10 Jul 2025

🔥

Hackerangriff legt Ameos-Kliniken lahm

CSOONLINE.COM — 10 Jul 2025

🔥

Qantas Confirms 5.7 Million Impacted by Data Breach

SECURITYWEEK.COM — 10 Jul 2025

🔥

Four arrested in UK over M&S, Co-op, Harrod cyberattacks

BLEEPINGCOMPUTER.COM — 10 Jul 2025

🔥

Four Arrested in UK Over M&S, Co-op Cyberattacks

SECURITYWEEK.COM — 10 Jul 2025

🔥

Ransomware Attack Stops Nova Scotia Power Meter Readings - Infosecurity Magazine

SH.ITJUST.WORKS — 10 Jul 2025

🔥

Ingram Micro Restores Systems Impacted by Ransomware

SECURITYWEEK.COM — 10 Jul 2025

🔥

SatanLock Next in Line for Ransomware Group Shutdowns

SH.ITJUST.WORKS — 10 Jul 2025

🔥

French police arrest Russian basketball player accused of ransomware: report

TECHCRUNCH.COM — 10 Jul 2025

🔥

Russian pro basketball player arrested for alleged role in ransomware attacks

BLEEPINGCOMPUTER.COM — 10 Jul 2025

🔥

SafePay Ransomware Uses RDP and VPN Access to Infiltrate Organizational Networks

GBHACKERS.COM — 10 Jul 2025

🔥

Alert: Scattered Spider is Targeting the Aviation Sector

KNOWBE4.COM — 10 Jul 2025

🔥

Four arrested in UK over M&S, Co-op, Harrods cyberattacks

BLEEPINGCOMPUTER.COM — 10 Jul 2025

🕵️

AMD warns of new Meltdown, Spectre-like bugs affecting CPUs

INFOSEC.PUB — 10 Jul 2025

🕵️

SSH Tunneling in Action: direct-tcp requests [Guest Diary], (Wed, Jul 9th)

ISC.SANS.EDU — 10 Jul 2025

🕵️

ISC Stormcast For Thursday, July 10th, 2025 https://isc.sans.edu/podcastdetail/9520, (Thu, Jul 10th)

ISC.SANS.EDU — 10 Jul 2025

🕵️

Qantas tells customers what data was stolen during break-in

SH.ITJUST.WORKS — 10 Jul 2025

🕵️

GitPhish: New Tool Automates GitHub Device Code Phishing Attacks

GBHACKERS.COM — 10 Jul 2025

🕵️

Massive Scraper Botnet of 3,600+ Devices Targets US and UK Websites

GBHACKERS.COM — 10 Jul 2025

🕵️

AirMDR Raises $15.5 Million for MDR Solution

SECURITYWEEK.COM — 10 Jul 2025

🕵️

What Can Businesses Do About Ethical Dilemmas Posed by AI?

SECURITYWEEK.COM — 10 Jul 2025

🕵️

GitLab Vulnerabilities Allow Execution of Malicious Actions via Content Injection

GBHACKERS.COM — 10 Jul 2025

🕵️

Using Signal Groups for Activism

SCHNEIER.COM — 2025-07-10

🕵️

Most Cryptocurrency Stocks Are Rising. Join ALR MINER And Earn $8,700 In BTC Every Day

GBHACKERS.COM — 10 Jul 2025

🕵️

Brave Browser For Android via F‑Droid: Now Fully Available

GBHACKERS.COM — 10 Jul 2025

🕵️

Rhadamanthys Infostealer Uses ClickFix Technique to Steal Login Credentials

GBHACKERS.COM — 10 Jul 2025

🕵️

Booz Allen Invests in Machine Identity Firm Corsha

SECURITYWEEK.COM — 10 Jul 2025

🕵️

Schlechte Security-Noten für EU-Behörden

CSOONLINE.COM — 10 Jul 2025

🕵️

INE Security Launches Enhanced eMAPT Certification

GBHACKERS.COM — 10 Jul 2025

🕵️

Server with Rockerbox Tax Firm Data Exposed 286GB of Records

SH.ITJUST.WORKS — 10 Jul 2025

🕵️

Pay2Key’s Resurgence: Iranian Cyber Warfare Targets the West

SH.ITJUST.WORKS — 10 Jul 2025

🕵️

Export to PDF allows local file inclusion/path traversal in Microsoft 365 - hn security

SH.ITJUST.WORKS — 10 Jul 2025

🕵️

GitHub Abused to Spread Malware Disguised as Free VPN - CYFIRMA

SH.ITJUST.WORKS — 10 Jul 2025

🕵️

5 Takeaways: Senate Banking Committee Hearing on Digital Assets

SH.ITJUST.WORKS — 10 Jul 2025

🕵️

More than $40 million stolen from GMX crypto platform | The Record from Recorded Future News

SH.ITJUST.WORKS — 10 Jul 2025

🕵️

Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report

MICROSOFT.COM — 10 Jul 2025

🕵️

US Sanctions Key Threat Actors Tied to North Korea’s Remote IT Worker Scheme

GBHACKERS.COM — 10 Jul 2025

🕵️

Ducex Packer for Android Evades Detection with Heavy Obfuscation Techniques

GBHACKERS.COM — 10 Jul 2025

🕵️

Weaponized Termius App Delivers Latest ZuRu Malware to macOS Users

GBHACKERS.COM — 10 Jul 2025

🕵️

AI Attacks Are Coming in a Big Way Now!

KNOWBE4.COM — 10 Jul 2025

🕵️

Citrixbleed 2, Hardware Hacking, and Failed Bans - PSW #882

YOUTUBE.COM — 2025-07-10

🌐

New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App

THEHACKERNEWS.COM — 10 Jul 2025

🌐

Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord

THEHACKERNEWS.COM — 10 Jul 2025

📡

What Security Leaders Need to Know About AI Governance for SaaS

THEHACKERNEWS.COM — 10 Jul 2025

📡

AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs

THEHACKERNEWS.COM — 10 Jul 2025

📡

Authorities arrest four hackers linked to UK retail hacking spree

TECHCRUNCH.COM — 10 Jul 2025

📡

How extensions from Open VSX were used to steal cryptocurrency

KASPERSKY.COM — 10 Jul 2025

📡

Sophos Central firewall management update

SOPHOS.COM — 10 Jul 2025

📡

UK Charges Four in ‘Scattered Spider’ Ransom Group

KREBSONSECURITY.COM — 10 Jul 2025

📡

Windows 11 now uses JScript9Legacy engine for improved security

BLEEPINGCOMPUTER.COM — 10 Jul 2025