matlock.ca // THREAT INTELLIGENCE — 2025-07-11

83Articles

9Categories

2025-07-11Date

🚨

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target EnterprisesThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weaponized in the wild. Th…

KEVTHEHACKERNEWS.COM — 11 Jul 2025

🚨

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprisessubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/07/cisa-adds-citrix-netscaler-cve-2025.html

KEVSH.ITJUST.WORKS — 11 Jul 2025

🐛

Palo Alto Networks GlobalProtect Vulnerability Enabling Root-Level Access

GBHACKERS.COM — 11 Jul 2025

🐛

Juniper Junos OS Flaw Allows Attackers to Cause Denial of Service

GBHACKERS.COM — 11 Jul 2025

🐛

Critical D-Link Vulnerability Lets Remote Attackers Crash Servers Without Authentication

GBHACKERS.COM — 11 Jul 2025

🐛

Severe WordPress Plugin Flaw Puts 200,000 Sites at Risk of Full Takeover

GBHACKERS.COM — 11 Jul 2025

🐛

Critical Wing FTP Server Vulnerability Exploited

SECURITYWEEK.COM — 11 Jul 2025

🐛

CISA Alerts on Active Exploits Targeting Citrix NetScaler ADC and Gateway Flaw

GBHACKERS.COM — 11 Jul 2025

🐛

Wing FTP Server RCE Vulnerability Under Active Exploitation

GBHACKERS.COM — 11 Jul 2025

🐛

Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild

KEVTHEHACKERNEWS.COM — 11 Jul 2025

🐛

Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild

KEVSH.ITJUST.WORKS — 11 Jul 2025

🐛

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

BLEEPINGCOMPUTER.COM — 11 Jul 2025

🐛

Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)

THEHACKERNEWS.COM — 11 Jul 2025

🐛

Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)

SH.ITJUST.WORKS — 11 Jul 2025

⚠️

Laravel APP_KEY Flaw Exploited to Trigger Remote Code Execution on Hundreds of Apps

KEVGBHACKERS.COM — 11 Jul 2025

⚠️

Anatomy of a Scattered Spider attack: A growing ransomware threat evolves

CSOONLINE.COM — 11 Jul 2025

⚠️

Cybersecurity Today: Marks and Spencer Hack, Brazilian Bank Breach, and McDonald's Data Vulnerability

CYBERSECURITYTODAY.LIBSYN.COM — 11 Jul 2025

⚠️

AMD Warns of Transient Scheduler Attacks Impacting Broad Range of Chipsets

GBHACKERS.COM — 11 Jul 2025

⚠️

New eSIM Hack Allows Attackers to Clone Your eSIM Profile

GBHACKERS.COM — 11 Jul 2025

⚠️

IT Giant Ingram Micro Restores Operations After Ransomware Attack

GBHACKERS.COM — 11 Jul 2025

⚠️

CISA Issues 13 New Advisories on Industrial Control System Vulnerabilities and Exploits

GBHACKERS.COM — 11 Jul 2025

⚠️

RapidFire Network Detective Vulnerabilities Expose Sensitive Data to Threat Actors

GBHACKERS.COM — 11 Jul 2025

⚠️

Russian Basketball Star Arrested Over Ransomware Attacks on 900+ Companies

GBHACKERS.COM — 11 Jul 2025

⚠️

PerfektBlue Bluetooth flaws impact Mercedes, Volkswagen, Skoda cars

SH.ITJUST.WORKS — 11 Jul 2025

⚠️

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

SH.ITJUST.WORKS — 11 Jul 2025

⚠️

McDonald’s AI hiring tool’s password? ‘123456’: Exposes data of 64M applicants

CSOONLINE.COM — 11 Jul 2025

⚠️

Palo Alto Networks GlobalProtect Vulnerability Enabling Root-Level Access

SH.ITJUST.WORKS — 11 Jul 2025

⚠️

PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution

THEHACKERNEWS.COM — 11 Jul 2025

⚠️

New AI Malware PoC Reliably Evades Microsoft Defender

SH.ITJUST.WORKS — 11 Jul 2025

⚠️

The zero-day that could've compromised every Cursor and Windsurf user

BLEEPINGCOMPUTER.COM — 11 Jul 2025

⚠️

CISA confirms hackers are actively exploiting critical ‘Citrix Bleed 2’ bug

TECHCRUNCH.COM — 11 Jul 2025

⚠️

Qilin Leads in Exploiting Unpatched Fortinet Vulnerabilities

GBHACKERS.COM — 11 Jul 2025

⚠️

Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now

BLEEPINGCOMPUTER.COM — 11 Jul 2025

⚠️

'123456' password exposed info for 64 million McDonald’s job applicants

BLEEPINGCOMPUTER.COM — 11 Jul 2025

⚠️

Vulnerability-Lookup 2.13.0

INFOSEC.PUB — 11 Jul 2025

⚠️

'123456' password exposed chats for 64 million McDonald’s job applicants

BLEEPINGCOMPUTER.COM — 11 Jul 2025

⚠️

'123456' password exposed chats for 64 million McDonald’s job applications

BLEEPINGCOMPUTER.COM — 11 Jul 2025

⚠️

'123456' password exposed chats for 64 million McDonald’s job chatbot applications

BLEEPINGCOMPUTER.COM — 11 Jul 2025

📋

July 2025 Breaks a Decade of Monthly Android Patches

SECURITYWEEK.COM — 11 Jul 2025

📢

Prorussische Hacker greifen Sachsen-Anhalts Landesportal an

CSOONLINE.COM — 11 Jul 2025

📢

EU Unveils AI Code of Practice to Help Businesses Comply With Bloc’s Rules

SECURITYWEEK.COM — 11 Jul 2025

📢

Iranian APT Hackers Targeting Transportation and Manufacturing Sectors in Active Attacks

GBHACKERS.COM — 11 Jul 2025

📢

Mis-scoped AWS Organizations Policy Allowed Hackers to Seize Full Control of AWS Environment

GBHACKERS.COM — 11 Jul 2025

🔥

McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications

SECURITYWEEK.COM — 11 Jul 2025

🔥

Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals

THEHACKERNEWS.COM — 11 Jul 2025

🔥

Paddy Power and BetFair have suffered a data breach

GRAHAMCLULEY.COM — 11 Jul 2025

🔥

Seven Healthcare Organizations Added to Ransomware Groups’ Data Leak Sites

SH.ITJUST.WORKS — 11 Jul 2025

🔥

McDonald’s AI Hiring Tool McHire Leaked Data of 64 Million Job Seekers

SH.ITJUST.WORKS — 11 Jul 2025

🔥

SafePay Ransomware Uses RDP and VPN Access to Infiltrate Organizational Networks

SH.ITJUST.WORKS — 11 Jul 2025

🔥

Customer, Employee Data Exposed in Nippon Steel Breach

SH.ITJUST.WORKS — 11 Jul 2025

🔥

Rockerbox Data Breach Exposes 245,949 Users’ SSNs and Driver’s Licenses

GBHACKERS.COM — 11 Jul 2025

🔥

Russian basketball player arrested in ransomware case despite being “useless with computers”

BITDEFENDER.COM — 11 Jul 2025

🔥

Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals

SH.ITJUST.WORKS — 11 Jul 2025

🔥

Infostealers Targeting macOS Users in Active Campaigns to Steal Sensitive Data

GBHACKERS.COM — 11 Jul 2025

🔥

Arkana Ransomware Gang Claims Theft of 2.2 Million Customer Records

GBHACKERS.COM — 11 Jul 2025

🔥

WordPress Gravity Forms developer hacked to push backdoored plugins

BLEEPINGCOMPUTER.COM — 11 Jul 2025

🕵️

ISC Stormcast For Friday, July 11th, 2025 https://isc.sans.edu/podcastdetail/9522, (Fri, Jul 11th)

ISC.SANS.EDU — 11 Jul 2025

🕵️

Windows 11 Users Encounter New Black Screen of Death Update

GBHACKERS.COM — 11 Jul 2025

🕵️

Rowhammer Attack Demonstrated Against Nvidia GPU

SECURITYWEEK.COM — 11 Jul 2025

🕵️

TikTok Faces Fresh European Privacy Investigation Over China Data Transfers

SECURITYWEEK.COM — 11 Jul 2025

🕵️

Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent

SECURITYWEEK.COM — 11 Jul 2025

🕵️

eSIM Hack Allows for Cloning, Spying - SecurityWeek

SH.ITJUST.WORKS — 11 Jul 2025

🕵️

GreyNoise Identifies New Scraper Botnet Concentrated in Taiwan

SH.ITJUST.WORKS — 11 Jul 2025

🕵️

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs

SECURITYWEEK.COM — 11 Jul 2025

🕵️

AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs

SH.ITJUST.WORKS — 11 Jul 2025

🕵️

Setting the Standard for Zero Trust Platforms

PALOALTONETWORKS.COM — 11 Jul 2025

🕵️

UK Arrests Four in ‘Scattered Spider’ Ransom Group – Krebs on Security

SH.ITJUST.WORKS — 11 Jul 2025

🕵️

TikTok Faces Fresh European Privacy Investigation Over China Data Transfers - SecurityWeek

SH.ITJUST.WORKS — 11 Jul 2025

🕵️

Windows 11 now uses JScript9Legacy engine for improved security

SH.ITJUST.WORKS — 11 Jul 2025

🕵️

Rowhammer Attack Demonstrated Against Nvidia GPU - SecurityWeek

SH.ITJUST.WORKS — 11 Jul 2025

🕵️

Microsoft Removes High-Privilege Access to Strengthen Microsoft 365 Security

GBHACKERS.COM — 11 Jul 2025

🕵️

AI-Generated Summaries Mistakenly Suggest Phishing Sites

KNOWBE4.COM — 11 Jul 2025

🕵️

Tradecraft in the Information Age

SCHNEIER.COM — 2025-07-11

🕵️

ChatGPT creates phisher’s paradise by serving wrong URLs

INFOSEC.PUB — 11 Jul 2025

🕵️

SLOW#TEMPEST Hackers Adopt New Evasion Tactics to Bypass Detection Systems

GBHACKERS.COM — 11 Jul 2025

🕵️

Squid Dominated the Oceans in the Late Cretaceous

SCHNEIER.COM — 2025-07-11

🕵️

Tapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet... - SWN #493

YOUTUBE.COM — 2025-07-11

🌐

Can an ‘ethical’ spyware maker justify providing its tech to ICE?

TECHCRUNCH.COM — 11 Jul 2025

📡

Securing Data in the AI Era

THEHACKERNEWS.COM — 11 Jul 2025

📡

AI chatbot’s simple ‘123456’ password risked exposing personal data of millions of McDonald’s job applicants

TECHCRUNCH.COM — 11 Jul 2025

📡

What an SMS blaster is, and how to protect yourself from malicious SMS messages while traveling | Kaspersky official blog

KASPERSKY.COM — 11 Jul 2025

📡

NVIDIA issues guidance to defend GDDR6 GPUs against Rowhammer attacks

BLEEPINGCOMPUTER.COM — 11 Jul 2025

📡

NVIDIA shares guidance to defend GDDR6 GPUs against Rowhammer attacks

BLEEPINGCOMPUTER.COM — 11 Jul 2025