🚨 CISA KEV 2[−]
11 Jul KEVCISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target EnterprisesThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weaponized in the wild. Th…THEHACKERNEWS.COM
11 Jul KEVCISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprisessubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/07/cisa-adds-citrix-netscaler-cve-2025.htmlSH.ITJUST.WORKS
🐛 COMMON VULNERABILITIES AND EXPOSURES 12[−]
11 JulPalo Alto Networks GlobalProtect Vulnerability Enabling Root-Level AccessPalo Alto Networks has disclosed a significant security vulnerability in its Autonomous Digital Experience Manager software that could allow attackers to gain root-level access on macOS systems. The vulnerability, tracked as CVE-2025-0139, affects versions 5.6.0 through 5.6…GBHACKERS.COM
11 JulJuniper Junos OS Flaw Allows Attackers to Cause Denial of ServiceA critical vulnerability in Juniper Networks’ Junos OS and Junos OS Evolved has been disclosed that permits unauthenticated adjacent attackers to trigger a sustained denial of service by sending specially crafted BGP UPDATE packets. The issue, tracked as CVE-2025-52953, affects a…GBHACKERS.COM
11 JulCritical D-Link Vulnerability Lets Remote Attackers Crash Servers Without AuthenticationSecurity researchers have discovered a critical stack-based buffer overflow vulnerability in D-Link DIR-825 Rev.B 2.10 routers that allows remote attackers to crash servers without requiring authentication. The vulnerability, designated as CVE-2025-7206, affects the router’…GBHACKERS.COM
11 JulSevere WordPress Plugin Flaw Puts 200,000 Sites at Risk of Full TakeoverA critical arbitrary file deletion vulnerability has been discovered in the SureForms WordPress plugin, affecting over 200,000 active installations and potentially enabling unauthenticated attackers to achieve full site takeover. The flaw, tracked as CVE-2025-6691 with a CVSS sco…GBHACKERS.COM
11 JulCritical Wing FTP Server Vulnerability ExploitedWing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges. The post Critical Wing FTP Server Vulnerability Exploited appeared first on SecurityWeek .SECURITYWEEK.COM
11 JulCISA Alerts on Active Exploits Targeting Citrix NetScaler ADC and Gateway FlawThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding active exploitation of a newly discovered vulnerability in Citrix NetScaler ADC and Gateway systems, with organizations facing an immediate deadline to implement protective measures.…GBHACKERS.COM
11 JulWing FTP Server RCE Vulnerability Under Active ExploitationSecurity researchers at Huntress have confirmed active exploitation of a critical remote code execution vulnerability in Wing FTP Server, designated CVE-2025-47812, with the first observed attack occurring just one day after the vulnerability’s public disclosure. The flaw a…GBHACKERS.COM
11 Jul KEVCritical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the WildA recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress. The vulnerability, tracked as CVE-2025-47812 (CVSS score: 10.0), is a case of improper handling of null ('\0') bytes in the ser…THEHACKERNEWS.COM
11 Jul KEVCritical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wildsubmitted by kid to cybersecurity 3 points | 0 comments https://thehackernews.com/2025/07/critical-wing-ftp-server-vulnerability.htmlSH.ITJUST.WORKS
11 JulCISA tags Citrix Bleed 2 as exploited, gives agencies a day to patchThe U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes. [...]BLEEPINGCOMPUTER.COM
11 JulFortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances. Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0…THEHACKERNEWS.COM
11 JulFortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)submitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/07/fortinet-releases-patch-for-critical.htmlSH.ITJUST.WORKS
⚠️ VULNERABILITY DISCLOSURE 24[−]
11 Jul KEVLaravel APP_KEY Flaw Exploited to Trigger Remote Code Execution on Hundreds of AppsSecurity researchers have uncovered a critical vulnerability in Laravel applications where exposed APP_KEY credentials are being actively exploited to achieve remote code execution (RCE) on hundreds of production systems. This widespread security flaw stems from Laravel’s a…GBHACKERS.COM
11 JulAnatomy of a Scattered Spider attack: A growing ransomware threat evolvesScattered Spider is increasingly making headlines of late, evolving its techniques and broadening the scope of its criminal activities against a wider array of enterprises. Active since at least May 2022, the financially motivated cybercriminal group initially targeted telecommun…CSOONLINE.COM
11 JulCybersecurity Today: Marks and Spencer Hack, Brazilian Bank Breach, and McDonald's Data VulnerabilityIn this episode of Cybersecurity Today, host Jim Love discusses major updates on the recent cyber attack on Marks and Spencer, revealing new details and arrests. The breach involved sophisticated social engineering that infiltrated the company's network through an IT service prov…CYBERSECURITYTODAY.LIBSYN.COM
11 JulAMD Warns of Transient Scheduler Attacks Impacting Broad Range of ChipsetsAMD has issued a security bulletin, AMD-SB-7029, highlighting several transient scheduler attacks that exploit speculative execution timing in its processors, potentially leading to loss of confidentiality. These vulnerabilities stem from investigations into a Microsoft report on…GBHACKERS.COM
11 JulNew eSIM Hack Allows Attackers to Clone Your eSIM ProfileA critical vulnerability has been identified in the GSMA TS.48 Generic Test Profile versions 6.0 and earlier, which are widely used across the eSIM industry for radio compliance testing. This flaw enables attackers with physical access to an embedded Universal Integrated Circuit …GBHACKERS.COM
11 JulIT Giant Ingram Micro Restores Operations After Ransomware AttackIngram Micro Holding Corporation (NYSE: INGM), a global leader in IT distribution and technology solutions, has announced that it has successfully restored operations across all countries and regions following a ransomware attack identified on certain internal systems. The incide…GBHACKERS.COM
11 JulCISA Issues 13 New Advisories on Industrial Control System Vulnerabilities and ExploitsThe Cybersecurity and Infrastructure Security Agency (CISA) released thirteen new Industrial Control Systems (ICS) advisories, spotlighting a range of security vulnerabilities and potential exploits affecting critical infrastructure components. These advisories are a vital resour…GBHACKERS.COM
11 JulRapidFire Network Detective Vulnerabilities Expose Sensitive Data to Threat ActorsSecurity researchers have discovered two critical vulnerabilities in RapidFire Tools Network Detective, a widely-used network assessment and reporting tool developed by Kaseya, that expose sensitive credentials to potential attackers. The flaws, disclosed on July 10th, 2025, affe…GBHACKERS.COM
11 JulRussian Basketball Star Arrested Over Ransomware Attacks on 900+ CompaniesA prominent Russian basketball player has been arrested in France on charges related to one of the most extensive ransomware operations in recent years, highlighting the ongoing intersection between cybercrime and international law enforcement. Daniil Kasatkin, a 26-year-old prof…GBHACKERS.COM
11 JulPerfektBlue Bluetooth flaws impact Mercedes, Volkswagen, Skoda carssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/perfektblue-bluetooth-flaws-impact-mercedes-volkswagen-skoda-cars/SH.ITJUST.WORKS
11 JulCritical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloadssubmitted by kid to cybersecurity 0 points | 0 comments https://thehackernews.com/2025/07/critical-mcp-remote-vulnerability.htmlSH.ITJUST.WORKS
11 JulMcDonald’s AI hiring tool’s password? ‘123456’: Exposes data of 64M applicantsA security oversight in McDonald’s AI-powered hiring platform “McHire” was found exposing sensitive applicant data belonging to as many as 64 million job seekers. Discovered in late June 2025 by security researchers Ian Carroll and Sam Curry, the issue was a default admin login a…CSOONLINE.COM
11 JulPalo Alto Networks GlobalProtect Vulnerability Enabling Root-Level Accesssubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/palo-alto-networks-globalprotect-vulnerability/SH.ITJUST.WORKS
11 JulPerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code ExecutionCybersecurity researchers have discovered a set of four security flaws in OpenSynergy's BlueSDK Bluetooth stack that, if successfully exploited, could allow remote code execution on millions of transport vehicles from different vendors. The vulnerabilities, dubbed PerfektBlue, ca…THEHACKERNEWS.COM
11 JulNew AI Malware PoC Reliably Evades Microsoft Defendersubmitted by kid to cybersecurity 2 points | 0 comments https://www.darkreading.com/endpoint-security/ai-malware-poc-evades-microsoft-defenderSH.ITJUST.WORKS
11 JulThe zero-day that could've compromised every Cursor and Windsurf userLearn how one overlooked flaw in OpenVSX discovered by Koi Secureity could've let attackers hijack millions of dev machines via an extension supply chain attack. The zero-day threat's been patched—but the wake-up call is clear: extensions are a new, massive supply chain risk. [..…BLEEPINGCOMPUTER.COM
11 JulCISA confirms hackers are actively exploiting critical ‘Citrix Bleed 2’ bugThe U.S. cybersecurity agency gave federal agencies just one day to patch a security bug in Citrix Netscaler, which can be exploited to break into corporate and government networks.TECHCRUNCH.COM
11 JulQilin Leads in Exploiting Unpatched Fortinet VulnerabilitiesThe Qilin group has surged to prominence by aggressively exploiting critical vulnerabilities in Fortinet devices, underscoring a broader trend of sophisticated cyber extortion tactics targeting data-dependent sectors. Global ransomware victims dropped to 463, a 15% decline from M…GBHACKERS.COM
11 JulExploits for pre-auth Fortinet FortiWeb RCE flaw released, patch nowProof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. [...]BLEEPINGCOMPUTER.COM
11 Jul'123456' password exposed info for 64 million McDonald’s job applicantsCybersecurity researchers discovered a vulnerability in McHire, McDonald's chatbot job application platform, that exposed the personal information of more than 64 million job applicants across the United States. [...]BLEEPINGCOMPUTER.COM
11 JulVulnerability-Lookup 2.13.0submitted by cm0002 to cybersecurity 2 points | 0 comments https://discourse.ossbase.org/t/vulnerability-lookup-2-13-0/114INFOSEC.PUB
11 Jul'123456' password exposed chats for 64 million McDonald’s job applicantsCybersecurity researchers discovered a vulnerability in McHire, McDonald's chatbot job application platform, that exposed the chats of more than 64 million job applicants across the United States. [...]BLEEPINGCOMPUTER.COM
11 Jul'123456' password exposed chats for 64 million McDonald’s job applicationsCybersecurity researchers discovered a vulnerability in McHire, McDonald's chatbot job application platform, that exposed the chats of more than 64 million job applicants across the United States. [...]BLEEPINGCOMPUTER.COM
11 Jul'123456' password exposed chats for 64 million McDonald’s job chatbot applicationsCybersecurity researchers discovered a vulnerability in McHire, McDonald's chatbot job application platform, that exposed the chats of more than 64 million job applications across the United States. [...]BLEEPINGCOMPUTER.COM
📋 SECURITY BULLETINS 1[−]
11 JulJuly 2025 Breaks a Decade of Monthly Android PatchesSince August 2015, Google has delivered a constant stream of monthly security patches for Android. Until July 2025. The post July 2025 Breaks a Decade of Monthly Android Patches appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 4[−]
11 JulProrussische Hacker greifen Sachsen-Anhalts Landesportal anwidth="2455" height="1381" sizes="(max-width: 2455px) 100vw, 2455px"> Sachsen-Anhalts Landesportal ist Ziel einer prorussischen Cyberattacke. DesignRage – shutterstock.com In Sachsen-Anhalt waren mehrere Internetseiten von Ministerien am Donnerstagvormittag kurzzeitig nicht aufru…CSOONLINE.COM
11 JulEU Unveils AI Code of Practice to Help Businesses Comply With Bloc’s RulesThe EU code is voluntary and complements the EU’s AI Act, a comprehensive set of regulations that was approved last year and is taking effect in phases. The post EU Unveils AI Code of Practice to Help Businesses Comply With Bloc’s Rules appeared first on SecurityWeek .SECURITYWEEK.COM
11 JulIranian APT Hackers Targeting Transportation and Manufacturing Sectors in Active AttacksNozomi Networks Labs cybersecurity researchers have reported a startling 133% increase in cyberattacks linked to well-known Iranian advanced persistent threat (APT) groups in May and June 2025, following current tensions with Iran. This uptick aligns with warnings from U.S. autho…GBHACKERS.COM
11 JulMis-scoped AWS Organizations Policy Allowed Hackers to Seize Full Control of AWS EnvironmentSecurity professionals have uncovered serious vulnerabilities in AWS Organizations in a ground-breaking study by Cymulate Research Labs that might allow attackers to switch between accounts, increase privileges, and take control the entire organization.l takeover. The research fo…GBHACKERS.COM
🔥 INCIDENT REPORTING 13[−]
11 JulMcDonald’s Chatbot Recruitment Platform Leaked 64 Million Job ApplicationsTwo vulnerabilities in an internal API allowed unauthorized access to contacts and chats, exposing the information of 64 million McDonald’s applicants. The post McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications appeared first on SecurityWeek .SECURITYWEEK.COM
11 JulIranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for CybercriminalsAn Iranian-backed ransomware-as-a-service (RaaS) named Pay2Key has resurfaced in the wake of the Israel-Iran-U.S. conflict last month, offering bigger payouts to cybercriminals who launch attacks against Israel and the U.S. The financially motivated scheme, now operating under th…THEHACKERNEWS.COM
11 JulPaddy Power and BetFair have suffered a data breachPaddy Power and BetFair have warned customers that "an unauthorised third party” gained access to “limited betting account information” relating to up to 800,000 of their customers.GRAHAMCLULEY.COM
11 JulSeven Healthcare Organizations Added to Ransomware Groups’ Data Leak Sitessubmitted by kid to cybersecurity 1 points | 0 comments https://www.hipaajournal.com/seven-healthcare-organizations-ransomware-july-2025/SH.ITJUST.WORKS
11 JulMcDonald’s AI Hiring Tool McHire Leaked Data of 64 Million Job Seekerssubmitted by kid to cybersecurity 2 points | 0 comments https://hackread.com/mcdonalds-ai-hiring-tool-mchire-leaked-job-seekers-data/SH.ITJUST.WORKS
11 JulSafePay Ransomware Uses RDP and VPN Access to Infiltrate Organizational Networkssubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/safepay-ransomware-uses-rdp-and-vpn-access/SH.ITJUST.WORKS
11 JulCustomer, Employee Data Exposed in Nippon Steel Breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/threat-intelligence/customer-employee-data-nippon-steel-breachSH.ITJUST.WORKS
11 JulRockerbox Data Breach Exposes 245,949 Users’ SSNs and Driver’s LicensesJeremiah Fowler, an ethical researcher, discovered an unsecured database with 245,949 entries totaling 286.9 GB in a huge cybersecurity issue. The database was assumed to be owned by Rockerbox, a tax credit consulting organization situated in Texas. The exposed repository, lackin…GBHACKERS.COM
11 JulRussian basketball player arrested in ransomware case despite being “useless with computers”A Russian professional basketball player has been arrested for allegedly acting as a negotiator for a ransomware gang... and despite his lawyer claiming he's "useless" with computers. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
11 JulIranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminalssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/07/iranian-backed-pay2key-ransomware.htmlSH.ITJUST.WORKS
11 JulInfostealers Targeting macOS Users in Active Campaigns to Steal Sensitive DataMacOS infostealers are becoming a powerful and underappreciated method of data exfiltration in a world where Windows-centric threats predominate. They act as predecessors to ransomware deployments and significant breaches. These malware variants, often distributed via Malware-as-…GBHACKERS.COM
11 JulArkana Ransomware Gang Claims Theft of 2.2 Million Customer RecordsThe Arkana ransomware group burst onto the cybercrime scene with a high-profile attack on WideOpenWest (WOW!), a prominent U.S. internet service provider, in late March. The group boldly claimed to have exfiltrated two massive databases containing approximately 403,000 and 2.2 mi…GBHACKERS.COM
11 JulWordPress Gravity Forms developer hacked to push backdoored pluginsThe popular WordPress plugin Gravity Forms has been compromised in what seems a supply-chain attack where manual installers from the official website were infected with a backdoor. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 21[−]
11 JulISC Stormcast For Friday, July 11th, 2025 https://isc.sans.edu/podcastdetail/9522, (Fri, Jul 11th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
11 JulWindows 11 Users Encounter New Black Screen of Death UpdateMicrosoft has released Windows 11 Build 26100.4762 (KB5062660) to Insiders in the Release Preview Channel, introducing a redesigned restart interface that displays on a black background – a significant departure from traditional system recovery screens. This update brin…GBHACKERS.COM
11 JulRowhammer Attack Demonstrated Against Nvidia GPUResearchers demonstrated GPUHammer — a Rowhammer attack against GPUs — by degrading the accuracy of machine learning models. The post Rowhammer Attack Demonstrated Against Nvidia GPU appeared first on SecurityWeek .SECURITYWEEK.COM
11 JulTikTok Faces Fresh European Privacy Investigation Over China Data TransfersThe Irish Data Privacy Commission announced that TikTok is facing a new European Union privacy investigation into user data sent to China. The post TikTok Faces Fresh European Privacy Investigation Over China Data Transfers appeared first on SecurityWeek .SECURITYWEEK.COM
11 JulCyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top TalentWith IPOs taking longer than ever, the venture firm’s fund aims to keep startup veterans motivated while staying private. The post Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent appeared first on SecurityWeek .SECURITYWEEK.COM
11 JuleSIM Hack Allows for Cloning, Spying - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/esim-hack-allows-for-cloning-spying/SH.ITJUST.WORKS
11 JulGreyNoise Identifies New Scraper Botnet Concentrated in Taiwansubmitted by kid to cybersecurity 2 points | 0 comments https://www.greynoise.io/blog/new-scraper-botnet-concentrated-in-taiwanSH.ITJUST.WORKS
11 JulIn Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets GovsNoteworthy stories that might have slipped under the radar: Microsoft shows attack against AMD processors, SentinelOne details latest ZuRu macOS malware version, Indian APT DoNot targets governments. The post In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolve…SECURITYWEEK.COM
11 JulAMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUssubmitted by kid to cybersecurity 7 points | 0 comments https://thehackernews.com/2025/07/amd-warns-of-new-transient-scheduler.htmlSH.ITJUST.WORKS
11 JulSetting the Standard for Zero Trust PlatformsPalo Alto Networks is a Leader in The Forrester Wave™: Zero Trust Platforms, Q3 2025 with the highest score in the Current Offering category. The post Setting the Standard for Zero Trust Platforms appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
11 JulUK Arrests Four in ‘Scattered Spider’ Ransom Group – Krebs on Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://krebsonsecurity.com/2025/07/uk-charges-four-in-scattered-spider-ransom-group/SH.ITJUST.WORKS
11 JulTikTok Faces Fresh European Privacy Investigation Over China Data Transfers - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/tiktok-faces-fresh-european-privacy-investigation-over-china-data-transfers/SH.ITJUST.WORKS
11 JulWindows 11 now uses JScript9Legacy engine for improved securitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/windows-11-now-uses-jscript9legacy-engine-for-improved-security/SH.ITJUST.WORKS
11 JulRowhammer Attack Demonstrated Against Nvidia GPU - SecurityWeeksubmitted by kid to cybersecurity 2 points | 0 comments https://www.securityweek.com/rowhammer-attack-demonstrated-against-nvidia-gpu/SH.ITJUST.WORKS
11 JulMicrosoft Removes High-Privilege Access to Strengthen Microsoft 365 SecurityMicrosoft has taken a significant step forward in bolstering the security of its Microsoft 365 ecosystem by systematically eliminating high-privileged access (HPA) across all applications, as part of its broader Secure Future Initiative (SFI). This initiative integrates efforts a…GBHACKERS.COM
11 JulAI-Generated Summaries Mistakenly Suggest Phishing SitesResearchers at Netcraft warn that AI-generated search engine summaries are suggesting phishing sites when users ask them to find legitimate login pages.KNOWBE4.COM
11 JulTradecraft in the Information AgeLong article on the difficulty (impossibility?) of human spying in the age of ubiquitous digital surveillance.SCHNEIER.COM
11 JulChatGPT creates phisher’s paradise by serving wrong URLssubmitted by cm0002 to cybersecurity 2 points | 0 comments https://www.theregister.com/2025/07/03/ai_phishing_websites/INFOSEC.PUB
11 JulSLOW#TEMPEST Hackers Adopt New Evasion Tactics to Bypass Detection SystemsSecurity researchers have uncovered a sophisticated evolution in the SLOW#TEMPEST malware campaign, where threat actors are deploying innovative obfuscation methods to evade detection and complicate analysis. This variant, distributed via an ISO file containing a mix of benign an…GBHACKERS.COM
11 JulSquid Dominated the Oceans in the Late CretaceousNew research : One reason the early years of squids has been such a mystery is because squids’ lack of hard shells made their fossils hard to come by. Undeterred, the team instead focused on finding ancient squid beaks—hard mouthparts with high fossilization potential…SCHNEIER.COM
11 JulTapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet... - SWN #493Tapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-493YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
11 JulCan an ‘ethical’ spyware maker justify providing its tech to ICE?Analysis: In calling itself an ethical spyware vendor, Paragon has opened itself up to scrutiny of its government customers.TECHCRUNCH.COM
📡 INFOSEC NEWS 5[−]
11 JulSecuring Data in the AI EraThe 2025 Data Risk Report: Enterprises face potentially serious data loss risks from AI-fueled tools. Adopting a unified, AI-driven approach to data security can help. As businesses increasingly rely on cloud-driven platforms and AI-powered tools to accelerate digital transformat…THEHACKERNEWS.COM
11 JulAI chatbot’s simple ‘123456’ password risked exposing personal data of millions of McDonald’s job applicantsSecurity researchers found two flaws in an AI-powered chatbot used by McDonald’s to interact with job applicants.TECHCRUNCH.COM
11 JulWhat an SMS blaster is, and how to protect yourself from malicious SMS messages while traveling | Kaspersky official blogWe explain the technology of bulk messaging that bypasses cellular networks, and how to protect yourself from it.KASPERSKY.COM
11 JulNVIDIA issues guidance to defend GDDR6 GPUs against Rowhammer attacksNVIDIA is warning users to activate the System Level Error-Correcting Code mitigation to protect against Rowhammer attacks on graphical processors with GDDR6 memory. [...]BLEEPINGCOMPUTER.COM
11 JulNVIDIA shares guidance to defend GDDR6 GPUs against Rowhammer attacksNVIDIA is warning users to activate System Level Error-Correcting Code mitigation to protect against Rowhammer attacks on graphical processors with GDDR6 memory. [...]BLEEPINGCOMPUTER.COM