83Articles
7Categories
2025-07-17Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
17 JulCisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root CodeCisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could permit an attacker to execute arbitrary code on the underlying operating system with elevated privileges. Track…THEHACKERNEWS.COM
17 JulCisco Unified Intelligence Center Flaw Lets Remote Attackers Upload Arbitrary FilesA critical security vulnerability has been discovered in Cisco’s Unified Intelligence Center that allows authenticated remote attackers to upload arbitrary files to affected systems, potentially enabling complete system compromise. The flaw, tracked as CVE-2025-20274, carri…GBHACKERS.COM
17 Jul KEVHackers Actively Exploited CitrixBleed 2 Flaw Ahead of PoC DisclosureCybersecurity researchers have discovered that threat actors began exploiting the critical CitrixBleed 2 vulnerability nearly two weeks before a public proof-of-concept was released, highlighting the sophisticated nature of modern attack campaigns. The vulnerability, tracked as C…GBHACKERS.COM
17 JulOracle-Lücke birgt Gefahr für RCE-AttackenOracle hat das Sicherheitsproblem im Code Editor bereits gefixt. sdx15 – shutterstock.com Forscher von Tenable Research haben eine Sicherheitslücke im Code-Editor von Oracle Cloud Infrastructure (OCI) entdeckt, die Unternehmen für Remote-Code-Execution-Angriffe (RCE) anfällig mac…CSOONLINE.COM
17 JulUrgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wildsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/07/urgent-google-releases-critical-chrome.htmlSH.ITJUST.WORKS
17 JulHackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency MinerCybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerabi…THEHACKERNEWS.COM
17 JulMax severity Cisco ISE bug allows pre-auth command execution, patch nowA critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. [...]BLEEPINGCOMPUTER.COM
17 JulRansomware actors target patched SonicWall SMA devices with rootkitA group of hackers known for stealing enterprise data for extortion purposes has developed a persistent rootkit for SonicWall Secure Mobile Access (SMA) 100 series appliances. The rootkit was seen deployed on end-of-life but fully patched SMA 100 appliances with the help of admin…CSOONLINE.COM
17 Jul KEVCitrix Bleed 2 exploited weeks before PoCs as Citrix denied attacksA critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed "CitrixBleed 2," was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 31[−]
17 JulMicrosoft Honors Top Contributors to MSRC’s Security Research ProgramMicrosoft has announced its 2025 Most Valuable Researchers (MVRs), recognizing 100 security researchers who made significant contributions to protecting the company’s customers through the Microsoft Security Response Center’s vulnerability disclosure program. The annu…GBHACKERS.COM
17 JulFortiWeb Systems Compromised via Webshells After Public PoC ReleaseA widespread cyberattack campaign has successfully compromised dozens of Fortinet FortiWeb instances through webshell deployment, exploiting a critical vulnerability for which proof-of-concept code became publicly available just days ago. The rapid weaponization of the exploit de…GBHACKERS.COM
17 JulEuropol Takes Down NoName057(16)’s Global Network of Over 100 ServersOperation Eastwood, coordinated by Europol and Eurojust, successfully dismantled the hacktivist collective’s global infrastructure consisting of over 100 servers worldwide. The joint action involved authorities from 12 core countries including Germany, France, Spain, the Ne…GBHACKERS.COM
17 JulHow AI is changing the GRC strategyAs businesses incorporate cybersecurity into governance, risk and compliance (GRC), it is important to revisit existing GRC programs to ensure that the growing use and risks of generative and agentic AI are addressed so businesses continue to meet regulatory requirements. “[AI] I…CSOONLINE.COM
17 Jul0-Day RCE Flaw in SonicWall SMA Devices Exploited to Launch OVERSTEP RansomwareGoogle’s Threat Intelligence Group (GTIG) has uncovered a sophisticated cyberattack campaign targeting end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances, where threat actors are exploiting previously stolen credentials and deploying a new rootkit called…GBHACKERS.COM
17 JulWeaponizing SVG: How Threat Actors Embed Malicious JavaScript in Vector FilesCybersecurity researchers have identified an emerging attack campaign where threat actors are weaponizing Scalable Vector Graphics (SVG) files to deliver sophisticated JavaScript-based redirect attacks. This technique exploits the inherent trust placed in image formats, allowing …GBHACKERS.COM
17 JulCisco Patches Another Critical ISE VulnerabilityCisco has released patches for multiple vulnerabilities, including a critical flaw in Cisco ISE that leads to remote code execution (RCE). The post Cisco Patches Another Critical ISE Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
17 JulCritical SharePoint RCE Vulnerability Exploited via Malicious XML in Web PartA severe remote code execution (RCE) vulnerability has been discovered in Microsoft SharePoint that allows attackers to execute arbitrary code through malicious XML content embedded within web parts. According to the recent report, the vulnerability, which affects the deserializa…GBHACKERS.COM
17 JulPyPI Blocks Inbox.ru Domains After 1,500+ Fake Package UploadsThe Python Package Index (PyPI) has implemented an administrative block on the inbox.ru email domain, prohibiting its use for new user registrations and as additional verification addresses. This action stems from a recent campaign that exploited the domain to create over 250 fra…GBHACKERS.COM
17 JulVMware Flaws That Earned Hackers $340,000 at Pwn2Own PatchedFour CVEs disclosed at the Pwn2Own Berlin 2025 hacking competition have been patched in VMware products. The post VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched appeared first on SecurityWeek .SECURITYWEEK.COM
17 JulHackers Use DNS Queries to Evade Defenses and Exfiltrate DataCybercriminals are increasingly exploiting the Domain Name System (DNS) to bypass corporate security measures and steal sensitive data, according to new research from cybersecurity experts. This sophisticated technique, known as DNS tunneling, transforms the internet’s esse…GBHACKERS.COM
17 JulSecurity Vulnerabilities in ICEBlockThe ICEBlock tool has vulnerabilities : The developer of ICEBlock, an iOS app for anonymously reporting sightings of US Immigration and Customs Enforcement (ICE) officials, promises that it “ensures user privacy by storing no personal data.” But that claim has come un…SCHNEIER.COM
17 Jul1-Click Oracle Cloud Code Editor RCE Flaw Allows Malicious File Upload to ShellTenable Research has disclosed a critical Remote Code Execution (RCE) vulnerability in Oracle Cloud Infrastructure’s Code Editor that enabled attackers to silently hijack victim Cloud Shell environments through a single malicious link. The vulnerability, which has since bee…GBHACKERS.COM
17 JulNVIDIA Container Toolkit Vulnerability Allows Privileged Code Execution by AttackersNVIDIA has released critical security updates addressing two significant vulnerabilities in its Container Toolkit and GPU Operator that could allow attackers to execute arbitrary code with elevated privileges. The vulnerabilities, discovered in July 2025, affect all versions of t…GBHACKERS.COM
17 JulMobile Forensics Tool Used by Chinese Law Enforcement DissectedDeployed on mobile devices confiscated by Chinese law enforcement, Massistant can collect user information, files, and location. The post Mobile Forensics Tool Used by Chinese Law Enforcement Dissected appeared first on SecurityWeek .SECURITYWEEK.COM
17 JulCTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025The modern-day threat landscape requires enterprise security teams to think and act beyond traditional cybersecurity measures that are purely passive and reactive, and in most cases, ineffective against emerging threats and sophisticated threat actors. Prioritizing cybersecurity …THEHACKERNEWS.COM
17 JulUK’s Co-op Retailer Hit by Cyberattack, 6.5 Million Members’ Data ExposedThe UK’s Co-op retailer has disclosed that all 6.5 million of its members had their personal data stolen during a devastating cyberattack in April 2024. Chief Executive Shirine Khoury-Haq confirmed the full extent of the breach in her first public interview since the incide…GBHACKERS.COM
17 JulChina-linked hackers target Taiwan chip firms in a coordinated espionage campaignChinese state-sponsored hackers have launched sophisticated espionage campaigns against Taiwan’s semiconductor industry, marking a dramatic escalation from sporadic attacks to sustained, coordinated operations. Between March and June 2025, three distinct threat groups were found …CSOONLINE.COM
17 JulNew Fortinet FortiWeb hacks likely linked to public RCE exploitssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/new-fortinet-fortiweb-hacks-likely-linked-to-public-rce-exploits/SH.ITJUST.WORKS
17 JulEmpirical Security Raises $12 Million for AI-Driven Vulnerability ManagementCybersecurity startup Empirical Security has raised $12 million in seed funding for its vulnerability management platform. The post Empirical Security Raises $12 Million for AI-Driven Vulnerability Management appeared first on SecurityWeek .SECURITYWEEK.COM
17 JulSmashing Security podcast #426: Choo Choo Choose to ignore the vulnerabilityIn episode 426 of the "Smashing Security" podcast, Graham reveals how you can hijack a train’s brakes from 150 miles away using kit cheaper than a second-hand PlayStation. Meanwhile, Carole investigates how Grok went berserk, which didn't stop the Department of Defense signing a …GRAHAMCLULEY.COM
17 JulMalware in DNS - DomainTools Investigations | DTIsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://dti.domaintools.com/malware-in-dns/ Hackers are exploiting DNS records as a covert channel to deliver and control malware while evading security defenses[^1]. In a recent discovery, attackers converted malware int…INFOSEC.PUB
17 JulMassistant: Chinese Mobile Forensic Tool Accesses SMS, Images, Audio, and GPS DataCybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated mobile forensics application called Massistant, deployed by Chinese law enforcement to extract comprehensive data from confiscated mobile devices. The tool represents a significant evolution from its p…GBHACKERS.COM
17 JulMicrosoft Teams Exploited to Deliver Matanbuchus Ransomware PayloadA sophisticated cyberattack campaign has emerged targeting organizations through Microsoft Teams impersonation, delivering the updated Matanbuchus 3.0 malware loader that serves as a precursor to ransomware deployment. Security researchers at Morphisec have identified instances w…GBHACKERS.COM
17 Jul“Maverick” — Scorched Earth SIEM Migration FTW!“Maverick” — Scorched Earth SIEM Migration FTW! In my days there , Gartner had Maverick research ( here is mine, from 2015 about social engineering AIs…. yes, really!) that “deliberately exposed unconventional thinking and may not agree with Gartner’s official positions.” Here is…MEDIUM.COM
17 Jul‘All US forces must now assume their networks are compromised’ after Salt Typhoon breachsubmitted by PhilipTheBucket to cybersecurity 1 points | 0 comments https://www.itpro.com/security/cyber-attacks/all-us-forces-must-now-assume-their-networks-are-compromised-after-salt-typhoon-breachSH.ITJUST.WORKS
17 JulCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on July 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-198-01 Leviton AcquiSuite and Energy Monitoring Hub   ICSMA-25-…CISA.GOV
17 JulThe Invisible Risks of Insecure Chinese Surveillance Camerassubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://chinaobservers.eu/the-invisible-risks-of-insecure-chinese-surveillance-cameras Op-ed by Dr Ausma Bernot, Lecturer in Criminology at the School of Criminology and Criminal Justice at Griffith University. […] A…SH.ITJUST.WORKS
17 JulThe Invisible Risks of Insecure Chinese Surveillance Camerassubmitted by Hotznplotzn to cybersecurity 1 points | 0 comments https://chinaobservers.eu/the-invisible-risks-of-insecure-chinese-surveillance-cameras cross-posted from: lemmy.sdf.org/post/38743139 Op-ed by Dr Ausma Bernot, Lecturer in Criminology at the School of Criminology and…INFOSEC.PUB
17 JulHackers On A Train - PSW #883In the security news: * The train is leaving the station, or is it? * The hypervisor will protect you, maybe * The best thing about Flippers are the clones * Also, the Flipper Zero as an interrogation tool * Threats are commercial and open-source * Who is still down with FTP? * A…YOUTUBE.COM
17 JulVMware fixes four ESXi zero-day bugs exploited at Pwn2Own BerlinVMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 5[−]
17 JulCambodia Makes 1,000 Arrests in Latest Crackdown on CybercrimeMore than 1,000 suspects were arrested in raids in at least five provinces between Monday and Wednesday, according to Information Minister Neth Pheaktra and police. The post Cambodia Makes 1,000 Arrests in Latest Crackdown on Cybercrime appeared first on SecurityWeek .SECURITYWEEK.COM
17 JulErmittlern gelingt Schlag gegen prorussische Hackersrcset="https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2337824495.jpg?quality=50&strip=all 6000w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2337824495.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
17 JulChinese hackers breached National Guard to steal network configurationsThe Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to compromise other government net…BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 11[−]
17 JulCloudflare Confirms BGP Hijack Behind 1.1.1.1 DNS DisruptionCloudflare has revealed that a 62-minute global outage of its popular 1.1.1.1 DNS resolver service on July 14, 2025, was caused by an internal configuration error rather than an external attack, though the incident coincided with an unrelated BGP hijack that complicated the situa…GBHACKERS.COM
17 JulHiding Payloads in Linux Extended File Attributes, (Thu, Jul 17th)This week, it&#;x26;#;39;s SANSFIRE[ 1 ]! I&#;x26;#;39;m attending the FOR577[ 2 ] training ("Linux Incident Response &#;x26; Threat Hunting"). On day 2, we covered the different filesy…ISC.SANS.EDU
17 JulLouis Vuitton says regional data breaches tied to same cyberattacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/louis-vuitton-says-regional-data-breaches-tied-to-same-cyberattack/SH.ITJUST.WORKS
17 JulCompumedics Ransomware Attack Led to Data Breach Impacting 318,000 - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/compumedics-ransomware-attack-led-to-data-breach-impacting-318000/SH.ITJUST.WORKS
17 JulArmenian Man Extradited to US Over Ryuk Ransomware AttacksKaren Serobovich Vardanyan pleaded not guilty to charges related to his alleged role in the Ryuk ransomware operation. The post Armenian Man Extradited to US Over Ryuk Ransomware Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
17 JulTeams Call to Ransomware: Matanbuchus 3.0 MaaS Levels Upsubmitted by kid to cybersecurity 1 points | 0 comments https://www.morphisec.com/blog/ransomware-threat-matanbuchus-3-0-maas-levels-up/SH.ITJUST.WORKS
17 JulH2Miner Targets Linux, Windows, and Containers to Illicitly Mine MoneroFortiGuard Labs researchers have uncovered a sophisticated cryptomining campaign where the H2Miner botnet, active since late 2019, has expanded its operations to target Linux, Windows, and containerized environments simultaneously. The campaign represents a significant evolution …GBHACKERS.COM
17 JulNorth Korean hackers blamed for record spike in crypto thefts in 2025Chainalysis said crypto thefts during the first half of 2025 were at record levels, thanks in large part to a single breach at a major crypto exchange.TECHCRUNCH.COM
17 JulUkrainian Hackers Claim Cyberattack on Major Russian Drone SupplierA Ukrainian woman who survived a catastrophic cluster munition attack in 2014 continues to navigate the complex aftermath of severe combat-related injuries, highlighting the long-term humanitarian consequences of explosive ordnance use in populated areas. Nelya Leonidova, 34 at t…GBHACKERS.COM
17 JulHacker steals $27 million in BigONE exchange crypto breachCryptocurrency exchange BigONE announced that it suffered a security breach, in which hackers stole various digital assets valued at $27 million. [...]BLEEPINGCOMPUTER.COM
17 JulLameHug malware uses AI LLM to craft Windows data-theft commands in real-timeA novel malware family named LameHug is using a large language model (LLM) to generate commands to be executed on compromised Windows systems. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 21[−]
17 JulISC Stormcast For Thursday, July 17th, 2025 https://isc.sans.edu/podcastdetail/9530, (Thu, Jul 17th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
17 JulOracle Patches 200 Vulnerabilities With July 2025 CPUOracle’s July 2025 Critical Patch Update contains 309 security patches that address approximately 200 unique CVEs. The post Oracle Patches 200 Vulnerabilities With July 2025 CPU appeared first on SecurityWeek .SECURITYWEEK.COM
17 JulChinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom BackdoorsThe Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken by three Chinese state-sponsored threat actors. "Targets of these campaigns ranged from organizations involved in the manufacturing, design, and testing of semiconductors and integra…THEHACKERNEWS.COM
17 JulThreat Actors Deploy 28+ Malicious Packages to Spread Protestware ScriptsSocket’s Threat Research Team has discovered a network of at least 28 malicious packages including protestware scripts, totaling approximately 2,000 copies, in a major escalation within the npm supply chain. These packages, initially flagged in two instances for hidden func…GBHACKERS.COM
17 JulIranian Threat Actors Use AI-Generated Emails to Target Cybersecurity Researchers and AcademicsIranian state-backed Advanced Persistent Threat (APT) groups and their hacktivist allies have stepped up operations that could spark worldwide cyber retaliation in the wake of Israeli and American strikes on Iranian nuclear and military facilities in June 2025. While kinetic conf…GBHACKERS.COM
17 JulGhostContainer backdoor for Exchange serverssubmitted by Pro to cybersecurity 1 points | 0 comments https://securelist.com/ghostcontainer/116953/INFOSEC.PUB
17 JulGhostContainer backdoor for Exchange serverssubmitted by Pro to cybersecurity 1 points | 0 comments https://securelist.com/ghostcontainer/116953/SH.ITJUST.WORKS
17 JulTrial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy ViolationsAn $8 billion class action investors’ lawsuit against Meta stemming from the 2018 privacy scandal involving the Cambridge Analytica political consulting firm. The post Trial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy Violations appeared first o…SECURITYWEEK.COM
17 JulUNG0002 Actors Weaponize LNK Files via ClickFix Fake CAPTCHA PagesCybersecurity researchers at Seqrite Labs have identified a sophisticated espionage group designated as UNG0002 (Unknown Group 0002) that has been conducting persistent campaigns across multiple Asian jurisdictions since May 2024. The threat actors have demonstrated remarkable ad…GBHACKERS.COM
17 JulCyberArk: Rise in Machine Identities Poses New Riskssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.in/cyberark-rise-in-machine-identities-poses-new-risks-a-28967SH.ITJUST.WORKS
17 JulResearchers Reveal How Hacktivist Groups Gain Attention and Choose Their TargetsCybersecurity researchers at Graphika have unveiled comprehensive findings on the operational dynamics of hacktivist organizations, revealing sophisticated attention-seeking behaviors and strategic target selection methodologies. Through their ATLAS intelligence reporting platfor…GBHACKERS.COM
17 JulCo-op boss says sorry to 6.5m people who had data stolen in hacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.bbc.com/news/articles/cql0ple066poSH.ITJUST.WORKS
17 JulUkrainian Hackers Wipe 47TB of Data from Top Russian Military Drone Suppliersubmitted by kid to cybersecurity 4 points | 0 comments https://www.kyivpost.com/post/56348SH.ITJUST.WORKS
17 JulOver 4 Million Exposed Devices Used in Two New DoS Attack CampaignsSecurity researchers have discovered over 4 million vulnerable Internet hosts that can be weaponized for devastating new denial-of-service attacks, marking one of the largest infrastructure vulnerabilities uncovered in recent years. The groundbreaking research, conducted by Angel…GBHACKERS.COM
17 JulThe Attack On Browser-Based AI Agents Is ComingWe are working tirelessly on our AI First strategy to better protect both humans and their AI tools.KNOWBE4.COM
17 JulSquareX Collaborates With Top Fortune 500 CISOs To Launch The Browser Security Field Manual At Black HatPalo Alto, California, July 17th, 2025, CyberNewsWire SquareX announced the official launch of The Browser Security Field Manual at Black Hat USA 2025. In addition to a comprehensive practical guide to the latest TTPs attackers are using to target employees in the browser, this c…GBHACKERS.COM
17 JulChinese State-Sponsored Hackers Target Semiconductor Industry with Weaponized Cobalt StrikeProofpoint Threat Research has identified a sophisticated multi-pronged cyberespionage campaign targeting Taiwan’s semiconductor industry between March and June 2025. Three distinct Chinese state-sponsored threat actors, designated as UNK_FistBump, UNK_DropPitch, and UNK_Sp…GBHACKERS.COM
17 JulVLAI Hugging Face Setsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://discourse.ossbase.org/t/vlai-hugging-face-set/115INFOSEC.PUB
17 JulTransparency on Microsoft Defender for Office 365 email security effectivenessMicrosoft believes in transparently sharing performance data from Microsoft Defender for Office 365, and other ecosystem providers, to help customers evaluate email security solutions and make decisions to layer for defense in depth. The post Transparency on Microsoft Defender fo…MICROSOFT.COM
17 JulHackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing FiltersThreat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. "The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likel…THEHACKERNEWS.COM
17 JulWatch out, another max-severity Cisco bug on the loosesubmitted by PhilipTheBucket to cybersecurity 1 points | 0 comments https://go.theregister.com/feed/www.theregister.com/2025/07/17/critical_cisco_bug/SH.ITJUST.WORKS
🌐 CYBER THREAT LANDSCAPE 3[−]
17 JulGoogle sues to disrupt BadBox 2.0 botnet infecting 10 million devicesGoogle has filed a lawsuit against the anonymous operators of the Android BadBox 2.0 malware botnet, accusing them of running a global ad fraud scheme against the company's advertising platforms. [...]BLEEPINGCOMPUTER.COM
17 JulMicrosoft Teams voice calls abused to push Matanbuchus malwareThe Matanbuchus malware loader has been seen being distributed through social engineering over Microsoft Teams calls impersonating IT helpdesk. [...]BLEEPINGCOMPUTER.COM
17 JulSecuring Tomorrow: An Interview with Trend Micro VP of Product Management Michael HabibiProactive security in a rapidly evolving threat landscapeTRENDMICRO.COM
📡 INFOSEC NEWS 3[−]
17 JulWhat is Wi-Fi sensing, and how does it detect human motion in the home? | Kaspersky official blogAll about Wi-Fi sensing: how it works, pluses, minuses, settings.KASPERSKY.COM
17 JulEuropol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against UkraineAn international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has been linked to a string of distributed denial-of-service (DDoS) attacks against Ukraine and its allies. The actions have led to the…THEHACKERNEWS.COM
17 JulHackers are trying to steal passwords and sensitive data from users of Signal cloneThe bug in the modified messaging app can expose users' “plaintext usernames, passwords, and other sensitive data,” per GreyNoise.TECHCRUNCH.COM