97Articles
8Categories
2025-07-21Date
🚨 CISA KEV 1[−]
21 Jul KEVMicrosoft SharePoint zero-day breach hits on-prem serversEnterprise IT teams face an immediate crisis as Microsoft warned Saturday of active cyberattacks exploiting a previously unknown vulnerability in SharePoint Server, with security researchers confirming dozens of servers compromised globally since attacks began July 18. “Microsoft…CSOONLINE.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 12[−]
21 JulHard-Coded Credentials Found in HPE Instant On Devices Allow Admin AccessHewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points that could allow an attacker to bypass authentication and gain administrative access to susceptible systems. The vulnerability, tracked as CVE-202…THEHACKERNEWS.COM
21 JulMicrosoft releases emergency patches for SharePoint RCE flaws exploited in attacksMicrosoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" attacks. [...]BLEEPINGCOMPUTER.COM
21 Jul KEVCrushFTP 0-Day Vulnerability Actively Exploited to Breach ServersA critical zero-day vulnerability in CrushFTP servers is being actively exploited by threat actors to compromise systems worldwide. The vulnerability, designated CVE-2025-54309, was first observed in active exploitation on July 18th at 9:00 AM CST, though security researchers bel…GBHACKERS.COM
21 Jul7-Zip Vulnerability Lets Malicious RAR5 Files Crash SystemsA critical denial-of-service vulnerability has been discovered in 7-Zip that allows attackers to crash systems using specially crafted RAR5 archive files. The vulnerability, tracked as CVE-2025-53816, affects the popular compression software’s RAR5 decoder and can lead to m…GBHACKERS.COM
21 Jul KEVCISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in AttacksThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical zero-day vulnerability in Microsoft SharePoint Server that is being actively exploited in cyberattacks. The vulnerability, tracked as CVE-2025-53770, represents a …GBHACKERS.COM
21 JulHacker greifen über Microsoft-Lücke anÜber eine Sicherheitslücke in SharePoint haben Hacker zahlreiche Behörden und Unternehmen angegriffen. T. Schneider – Shutterstock.com IT-Sicherheitsexperten schlagen Alarm, weil Behörden und Unternehmen über eine neu entdeckte Schwachstelle in Software von Microsoft angegriffen …CSOONLINE.COM
21 JulLivewire Flaw Puts Millions of Laravel Apps at Risk of RCE AttacksA critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated remote command execution attacks. Tracked as CVE-2025-54068, the flaw resides in Livewire versions from 3.0.0-beta.1 up …GBHACKERS.COM
21 JulMicrosoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint ServersMicrosoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771. The post Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulMicrosoft SharePoint servers under attack via zero-day vulnerability (CVE-2025-53770) - Help Net Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2025/07/20/microsoft-sharepoint-servers-under-attack-via-zero-day-vulnerability-with-no-patch-cve-2025-53770/SH.ITJUST.WORKS
21 JulHow quickly do we patch? A quick look from the global viewpoint, (Mon, Jul 21st)Since the ongoing “ToolShell” exploitation campaign, in which threat actors attack on-premise Sharpoint servers using a chain of two recently published vulnerabilities[ 1 , 2 , 3 ], is still on top of the cyber security news[ …ISC.SANS.EDU
21 JulResearchers Release PoC Exploit for High-Severity NVIDIA AI Toolkit BugWiz Research has disclosed a severe vulnerability in the NVIDIA Container Toolkit (NCT), dubbed #NVIDIAScape and tracked as CVE-2025-23266 with a CVSS score of 9.0, enabling malicious containers to escape isolation and gain root access on host systems. This flaw, stemming from a …GBHACKERS.COM
21 JulIntroducing OSS Rebuild: Open Source, Rebuilt to LastPosted by Matthew Suozzo, Google Open Source Security Team (GOSST) Today we're excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-used dependenci…SECURITY.GOOGLEBLOG.COM
⚠️ VULNERABILITY DISCLOSURE 34[−]
21 Jul KEVMicrosoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber AttacksMicrosoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also released details of another vulnerability that it said has been addressed with "more robust protections." The tech giant acknowledged it's "aware of active attacks targeti…THEHACKERNEWS.COM
21 JulSo geht Tabletop ExerciseÜbung macht den Incident-Response-Meister. Foto: GaudiLab – shutterstock.com Die Bedrohungslage entschärft sich bekanntermaßen nie – umso wichtiger ist es, dass Sicherheitsentscheider und ihre Teams nicht in eine Schockstarre verfallen, wenn ein Ernst-, beziehungsweise Notfall au…CSOONLINE.COM
21 Jul KEVSharePoint 0-Day RCE Flaw Actively Exploited for Full Server TakeoverA devastating new SharePoint vulnerability is being actively exploited in large-scale attacks worldwide, enabling attackers to gain complete control of on-premise servers without authentication. Security researchers at Eye Security discovered the ongoing campaign on July 18, 2025…GBHACKERS.COM
21 JulPoisonSeed Attack Tricks Users into Scanning Malicious MFA QR CodesA sophisticated new cyber attack technique has emerged that exploits the cross-device sign-in features of FIDO keys, effectively bypassing one of the most secure forms of multifactor authentication (MFA) available today. Security researchers have identified this adversary-in-the-…GBHACKERS.COM
21 JulPoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In AbuseCybersecurity researchers have disclosed a novel attack technique that allows threat actors to bypass Fast IDentity Online (FIDO) key protections by deceiving users into approving authentication requests from spoofed company login portals. The activity, observed by Expel as part …THEHACKERNEWS.COM
21 JulIs AI here to take or redefine your cybersecurity role?“AI is coming, and will take some jobs, but no need to worry.” That headline ran atop a CSO story published in 2016 . Nine years later, the prediction feels closer to coming true — with questions around jobs being replaced or redefined and whether cybersecurity pros should be wor…CSOONLINE.COM
21 JulNPM Linter Packages Hijacked, Microsoft's China Issue, and AI in Phishing Attacks: Cybersecurity Today:In this episode of Cybersecurity Today, host David Shipley discusses several pressing cybersecurity issues. First, popular NPM Linter packages were hijacked via phishing to spread malware, affecting millions of downloads. Concurrently, Ukrainian CERT uncovers new phishing campaig…CYBERSECURITYTODAY.LIBSYN.COM
21 JulExploited CrushFTP Zero-Day Provides Admin Access to ServersHackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS. The post Exploited CrushFTP Zero-Day Provides Admin Access to Servers appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulFrom hardcoded credentials to auth gone wrong: Old bugs continue to break modern systemsAt a time when AI-powered cyber threats and sophisticated state-backed hacking groups dominate the headlines, the lack of elementary security continues to pose as the most consistent risk. A recent string of vulnerability disclosures highlights the vulnerability of “modern” infra…CSOONLINE.COM
21 JulMicrosoft AppLocker Flaw Lets Malicious Apps Bypass Security RestrictionsSecurity researchers at Varonis Threat Labs have identified a subtle but significant vulnerability in Microsoft’s AppLocker security feature that could allow malicious applications to bypass established security restrictions. While not classified as a critical vulnerability…GBHACKERS.COM
21 JulThe Cyber Canon, ditching the SOC 2, and the weekly enterprise news - Helen Patton - ESW #416Segment 1 - Interview with Helen Patton: Introducing the Cybersecurity Canon Did you know that there’s a hall-of-fame for cybersecurity books? Over the past decade, the Cybersecurity Canon has published reviews on dozens of cybersecurity books and established a hall of fame. Hall…YOUTUBE.COM
21 JulAnother Supply Chain VulnerabilityProPublica is reporting : Microsoft is using engineers in China to help maintain the Defense Department’s computer systems—with minimal supervision by U.S. personnel—leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cy…SCHNEIER.COM
21 JulSurveillance Firm Exploits SS7 Flaw to Track User LocationsA sophisticated surveillance operation has been discovered exploiting critical vulnerabilities in the global telecommunications infrastructure to track mobile phone users’ locations without authorization, security researchers have revealed. The attack leverages weaknesses i…GBHACKERS.COM
21 JulOver 1,000 CrushFTP servers exposed to ongoing hijack attacksOver 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface. [...]BLEEPINGCOMPUTER.COM
21 JulMarketing, Law Firms Say Data Breaches Impact Over 200,000 PeopleCierant Corporation and Zumpano Patricios independently disclosed data breaches, each impacting more than 200,000 individuals. The post Marketing, Law Firms Say Data Breaches Impact Over 200,000 People appeared first on SecurityWeek .SECURITYWEEK.COM
21 Jul⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and MoreEven in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected. These attacks don’t depend on zero-days. They work by staying unnoticed—slipping throug…THEHACKERNEWS.COM
21 JulMicrosoft to stop using engineers in China to work on U.S. Defense computer systems in wake of investigative reportsubmitted by heyWhatsay to cybersecurity 3 points | 0 comments https://www.tomshardware.com/tech-industry/cyber-security/microsoft-to-stop-using-engineers-in-china-to-work-on-u-s-defense-computer-systems-in-wake-of-investigative-report-fears-of-exploitation-by-foreign-intelligenc…SH.ITJUST.WORKS
21 Jul3-line exploit revealed for critical NVIDIA Container Toolkit flaw | SC Mediasubmitted by kid to cybersecurity 1 points | 0 comments https://www.scworld.com/news/3-line-exploit-revealed-for-critical-nvidia-container-toolkit-flawSH.ITJUST.WORKS
21 JulPHP PDO Flaw Allows Attackers to Inject Malicious SQL CommandsA critical vulnerability in PHP’s widely-used PDO (PHP Data Objects) library has been discovered that enables attackers to inject malicious SQL commands even when developers implement prepared statements correctly. The security flaw, revealed through analysis of a DownUnder…GBHACKERS.COM
21 JulUpdate Microsoft SharePoint ASAP | Kaspersky official blogAttackers are actively exploiting vulnerabilities CVE-2025-53770 and CVE-2025-53771 to gain control of Microsoft SharePoint servers.KASPERSKY.COM
21 JulHackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Serverssubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2025/07/hackers-exploit-critical-crushftp-flaw.htmlSH.ITJUST.WORKS
21 JulPoisonSeed outsmarts FIDO keys without touching themPoisonSeed, the notorious crypto-hacking attack group known for large-scale phishing campaigns, was seen cracking Fast Identity Online (FIDO) protections in a novel social engineering technique. In a campaign discovered by Expel, the infamous supply chain phishing attackers lever…CSOONLINE.COM
21 JulNew zero-day bug in Microsoft SharePoint under widespread attackSecurity researchers say Microsoft customers should take immediate action to defend against the ongoing cyberattacks, and must assume they have already been compromised.TECHCRUNCH.COM
21 JulMicrosoft Fix Targets Attacks on SharePoint Zero-DayOn Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to breach U.…KREBSONSECURITY.COM
21 JulSurveillance Firm Exploits SS7 Flaw to Track User Locationssubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/surveillance-firm-exploits-ss7-flaw/SH.ITJUST.WORKS
21 Jul KEVSharePoint ‘ToolShell’ vulnerabilities being exploited in the wildSophos X-Ops sees exploitation across multiple customer estatesSOPHOS.COM
21 JulAI-Powered Cloaking Tools Help Threat Actors Hide Malicious Domains from Security ScansThreat actors are increasingly adopting AI-powered cloaking services to obfuscate phishing domains, counterfeit e-commerce sites, and malware distribution endpoints from automated security scanners. This technique, known as cloaking, involves dynamically serving innocuous “…GBHACKERS.COM
21 JulAttackers Can Exploit Lighthouse Studio RCE Bug to Gain Server AccessResearchers at Assetnote have uncovered a critical remote code execution (RCE) vulnerability in Lighthouse Studio, a widely used survey software developed by Sawtooth Software. This flaw, affecting the Perl CGI scripts that power the web-based survey component, enables unauthenti…GBHACKERS.COM
21 JulAPT41 Hackers Exploiting Atexec and WmiExec Windows Modules for Malware DeploymentKaspersky MDR analysts recently uncovered a sophisticated targeted attack by the Chinese-speaking cyberespionage group APT41 against government IT services in the African region, marking a notable escalation in the group’s activity on the continent, which had previously see…GBHACKERS.COM
21 JulHackers exploiting SharePoint zero-day seen targeting government agencies, say researchersThousands of SharePoint servers could be vulnerable to hackers, according to cybersecurity firms.TECHCRUNCH.COM
21 JulDeerStealer Malware Spread Through Weaponized .LNK and LOLBin ToolsA new wave of cyber-attacks has emerged, exploiting Windows shortcut files (.LNK) combined with legitimate system utilities collectively known as Living-off-the-Land Binaries and Scripts (LOLBin/S) to deliver the DeerStealer infostealer through highly obfuscated multi-stage chain…GBHACKERS.COM
21 JulUK blames Russia’s infamous ‘Fancy Bear’ group for Microsoft cloud hacksRecent cyberattacks deploying the potent Authentic Antics malware tool to target Microsoft cloud accounts were the handiwork of the notorious Russian Fancy Bear hacking group, the UK’s National Cyber Security Centre (NCSC) has said. Authentic Antics was discovered after a cyberat…CSOONLINE.COM
21 JulIntel announces end of Clear Linux OS project, archives GitHub reposThe Clear Linux OS team has announced the shutdown of the project, marking the end of its 10-year existence in the open-source ecosystem. [...]BLEEPINGCOMPUTER.COM
21 Jul KEV#StopRansomware: InterlockSummary Note : This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically obser…CISA.GOV
📢 SECURITY ADVISORIES 12[−]
21 JulMAD warnt vor russischer SpionageDer Militärische Abschirmdienst (MAD) verzeichnet deutlich verstärkte Ausspähversuche und Störmaßnahmen russischer Geheimdienste in Deutschland. FamVeld – shutterstock.com “Wir reden über einen starken Anstieg der Fälle im Bereich der Spionage und hybrider Maßnahmen. Das Vorgehen…CSOONLINE.COM
21 JulIran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on DissidentsCybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service o…THEHACKERNEWS.COM
21 JulHackers Are Laughing at Your WAF 😂Most companies rely on WAFs thinking they’re fully protected—but attackers aren’t just laughing… they’re slipping right past them. In this short, cybersecurity expert Janet Worthington breaks down why blocking mode isn’t enough, and how secure by design is the only way to stay ah…YOUTUBE.COM
🔥 INCIDENT REPORTING 16[−]
21 Jul3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket TacticsA new attack campaign has compromised more than 3,500 websites worldwide with JavaScript cryptocurrency miners, marking the return of browser-based cryptojacking attacks once popularized by the likes of CoinHive.  Although the service has since shuttered after browser makers…THEHACKERNEWS.COM
21 JulKlöckner warnt vor Cyberangriffen auf Bundestagsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2637171389.jpg?quality=50&strip=all 3490w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2637171389.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
21 Jul750,000 Impacted by Data Breach at The Alcohol & Drug Testing ServiceThe Alcohol & Drug Testing Service (TADTS) says personal information was stolen in a July 2024 ransomware attack. The post 750,000 Impacted by Data Breach at The Alcohol & Drug Testing Service appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulGood Riddance Teespring, Hello FourthwallPresently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite If I'm honest, I was never that keen on a merch store for Have I Been Pwned . It doesn't make the code run faster, nor does i…TROYHUNT.COM
21 JulCoinDCX Hack Leads to $44.2 Million LossMajor Indian cryptocurrency exchange CoinDCX has confirmed a significant security breach that resulted in approximately $44 million in losses, though company executives maintain that customer funds remain completely secure and unaffected by the incident. CoinDCX co-founder Sumit …GBHACKERS.COM
21 JulDell confirms breach of test lab platform by World Leaks extortion groupA newly rebranded extortion gang known as "World Leaks" breached one of Dell's product demonstration platforms earlier this month and is now trying to extort the company into paying a ransom. [...]BLEEPINGCOMPUTER.COM
21 JulEuropol targets Kremlin-backed cybercrime gang NoName057(16)The hacking group NoName057(16) has been operating since 2022, launching cyber attacks on government organisations, media bodies, critical infrastructure, and private companies in Ukraine, America, Canada, and across Europe in a seeming attempt to silence voices that the group co…BITDEFENDER.COM
21 Jul1.4 Million Affected by Data Breach at Virginia Radiology Practice - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/1-4-million-affected-by-data-breach-at-virginia-radiology-practice/SH.ITJUST.WORKS
21 JulAnne Arundel Dermatology Data Breach Impacts 1.9 Million People - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/anne-arundel-dermatology-data-breach-impacts-1-9-million-people/SH.ITJUST.WORKS
21 JulIndian crypto exchange CoinDCX confirms $44 million stolen during hackThe crypto exchange, the largest in India, said it plans to absorb the costs of the breach.TECHCRUNCH.COM
21 JulDior begins sending data breach notifications to U.S. customersThe House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information. [...]BLEEPINGCOMPUTER.COM
21 JulDell confirms breach of test lab platform by World Leaks extortion groupsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/dell-confirms-breach-of-test-lab-platform-by-world-leaks-extortion-group/SH.ITJUST.WORKS
21 JulAfghan data leak: SAS and UK spies named in Afghan data breachsubmitted by kid to cybersecurity 3 points | 0 comments https://www.bbc.com/news/articles/cj4ek9njknvoSH.ITJUST.WORKS
21 JulKAWA4096 Ransomware Employs WMI Techniques to Delete Backup SnapshotsTrustwave SpiderLabs has played a crucial role in monitoring new ransomware variants in the incredibly unstable ransomware threat landscape of 2025, where dozens of new groups have emerged and caused extensive disruptions across multiple sectors. Among these, the KAWA4096 ransomw…GBHACKERS.COM
21 JulDior begins sending data breach notifications to U.S. customerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/dior-begins-sending-data-breach-notifications-to-us-customers/SH.ITJUST.WORKS
21 JulRing denies breach after users report suspicious loginsRing is warning that a backend update bug is responsible for customers seeing a surge in unauthorized devices logged into their account on May 28th. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 16[−]
21 JulISC Stormcast For Monday, July 21st, 2025 https://isc.sans.edu/podcastdetail/9534, (Mon, Jul 21st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
21 JulSurveillance Firm Bypasses SS7 Protections to Retrieve User LocationA surveillance company was caught using an SS7 bypass technique to trick wireless carriers into divulging users’ locations. The post Surveillance Firm Bypasses SS7 Protections to Retrieve User Location appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulHPE warns of hardcoded passwords in Aruba access pointssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/hpe-warns-of-hardcoded-passwords-in-aruba-access-points/SH.ITJUST.WORKS
21 JulIranian APT Targets Android Users With New Variants of DCHSpy SpywareIranian APT MuddyWater has been using new versions of the DCHSpy Android surveillance tool since the beginning of the conflict with Israel. The post Iranian APT Targets Android Users With New Variants of DCHSpy Spyware appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulJob Seekers Beware: Many People Are Falling for Employment ScamsMore than one in ten people who were targeted by job scams this year fell victim, according to a report from Resume.org.KNOWBE4.COM
21 JulSnake Keylogger Uses Persistence via Scheduled Tasks to Steal Login Data UndetectedResearchers have uncovered a sophisticated phishing campaign zeroing in on Turkish enterprises, with a particular focus on the defense and aerospace industries. Threat actors are masquerading as Turkish Aerospace Industries (TUSAŞ), a key defense contractor, to disseminate malici…GBHACKERS.COM
21 JulPoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abusesubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/07/poisonseed-hackers-bypass-fido-keys.htmlSH.ITJUST.WORKS
21 Jul4 new Android spyware samples linked to Iran's intel agency • The Registersubmitted by kid to cybersecurity 2 points | 0 comments https://www.theregister.com/2025/07/21/muddywaters_android_iran/SH.ITJUST.WORKS
21 JulNew GhostContainer Malware Hits High-Value MS Exchange Servers in Asiasubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/new-ghostcontainer-malware-ms-exchange-servers-asia/SH.ITJUST.WORKS
21 JulSingapore warns China-linked group UNC3886 targets its critical infrastructuresubmitted by kid to cybersecurity 1 points | 0 comments https://securityaffairs.com/180179/uncategorized/singapore-warns-china-linked-group-unc3886-targets-its-critical-infrastructure.htmlSH.ITJUST.WORKS
21 JulChina-Linked Hackers Launch Targeted Espionage Campaign on African IT InfrastructureThe China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region. "The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware," Kaspersk…THEHACKERNEWS.COM
21 JulCybercriminals Use Zoho WorkDrive Folders to Spread Obfuscated PureRAT MalwareA targeted attack against a U.S.-based certified public accounting firm was discovered in May 2025 by cybersecurity experts, according to a recent study described in eSentire’s Threat Response Unit (TRU) Positives report. The campaign leveraged a novel crypter named “…GBHACKERS.COM
21 JulBoomers? Nah, Gen X Is Built for AI Warfare 🔥Gen X isn’t panicking about AI… they’ve seen it all. From working at RadioShack and Circuit City to surviving the internet boom, this generation has already battled disruptive tech — and won. While Gen Z and Millennials brace for automation, Gen X cybersecurity pros are leading t…YOUTUBE.COM
21 JulBeware of npm Phishing Emails Targeting Developer CredentialsAn developer recently came across a highly advanced phishing email that spoofs the support@npmjs.org address in order to impersonate npm, the Node.js package registry. The email directed recipients to a malicious link on npnjs.com, a domain cleverly typosquatted to mimic npmjs.co…GBHACKERS.COM
21 JulThreat Actors Compromise Popular npm Packages to Steal Maintainers’ TokensThreat actors have leveraged a phishing campaign targeting npm package maintainers, resulting in the compromise of widely used JavaScript tooling libraries. The campaign, first reported on July 18, 2025, utilizes a typosquatted domain, npnjs.com, to mimic legitimate npm communica…GBHACKERS.COM
21 JulUNG0002 Deploys Weaponized LNK Files with Cobalt Strike and Metasploit to Target OrganizationsSeqrite Labs APT-Team has uncovered a persistent threat entity, UNG0002 (Unknown Group 0002), orchestrating espionage-driven operations across Asian jurisdictions, including China, Hong Kong, and Pakistan. Active since at least May 2024, this South-East Asia-based cluster has dem…GBHACKERS.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
21 JulSerial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industryThe spyware maker was banned from the surveillance industry in 2021, but was caught flouting the ban less than a year later. Now the founder wants the ban lifted altogether.TECHCRUNCH.COM
📡 INFOSEC NEWS 5[−]
21 JulLearn 14 Languages from Babbel with this exclusive StackSocial dealLearning a new language doesn't have to mean night classes, bulky textbooks, or boring apps. With Babbel, you can pick up real-world conversation skills through short, fun, and practical lessons. And right now, you can get a lifetime subscription for only $159 (regularly $599). […BLEEPINGCOMPUTER.COM
21 JulAssessing the Role of AI in Zero TrustBy 2025, Zero Trust has evolved from a conceptual framework into an essential pillar of modern security. No longer merely theoretical, it’s now a requirement that organizations must adopt. A robust, defensible architecture built on Zero Trust principles does more than satisfy bas…THEHACKERNEWS.COM
21 JulDon’t miss your chance to exhibit at TechCrunch Disrupt 2025TechCrunch Disrupt 2025 is just around the corner, and with more than 10,000 startup and VC leaders heading to Moscone West in San Francisco this October 27 to 29, the Expo Hall is where connections get made and business gets done. If you’ve been thinking about showcasing your co…TECHCRUNCH.COM
21 JulVeeam Recovery Orchestrator users locked out after MFA rolloutVeeam warned customers today that a recently released Recovery Orchestrator version blocks Web UI logins after enabling multi-factor authentication (MFA). [...]BLEEPINGCOMPUTER.COM
21 JulExpressVPN bug leaked user IPs in Remote Desktop sessionsExpressVPN has fixed a flaw in its Windows client that caused Remote Desktop Protocol (RDP) traffic to bypass the virtual private network (VPN) tunnel, exposing the users' real IP addresses. [...]BLEEPINGCOMPUTER.COM