matlock.ca // THREAT INTELLIGENCE — 2025-07-22

94Articles

10Categories

2025-07-22Date

🚨

CISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-49704 Microsoft SharePoint Code Injection Vulnerability CVE-2025-49706 Microsoft SharePoint Improper Authentication Vulnerability These…

KEVCISA.GOV — Tue, 22 Jul 25 1

🚨

CISA Adds Four Known Exploited Vulnerabilities to CatalogCISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-54309 CrushFTP Unprotected Alternate Channel Vulnerability CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input Validation Vulne…

KEVCISA.GOV — Tue, 22 Jul 25 1

🐛

Proactive Security and Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771)

TRENDMICRO.COM — 22 Jul 2025

🐛

Kubernetes Image Builder Vulnerability Grants Root Access to Windows Nodes

GBHACKERS.COM — 22 Jul 2025

🐛

wolfSSL Security Update Addresses Apple Trust Store Bypass

GBHACKERS.COM — 22 Jul 2025

🐛

New Scanner Launched to Detect CVE-2025-53770 in SharePoint Servers

GBHACKERS.COM — 22 Jul 2025

🐛

Cisco Alerts on ISE RCE Vulnerability Actively Exploited

KEVGBHACKERS.COM — 22 Jul 2025

🐛

CVE-2022-44693 Microsoft SharePoint Server Remote Code Execution Vulnerability

MSRC.MICROSOFT.COM — 22 Jul 2025

⚠️

ExpressVPN Windows Client Flaw Could Expose User Information

GBHACKERS.COM — 22 Jul 2025

⚠️

New Report Reveals Just 10% of Employees Drive 73% of Cyber Risk

CSOONLINE.COM — 22 Jul 2025

⚠️

Microsoft ‘digital escorts’ reveal crucial US counterintelligence blind spot

CSOONLINE.COM — 22 Jul 2025

⚠️

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

SECURITYWEEK.COM — 22 Jul 2025

⚠️

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

THEHACKERNEWS.COM — 22 Jul 2025

⚠️

Cybercriminals Merge Android Malware with Click Fraud Apps to Harvest Credentials

GBHACKERS.COM — 22 Jul 2025

⚠️

Rise of Compromised LLMs - Sohrob Kazerounian - ASW #340

YOUTUBE.COM — 2025-07-22

⚠️

Dark Web Travel Agencies Exploit Cheap Deals to Steal Credit Card Data

GBHACKERS.COM — 22 Jul 2025

⚠️

“Encryption Backdoors and the Fourth Amendment”

SCHNEIER.COM — 2025-07-22

⚠️

Critical Sophos Firewall Flaws Allow Pre-Auth RCE

GBHACKERS.COM — 22 Jul 2025

⚠️

Microsoft Sharepoint ToolShell attacks linked to Chinese hackers

BLEEPINGCOMPUTER.COM — 22 Jul 2025

⚠️

Apache Jena Vulnerability Allows Arbitrary File Access

GBHACKERS.COM — 22 Jul 2025

⚠️

Hackers Selling macOS 0-Day LPE Exploit on Dark Forums

GBHACKERS.COM — 22 Jul 2025

⚠️

Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack

CSOONLINE.COM — 22 Jul 2025

⚠️

Dell demonstration platform breached by World Leaks extortion group

CSOONLINE.COM — 22 Jul 2025

⚠️

Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access

THEHACKERNEWS.COM — 22 Jul 2025

⚠️

Cisco: Maximum-severity ISE RCE flaws now exploited in attacks

KEVBLEEPINGCOMPUTER.COM — 22 Jul 2025

⚠️

Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day

TECHCRUNCH.COM — 22 Jul 2025

⚠️

Threat Actors Target Linux SSH Servers to Deploy SVF Botnet

GBHACKERS.COM — 22 Jul 2025

⚠️

Joint Advisory Issued on Protecting Against Interlock Ransomware

CISA.GOV — Tue, 22 Jul 25 1

⚠️

ETQ Reliance RCE Flaw Grants Full SYSTEM Access with a Single Space

GBHACKERS.COM — 22 Jul 2025

⚠️

Disrupting active exploitation of on-premises SharePoint vulnerabilities

MICROSOFT.COM — 22 Jul 2025

⚠️

Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI

MICROSOFT.COM — 22 Jul 2025

⚠️

CISA Releases Nine Industrial Control Systems Advisories

CISA.GOV — Tue, 22 Jul 25 1

⚠️

Multiple Vulnerabilities in Microsoft SharePoint Server Could Allow for Remote Code Execution

CISECURITY.ORG — 22 Jul 2025

⚠️

Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups

THEHACKERNEWS.COM — 22 Jul 2025

⚠️

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

SECURITYWEEK.COM — 22 Jul 2025

⚠️

How a Single Download Can Infect Your Entire System 🧨

YOUTUBE.COM — 2025-07-22

⚠️

Common mistakes in using CVSS | Kaspersky official blog

KASPERSKY.COM — 22 Jul 2025

⚠️

Lumma infostealer malware returns after law enforcement disruption

BLEEPINGCOMPUTER.COM — 22 Jul 2025

⚠️

Donatello, SharePoint, CrushFTP, WordPress, Replit, AllaKore, Rob Allen, and more... -... - SWN #496

YOUTUBE.COM — 2025-07-22

⚠️

News alert: Living Security report reveals that just 10% of employees drive 73% of cyber risk

LASTWATCHDOG.COM — 22 Jul 2025

⚠️

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

CISECURITY.ORG — 22 Jul 2025

⚠️

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

CISECURITY.ORG — 22 Jul 2025

⚠️

Multiple Vulnerabilities in Microsoft SharePoint Server Could Allow for Remote Code Execution

CISECURITY.ORG — 22 Jul 2025

📋

Microsoft: Windows Server KB5062557 causes cluster, VM issues

BLEEPINGCOMPUTER.COM — 22 Jul 2025

📢

NIS2-Umsetzungsgesetz: Geschäftsleitung haftet mit Privatvermögen

CSOONLINE.COM — 22 Jul 2025

📢

The CISO code of conduct: Ditch the ego, lead for real

CSOONLINE.COM — 22 Jul 2025

📢

New DCHSpy Android Malware Targets WhatsApp, Call Logs, Audio, and Photos

GBHACKERS.COM — 22 Jul 2025

📢

[Control systems] ABB security advisory (AV25-441)

CYBER.GC.CA — 2025-07-22

📢

Vulnerabilities Expose Helmholz Industrial Routers to Hacking

SECURITYWEEK.COM — 22 Jul 2025

📢

Mozilla security advisory (AV25-442)

CYBER.GC.CA — 2025-07-22

📢

The AI Fix #60: Elon’s AI girlfriend, the arsonist red panda, and the AI that will kill you

GRAHAMCLULEY.COM — 22 Jul 2025

📢

Sophos security advisory (AV25-443)

CYBER.GC.CA — 2025-07-22

📢

Iranian Hackers Target Global Airlines to Steal Sensitive Data

GBHACKERS.COM — 22 Jul 2025

📢

Joint Advisory Issued on Protecting Against Interlock Ransomware

INFOSEC.PUB — 22 Jul 2025

📢

CISA and FBI warn of escalating Interlock ransomware attacks

BLEEPINGCOMPUTER.COM — 22 Jul 2025

📢

Funding to protect US from Stuxnet-like worm expired Sunday

SH.ITJUST.WORKS — 22 Jul 2025

🔥

Dell Data Breach – World Leaks Group Hacks Test Lab Platform

GBHACKERS.COM — 22 Jul 2025

🔥

Weak Password Enables Ransomware Attack on 158-Year-Old Firm

GBHACKERS.COM — 22 Jul 2025

🔥

Cybercriminals from GLOBAL GROUP Target All Platforms with Golang Ransomware

GBHACKERS.COM — 22 Jul 2025

🔥

11 Years of Microsoft Regional Director and 15 Years of MVP

TROYHUNT.COM — 22 Jul 2025

🔥

Dior Says Personal Information Stolen in Cyberattack

SECURITYWEEK.COM — 22 Jul 2025

🔥

UK to ban public sector orgs from paying ransomware gangs

BLEEPINGCOMPUTER.COM — 22 Jul 2025

🔥

UK Bans Public Sector from Paying Ransomware Gangs

GBHACKERS.COM — 22 Jul 2025

🔥

Scavenger Malware Compromises Popular npm Packages to Target Developers

GBHACKERS.COM — 22 Jul 2025

🔥

UK government wants ransomware victims to report cyberattacks so it can disrupt the hackers

TECHCRUNCH.COM — 22 Jul 2025

🔥

Major European healthcare network discloses security breach

BLEEPINGCOMPUTER.COM — 22 Jul 2025

🔥

Apple alerted Iranians to iPhone spyware attacks, say researchers

TECHCRUNCH.COM — 22 Jul 2025

🔥

Ransomware Trends in 2025

KNOWBE4.COM — 22 Jul 2025

🔥

Why GenAI Isn’t Reinventing Attacks… Yet

YOUTUBE.COM — 2025-07-22

🕵️

ISC Stormcast For Tuesday, July 22nd, 2025 https://isc.sans.edu/podcastdetail/9536, (Tue, Jul 22nd)

ISC.SANS.EDU — 22 Jul 2025

🕵️

Wireshark 4.4.8 Released, (Tue, Jul 22nd)

ISC.SANS.EDU — 22 Jul 2025

🕵️

New Report Reveals Just 10% Of Employees Drive 73% Of Cyber Risk

GBHACKERS.COM — 22 Jul 2025

🕵️

Angriff auf Ameos-Kliniken: Möglicherweise Patientendaten betroffen

CSOONLINE.COM — 22 Jul 2025

🕵️

Financial Institutions Under Siege by Greedy Sponge Hackers’ Modified AllaKore RAT

GBHACKERS.COM — 22 Jul 2025

🕵️

UK Sanctions Russian Hackers Tied to Assassination Attempts

SECURITYWEEK.COM — 22 Jul 2025

🕵️

PoisonSeed überlistet FIDO-Schlüssel

CSOONLINE.COM — 22 Jul 2025

🕵️

Darktrace Acquires Mira Security

SECURITYWEEK.COM — 22 Jul 2025

🕵️

How Apps and Your Phone Can Expose Your Life Without Permission

PALOALTONETWORKS.COM — 22 Jul 2025

🕵️

CyberheistNews Vol 15 #29 [Jawdropper] AI Is Luring Travelers to Places That Don't Even Exist!

KNOWBE4.COM — 22 Jul 2025

🕵️

Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate

THEHACKERNEWS.COM — 22 Jul 2025

🕵️

ClickFake Interview Attack Leverages ClickFix Technique to Deploy GolangGhost Malware

GBHACKERS.COM — 22 Jul 2025

🕵️

New Web3 Phishing Scam Uses Fake AI Platforms to Steal Credentials

GBHACKERS.COM — 22 Jul 2025

🕵️

Dell Says Data Leaked by Hackers Is Fake

SECURITYWEEK.COM — 22 Jul 2025

🕵️

Reclaiming Control: How Enterprises Can Fix Broken Security Operations

SECURITYWEEK.COM — 22 Jul 2025

🕵️

Can AI Agents Spam Each Other?!

YOUTUBE.COM — 2025-07-22

🕵️

New APIsec University Training Modules Now Available in KnowBe4’s Diamond Library

KNOWBE4.COM — 22 Jul 2025

🌐

Back to Business: Lumma Stealer Returns with Stealthier Methods

TRENDMICRO.COM — 22 Jul 2025

🌐

National security meets next-gen tech at TechCrunch Disrupt 2025’s AI Defense panel

TECHCRUNCH.COM — 22 Jul 2025

🌐

Coyote malware abuses Windows accessibility framework for data theft

BLEEPINGCOMPUTER.COM — 22 Jul 2025

🎙️

Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)

WELIVESECURITY.COM — 22 Jul 2025

📡

WinRAR MoTW Propagation Privacy, (Tue, Jul 22nd)

ISC.SANS.EDU — 22 Jul 2025

📡

How to Advance from SOC Manager to CISO?

THEHACKERNEWS.COM — 22 Jul 2025

📡

Windows 11 gets new Black Screen of Death, auto recovery tool

BLEEPINGCOMPUTER.COM — 22 Jul 2025

📡

Windows 11 KB5062660 update brings new 'Windows Resilience' features

BLEEPINGCOMPUTER.COM — 22 Jul 2025