94Articles
10Categories
2025-07-22Date
🚨 CISA KEV 2[−]
22 Jul KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-49704 Microsoft SharePoint Code Injection Vulnerability CVE-2025-49706 Microsoft SharePoint Improper Authentication Vulnerability These…CISA.GOV
22 Jul KEVCISA Adds Four Known Exploited Vulnerabilities to CatalogCISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-54309 CrushFTP Unprotected Alternate Channel Vulnerability CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input Validation Vulne…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
22 JulProactive Security and Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771)CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse.TRENDMICRO.COM
22 JulKubernetes Image Builder Vulnerability Grants Root Access to Windows NodesA critical vulnerability in the Kubernetes Image Builder has been disclosed that allows attackers to gain root access on Windows nodes by exploiting default credentials embedded in virtual machine images. Tracked as CVE-2025-7342, the flaw affects images built with the Nutanix or…GBHACKERS.COM
22 JulwolfSSL Security Update Addresses Apple Trust Store BypasswolfSSL has released version 5.8.2 to address several critical security vulnerabilities, with the most significant being a high-severity Apple trust store bypass flaw that could allow malicious actors to circumvent certificate verification processes on Apple platforms. Critical A…GBHACKERS.COM
22 JulNew Scanner Launched to Detect CVE-2025-53770 in SharePoint ServersA cybersecurity researcher has released a new open-source scanner designed to detect a critical vulnerability affecting Microsoft SharePoint servers, providing organizations with a crucial tool to assess their security posture against the recently disclosed CVE-2025-53770 flaw. R…GBHACKERS.COM
22 Jul KEVCisco Alerts on ISE RCE Vulnerability Actively ExploitedCisco has issued an urgent security advisory warning that a set of critical remote code execution (RCE) vulnerabilities affecting its Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC) products are being actively exploited in the wild. The flaws, tracked as C…GBHACKERS.COM
22 JulCVE-2022-44693 Microsoft SharePoint Server Remote Code Execution VulnerabilityUpdated the build numbers. This is an informational update only.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 35[−]
22 JulExpressVPN Windows Client Flaw Could Expose User InformationExpressVPN disclosed a vulnerability in its Windows desktop client that, under specific circumstances, could have permitted the leakage of user connection details. The flaw was discovered by security researcher Adam-X through ExpressVPN’s bug bounty program and pertains to Remote…GBHACKERS.COM
22 JulNew Report Reveals Just 10% of Employees Drive 73% of Cyber RiskLiving Security, the global leader in Human Risk Management (HRM), today released the 2025 State of Human Cyber Risk Report , an independent study conducted by leading research firm Cyentia Institute. The report provides an unprecedented look at behavioral risk inside organizatio…CSOONLINE.COM
22 JulMicrosoft ‘digital escorts’ reveal crucial US counterintelligence blind spotOn July 15, 2025, ProPublica published a sweeping investigation revealing that Microsoft had, for nearly a decade, allowed engineers based in China to remotely support sensitive Department of Defense (DoD) cloud systems . The degree to which the arrangement was known within feder…CSOONLINE.COM
22 JulToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value TargetsMore details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulHackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent AccessThe recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The cybersecurity company said it observed first exploitation attempts targeting an unnamed major Western gove…THEHACKERNEWS.COM
22 JulCybercriminals Merge Android Malware with Click Fraud Apps to Harvest CredentialsResearchers uncovered an active Android malware cluster that ingeniously combines brand impersonation with traffic monetization tactics, targeting users across multiple regions. These malicious Android Package Kit (APK) files exploit social engineering and off-market distribution…GBHACKERS.COM
22 JulRise of Compromised LLMs - Sohrob Kazerounian - ASW #340AI is more than LLMs. Machine learning algorithms have been part of infosec solutions for a long time. For appsec practitioners, a key concern is always going to be how to evaluate the security of software or a system. In some cases, it doesn't matter if a human or an LLM generat…YOUTUBE.COM
22 JulDark Web Travel Agencies Exploit Cheap Deals to Steal Credit Card DataDark web travel agencies have developed into highly skilled organizations operating in the murky corners of cybercrime, using hacked credit card information, compromised loyalty accounts, and faked identities to provide drastically reduced travel services. According to recent ana…GBHACKERS.COM
22 Jul“Encryption Backdoors and the Fourth Amendment”Law journal article that looks at the Dual_EC_PRNG backdoor from a US constitutional perspective: Abstract : The National Security Agency (NSA) reportedly paid and pressured technology companies to trick their customers into using vulnerable encryption products. This Article exam…SCHNEIER.COM
22 JulCritical Sophos Firewall Flaws Allow Pre-Auth RCESophos has disclosed multiple critical security vulnerabilities affecting its Firewall products, with the most severe flaws enabling pre-authentication remote code execution that could allow attackers to completely compromise affected systems. The cybersecurity company released h…GBHACKERS.COM
22 JulMicrosoft Sharepoint ToolShell attacks linked to Chinese hackersHackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain. [...]BLEEPINGCOMPUTER.COM
22 JulApache Jena Vulnerability Allows Arbitrary File AccessCritical security vulnerabilities in Apache Jena have been disclosed that enable administrators to access and create files outside designated server directories, potentially compromising system security. Two distinct CVEs were published on July 21, 2025, affecting all versions of…GBHACKERS.COM
22 JulHackers Selling macOS 0-Day LPE Exploit on Dark ForumsA threat actor claiming to possess a zero-day Local Privilege Escalation (LPE) exploit targeting Apple’s macOS operating system has emerged on underground cybercriminal forums, offering the vulnerability for sale at a substantial price point. The alleged exploit, if genuine…GBHACKERS.COM
22 JulPrettier-ESLint npm packages hijacked in a sophisticated supply chain attackPopular configuration packages for integrating Prettier with ESLint, the widely used code formatting tools within JavaScript and TypeScript projects, were hijacked after a maintainer fell victim to a phishing scheme. According to a Socket observation, packages like eslint-config-…CSOONLINE.COM
22 JulDell demonstration platform breached by World Leaks extortion groupDell Technologies has confirmed that cybercriminals breached its Customer Solution Centers platform earlier this month in an attack that highlights the evolving threat landscape where extortion groups target any accessible enterprise data, regardless of its actual value. The atta…CSOONLINE.COM
22 JulCisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root AccessCisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) to acknowledge active exploitation. "In July 2025, the Cisco PSIRT [Product Security Incident Response Team], became a…THEHACKERNEWS.COM
22 Jul KEVCisco: Maximum-severity ISE RCE flaws now exploited in attacksCisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks. [...]BLEEPINGCOMPUTER.COM
22 JulGoogle, Microsoft say Chinese hackers are exploiting SharePoint zero-dayThe tech giants have evidence that Chinese hackers are exploiting the new bug, but warned "multiple actors" are also hacking into affected SharePoint systems.TECHCRUNCH.COM
22 JulThreat Actors Target Linux SSH Servers to Deploy SVF BotnetAhnLab Security Intelligence Center (ASEC) has been actively tracking cyber threats exploiting vulnerable Linux servers through strategically deployed honeypots, with SSH services using weak credentials emerging as a prime target for distributed denial-of-service (DDoS) and crypt…GBHACKERS.COM
22 JulJoint Advisory Issued on Protecting Against Interlock RansomwareCISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services, and the Multi-State Information Sharing and Analysis Center issued a joint Cybersecurity Advisory to help protect businesses and critical infrastructure organizations…CISA.GOV
22 JulETQ Reliance RCE Flaw Grants Full SYSTEM Access with a Single SpaceHexagon ETQ’s Java-based quality management system, ETQ Reliance, has several serious flaws, according to a new security research revelation by Assetnote. The software, which facilitates document and form management with integrations like Microsoft Word macros and Jython sc…GBHACKERS.COM
22 JulDisrupting active exploitation of on-premises SharePoint vulnerabilitiesMicrosoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnera…MICROSOFT.COM
22 JulMicrosoft Sentinel data lake: Unify signals, cut costs, and power agentic AIWe’re evolving our industry-leading Security Incidents and Event Management solution (SIEM), Microsoft Sentinel, to include a modern, cost-effective data lake. By unifying all your security data, Microsoft Sentinel data lake, in public preview, accelerates AI adoption and drives …MICROSOFT.COM
22 JulCISA Releases Nine Industrial Control Systems AdvisoriesCISA released nine Industrial Control Systems (ICS) advisories on July 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-203-01 DuraComm DP-10iN-100-MU ICSA-25-203-02 Lantronix Provisioning …CISA.GOV
22 JulMultiple Vulnerabilities in Microsoft SharePoint Server Could Allow for Remote Code ExecutionMultiple Vulnerabilities have been discovered in Microsoft SharePoint Server, which could allow for remote code execution. Microsoft SharePoint Server is a web-based collaborative platform that integrates with Microsoft Office. Successful exploitation of these vulnerabilities all…CISECURITY.ORG
22 JulMicrosoft Links Ongoing SharePoint Exploits to Three Chinese Hacker GroupsMicrosoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a thir…THEHACKERNEWS.COM
22 JulMicrosoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before PatchMicrosoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulHow a Single Download Can Infect Your Entire System 🧨A cybersecurity pro explains how one malicious package can silently drop malware the moment it’s downloaded by a developer. No clicks. No warnings. Just instant compromise. In today’s threat landscape, preventing this at the source is critical. This short breaks down the dangers …YOUTUBE.COM
22 JulCommon mistakes in using CVSS | Kaspersky official blogWhy CVSS cannot be the sole tool for vulnerability assessment, and how to prioritize vulnerabilities correctlyKASPERSKY.COM
22 JulLumma infostealer malware returns after law enforcement disruptionThe Lumma infostealer malware operation is gradually resuming activities following a massive law enforcement operation in May, which resulted in the seizure of 2,300 domains and parts of its infrastructure. [...]BLEEPINGCOMPUTER.COM
22 JulDonatello, SharePoint, CrushFTP, WordPress, Replit, AllaKore, Rob Allen, and more... -... - SWN #496Donatello, SharePoint, CrushFTP, WordPress, Replit, AllaKore, Rob Allen, and more on the Security Weekly News. Segment Resources: https://www.darkreading.com/threat-intelligence/matanbuchus-loader-ransomware-infections This segment is sponsored by ThreatLocker. Visit https://secu…YOUTUBE.COM
22 JulNews alert: Living Security report reveals that just 10% of employees drive 73% of cyber riskAustin, TX, July 21, 2025, CyberNewswire — Living Security, the global leader in Human Risk Management (HRM), today released the 2025 State of Human Cyber Risk Report , an independent study conducted by leading research firm Cyentia Institute. The report … (more…) The post …LASTWATCHDOG.COM
22 JulMultiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe After Effects – Used for creating motion graphics, visual effects, and compositing in film, television, and online content. Adobe Substance 3D…CISECURITY.ORG
22 JulMultiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. De…CISECURITY.ORG
22 JulMultiple Vulnerabilities in Microsoft SharePoint Server Could Allow for Remote Code ExecutionMultiple Vulnerabilities have been discovered in Microsoft SharePoint Server, which could allow for remote code execution. Microsoft SharePoint Server is a web-based collaborative platform that integrates with Microsoft Office. Successful exploitation of these vulnerabilities all…CISECURITY.ORG
📋 SECURITY BULLETINS 1[−]
22 JulMicrosoft: Windows Server KB5062557 causes cluster, VM issuesMicrosoft is asking businesses to reach out for support to mitigate a known issue causing Cluster service and VM restart issues after installing this month's Windows Server 2019 security updates. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 12[−]
22 JulNIS2-Umsetzungsgesetz: Geschäftsleitung haftet mit Privatvermögensrcset="https://b2b-contenthub.com/wp-content/uploads/2025/07/Raushan_films-shutterstock_2452558257_16z9.jpg?quality=50&strip=all 3817w, https://b2b-contenthub.com/wp-content/uploads/2025/07/Raushan_films-shutterstock_2452558257_16z9.jpg?resize=300%2C168&quality=50&st…CSOONLINE.COM
22 JulThe CISO code of conduct: Ditch the ego, lead for realSome CISOs just suck. Not because they don’t know security. Not because they aren’t smart. But because their egos have taken over. They’ve forgotten how to be decent, collaborative, self-aware human beings. The title went to their head. The influence got addictive. The attention …CSOONLINE.COM
22 JulNew DCHSpy Android Malware Targets WhatsApp, Call Logs, Audio, and PhotosSecurity researchers at Lookout have identified four novel samples of DCHSpy, an advanced Android surveillanceware attributed to the Iranian threat actor group MuddyWater, believed to be affiliated with Iran’s Ministry of Intelligence and Security (MOIS). These samples emer…GBHACKERS.COM
22 JulVulnerabilities Expose Helmholz Industrial Routers to HackingSeveral potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz. The existence of the security holes came to light last week, when Germany’s CERT@VDE published an advisory describin…SECURITYWEEK.COM
22 JulThe AI Fix #60: Elon’s AI girlfriend, the arsonist red panda, and the AI that will kill youIn episode 60 of The AI Fix, we learn why Grok might be Elon Musk's bid for digital immortality, how Meta is building a Manhattan-sized data centre called Prometheus, how AI is helping create carbon-sucking concrete, and are bewildered that 2000 people "work" at the Candy Crush c…GRAHAMCLULEY.COM
22 JulIranian Hackers Target Global Airlines to Steal Sensitive DataAPT39, a hacker collective connected to Iran’s Ministry of Intelligence and Security (MOIS), was exposed as operating through the compromised internal systems of the Iranian company Amnban, Sharif Advanced Technologies, in a significant cybersecurity incident. Launched in 2…GBHACKERS.COM
22 JulJoint Advisory Issued on Protecting Against Interlock Ransomwaresubmitted by Pro to cybersecurity 1 points | 0 comments https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203aINFOSEC.PUB
22 JulCISA and FBI warn of escalating Interlock ransomware attacksCISA and the FBI warned on Tuesday of increased Interlock ransomware activity targeting businesses and critical infrastructure organizations in double extortion attacks. [...]BLEEPINGCOMPUTER.COM
22 JulFunding to protect US from Stuxnet-like worm expired Sundaysubmitted by BrikoX to cybersecurity 2 points | 0 comments https://www.theregister.com/2025/07/22/lapsed_cisa_funding_cybersentry/ CyberSentry work grinds to a haltSH.ITJUST.WORKS
🔥 INCIDENT REPORTING 13[−]
22 JulDell Data Breach – World Leaks Group Hacks Test Lab PlatformDell Technologies has acknowledged a significant security incident involving its Customer Solution Centers platform, with the World Leaks extortion group successfully infiltrating the isolated demonstration environment used for showcasing products to commercial clients. The breac…GBHACKERS.COM
22 JulWeak Password Enables Ransomware Attack on 158-Year-Old FirmA single compromised password has been identified as the catalyst that destroyed a century-old transport company and displaced 700 employees, highlighting the devastating impact of cybersecurity vulnerabilities on British businesses. The case of KNP, a Northamptonshire-based logi…GBHACKERS.COM
22 JulCybercriminals from GLOBAL GROUP Target All Platforms with Golang RansomwareA notorious ransomware actor known by the alias $$$ has unveiled GLOBAL GROUP, positioning it as a cutting-edge Ransomware-as-a-Service (RaaS) operation. Promising automated negotiations, cross-platform payloads, and lucrative affiliate splits, the group claims innovation in scal…GBHACKERS.COM
22 Jul11 Years of Microsoft Regional Director and 15 Years of MVPPresently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite I often wonder how much people in other professions genuinely love the industry they're in to the point that they'd do it reg…TROYHUNT.COM
22 JulDior Says Personal Information Stolen in CyberattackDior says hackers accessed personal information in a January 2025 intrusion. No payment information was compromised. The post Dior Says Personal Information Stolen in Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulUK to ban public sector orgs from paying ransomware gangsThe United Kingdom's government is planning to ban public sector and critical infrastructure organizations from paying ransoms after ransomware attacks. [...]BLEEPINGCOMPUTER.COM
22 JulUK Bans Public Sector from Paying Ransomware GangsThe UK government has announced a comprehensive ban preventing public sector organizations from paying ransom demands to cybercriminals, marking a significant escalation in the fight against ransomware attacks that cost the British economy millions of pounds annually. The new mea…GBHACKERS.COM
22 JulScavenger Malware Compromises Popular npm Packages to Target DevelopersThe well-known npm package eslint-config-prettier was released without authorization, according to several GitHub users, even though its repository did not contain any corresponding code changes. The maintainer later confirmed via social media that their npm account was compromis…GBHACKERS.COM
22 JulUK government wants ransomware victims to report cyberattacks so it can disrupt the hackersExperts applauded the proposed change, which would require ransomware victims to notify authorities when paying a hacker's ransom, arguing that this information can help catch cybercriminals and stop their activities.TECHCRUNCH.COM
22 JulMajor European healthcare network discloses security breachAMEOS Group, an operator of a massive healthcare network in Central Europe, has announced it has suffered a security breach that may have exposed customer, employee, and partner information. [...]BLEEPINGCOMPUTER.COM
22 JulApple alerted Iranians to iPhone spyware attacks, say researchersResearchers say Apple sent out threat notifications to several Iranians in recent months, saying their iPhones had been hacked. Iran is likely behind the attacks.TECHCRUNCH.COM
22 JulRansomware Trends in 2025I’ve been following ransomware since the first one, the AIDS Cop Trojan, was released in December 1989.KNOWBE4.COM
22 JulWhy GenAI Isn’t Reinventing Attacks… YetEveryone feared that generative AI would unleash a new wave of cyber threats… but the reality is different. In this short, cybersecurity experts break down how attackers are actually using AI — not to invent new hacks, but to make old ones slightly better. Think smarter phishing …YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 17[−]
22 JulISC Stormcast For Tuesday, July 22nd, 2025 https://isc.sans.edu/podcastdetail/9536, (Tue, Jul 22nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
22 JulWireshark 4.4.8 Released, (Tue, Jul 22nd)Wireshark release 4.4.8 fixes 9 bugs. ISC.SANS.EDU
22 JulNew Report Reveals Just 10% Of Employees Drive 73% Of Cyber RiskAustin, United States / TX, July 21st, 2025, CyberNewsWire Living Security, the global leader in Human Risk Management (HRM), today released the 2025 State of Human Cyber Risk Report, an independent study conducted by leading research firm Cyentia Institute. The report provides a…GBHACKERS.COM
22 JulAngriff auf Ameos-Kliniken: Möglicherweise Patientendaten betroffenBeim Klinikbetreiber Ameos sind möglicherweise Patientendaten abgeflossen. khunkornStudio – shutterstock.com Bei dem Cyberangriff auf den Klinikkonzern Ameos sind nach eigenen Angaben möglicherweise auch Patientendaten abgegriffen worden. Es könne nicht ausgeschlossen werden, das…CSOONLINE.COM
22 JulFinancial Institutions Under Siege by Greedy Sponge Hackers’ Modified AllaKore RATA financially motivated threat actor, now identified as Greedy Sponge, has been relentlessly targeting Mexican organizations with a customized version of the AllaKore Remote Access Trojan (RAT). Named for its monetary focus and a past reference to a popular “SpongeBob” meme on it…GBHACKERS.COM
22 JulUK Sanctions Russian Hackers Tied to Assassination AttemptsThe UK government has sanctioned three Russian APTs and 18 individuals for their involvement in cyber operations against Ukraine, NATO allies, and EU. The post UK Sanctions Russian Hackers Tied to Assassination Attempts appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulPoisonSeed überlistet FIDO-SchlüsselCyberkriminelle nutzen die geräteübergreifende Anmeldeoption von FIDO aus, um eine von ihnen kontrollierte authentifizierte Sitzung zu erstellen. ArtemisDiana – shutterstock.com FIDO-Schlüssel verwenden eine hardwarebasierte Multi-Faktor-Authentifizierung, um Schwachstellen ander…CSOONLINE.COM
22 JulDarktrace Acquires Mira SecurityAI-powered cybersecurity company Darktrace has acquired network traffic visibility provider Mira Security. The post Darktrace Acquires Mira Security appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulHow Apps and Your Phone Can Expose Your Life Without PermissionSecurity challenges encompass the entire ecosystem of apps, services and IoT devices that modern consumers use without understanding the data exposure. The post How Apps and Your Phone Can Expose Your Life Without Permission appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
22 JulCredential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader ProliferateMexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign.  The activity has been attributed by Arctic Wolf Labs to a financially motivated hacking group called Greedy Sponge.…THEHACKERNEWS.COM
22 JulClickFake Interview Attack Leverages ClickFix Technique to Deploy GolangGhost MalwareCybersecurity researchers have provided insight into a persistent threat cluster linked to the well-known North Korean state-sponsored hacker outfit Lazarus, according to a comprehensive analysis published in March by Sekoia’s Threat Detection and Response (TDR) team. Dubbe…GBHACKERS.COM
22 JulNew Web3 Phishing Scam Uses Fake AI Platforms to Steal CredentialsThe threat actor group LARVA-208, notorious for phishing attacks and social engineering against English-speaking IT staff, has pivoted to targeting Web3 developers. Employing spearphishing links (T1566.002), the group lures victims with fabricated job offers or portfolio review r…GBHACKERS.COM
22 JulDell Says Data Leaked by Hackers Is FakeDell confirms the compromise of a demo environment containing synthetic data after hackers leak allegedly stolen information. The post Dell Says Data Leaked by Hackers Is Fake appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulReclaiming Control: How Enterprises Can Fix Broken Security OperationsOnce a manageable function, security operations has become a battlefield of complexity. The post Reclaiming Control: How Enterprises Can Fix Broken Security Operations appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulCan AI Agents Spam Each Other?!Katie picked up what she thought was a real person—only to realize it was an AI spam agent that couldn’t even be interrupted. Her reaction? Pure disbelief. Then Jackie drops the ultimate comeback: “Why not let your AI assistant answer the spam AI?” Now it's AI vs. AI… and cyberse…YOUTUBE.COM
22 JulNew APIsec University Training Modules Now Available in KnowBe4’s Diamond LibraryWe’re excited to announce the addition of six new training modules from APIsec University, now available at the Diamond Level in KnowBe4’s Security Awareness Training (KSAT) library.KNOWBE4.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
22 JulBack to Business: Lumma Stealer Returns with Stealthier MethodsLumma Stealer has re-emerged shortly after its takedown. This time, the cybergroup behind this malware appears to be intent on employing more covert tactics while steadily expanding its reach. This article shares the latest methods used to propagate this threat.TRENDMICRO.COM
22 JulNational security meets next-gen tech at TechCrunch Disrupt 2025’s AI Defense panelTechCrunch Disrupt 2025 is where breakthrough ideas meet the real-world challenges that define the future — and with over 10,000 startup and VC leaders converging, there’s no better place to have the hard conversations. One of the most urgent? How artificial intelligence is resha…TECHCRUNCH.COM
22 JulCoyote malware abuses Windows accessibility framework for data theftA new variant of the banking trojan 'Coyote' has begun abusing a Windows accessibility feature, Microsoft's UI Automation framework, to identify which banking and cryptocurrency exchange sites are accessed on the device for potential credential theft. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
22 JulWhy is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)Behind every free online service, there's a price being paid. Learn why your digital footprint is so valuable, and why you might be the product.WELIVESECURITY.COM
📡 INFOSEC NEWS 4[−]
22 JulWinRAR MoTW Propagation Privacy, (Tue, Jul 22nd)Since WinRAR 7.10, not all Mark-of-The-Web data (stored in the Zone.Identifier Alternate Data Stream) is propagated when you extract a file from an archive. ISC.SANS.EDU
22 JulHow to Advance from SOC Manager to CISO?Making the move from managing a security operations center (SOC) to being a chief information security officer (CISO) is a significant career leap. Not only do you need a solid foundation of tech knowledge but also leadership skills and business smarts.  This article will gu…THEHACKERNEWS.COM
22 JulWindows 11 gets new Black Screen of Death, auto recovery toolMicrosoft is rolling out significant changes to Windows 11 24H2 as part of the Windows Resilience Initiative, designed to reduce downtime and help devices recover from serious failures, as well as an overhaul of the all-too-familiar BSOD crash screens. [...]BLEEPINGCOMPUTER.COM
22 JulWindows 11 KB5062660 update brings new 'Windows Resilience' features​​Microsoft has released the KB5062660 preview cumulative update for Windows 11 24H2 with twenty-nine new features or changes, with many gradually rolling out, such as the new Black Screen of Death and Quick Machine Recovery tool. [...]BLEEPINGCOMPUTER.COM