🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
25 JulMultiple Hacker Groups Exploit SharePoint 0-Day Vulnerability in the WildMicrosoft has confirmed that a pair of zero-day vulnerabilities in on-premises SharePoint Server, collectively dubbed ToolShell, are under active exploitation by diverse threat actors ranging from opportunistic cybercriminals to sophisticated nation-state advanced persistent thre…GBHACKERS.COM
25 JulCritical VGAuth Flaw in VMware Tools Grants Full System AccessSecurity researchers have uncovered critical vulnerabilities in VMware Tools’ Guest Authentication Service (VGAuth) that allow attackers to escalate privileges from any user account to full SYSTEM access on Windows virtual machines. The flaws, tracked as CVE-2025-22230 and …GBHACKERS.COM
25 JulAI-forged panda images hide persistent cryptomining malware ‘Koske’A new malware strain named ‘Koske’ is delivering crypto-mining payloads through dropper files posing as benign panda pictures. According to Aqua Nautilus, the cybersecurity team at Aqua Security, the malware likely uses AI-assistance as its code appears shaped by large language m…CSOONLINE.COM
25 JulChromium: CVE-2025-8011 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2025-8010 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 19[−]
25 JulSupply chain attack compromises npm packages to spread backdoor malwareIn a newly discovered supply chain attack, attackers last week targeted a range of npm-hosted JavaScript type testing utilities, several of which were successfully compromised to distribute malware. Anyone automatically downloading these packages would have been exposed to a back…CSOONLINE.COM
25 JulSharepoint Hack Reaches Crisis Level and more: Cybersecurity Today for July 25, 2025The recent Sharepoint hack is spreading like wildfire through unpatched systems. All this and more on today's episode with guest host David Shipley.CYBERSECURITYTODAY.LIBSYN.COM
25 JulBlackSuit Ransomware Infrastructure Seized by AuthoritiesInternational law enforcement agencies delivered a significant blow to cybercriminals this week with the successful takedown of critical infrastructure belonging to the BlackSuit ransomware gang. The coordinated operation, dubbed “Operation Checkmate,” has effectively…GBHACKERS.COM
25 Jul KEVThe books shaping today’s cybersecurity leadersFrom strategy and psychology to history and decision-making, these are the books CISOs recommend to sharpen your thinking, influence your leadership style, and help navigate the complexity of modern security careers. Exploring risk from different angles CISOs, not surprisingly, a…CSOONLINE.COM
25 JulxonPlus Launches Real-Time Breach Alerting Platform For Enterprise Credential ExposureChennai, India, July 25th, 2025, CyberNewsWire xonPlus, a real-time digital risk alerting system, officially launches today to help security teams detect credential exposures before attackers exploit them. The platform detects data breaches and alerts teams and systems to respond…GBHACKERS.COM
25 JulNew VoIP Botnet Targets Routers Using Default PasswordsCybersecurity researchers have uncovered a sophisticated botnet operation exploiting VoIP-enabled routers through default password attacks, with initial activity concentrated in rural New Mexico before expanding globally to compromise approximately 500 devices. The discovery bega…GBHACKERS.COM
25 JulNo Patch for Flaw Exposing Hundreds of LG Cameras to Remote HackingLG Innotek LNV5110R security cameras are affected by a vulnerability that can be exploited for unauthenticated remote code execution. The post No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulBloomberg’s Comdb2 Vulnerable to DoS Through Malicious PacketsCisco Talos’ Vulnerability Discovery & Research team has disclosed five critical security vulnerabilities in Bloomberg’s Comdb2 open-source database that could allow attackers to cause denial-of-service conditions through specially crafted network packets. The vul…GBHACKERS.COM
25 JulSoco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining AttacksThreat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners. The threat activity clusters have been codenamed Soco404 and Koske by cloud security firms Wiz and Aq…THEHACKERNEWS.COM
25 JulMitel Patches Critical Flaw in Enterprise Communication PlatformAn authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system. The post Mitel Patches Critical Flaw in Enterprise Communication Platform appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulHackers Exploit Google Forms to Trick Victims into Stealing CryptocurrencyCybercriminals are increasingly using Google Forms to plan cryptocurrency theft in a sophisticated evolution of phishing assaults, taking advantage of the platform’s built-in credibility and smooth integration with Google’s ecosystem. This tactic allows malicious acto…GBHACKERS.COM
25 JulIn Other News: $30k Google Cloud Build Flaw, Louis Vuitton Breach Update, Attack Surface GrowthNoteworthy stories that might have slipped under the radar: Google Cloud Build vulnerability earns researcher big bounty, more countries hit by Louis Vuitton data breach, organizations’ attack surface is increasing. The post In Other News: $30k Google Cloud Build Flaw, Louis Vuit…SECURITYWEEK.COM
25 JulAI-Generated Malware in Panda Image Hides Persistent Linux Threatsubmitted by cm0002 to cybersecurity 3 points | 0 comments https://www.aquasec.com/blog/ai-generated-malware-in-panda-image-hides-persistent-linux-threat/ A sophisticated Linux malware called Koske, discovered in July 2025, hides malicious code within innocent-looking panda bear …INFOSEC.PUB
25 JulBeware of Fake Error Pages Deploying Platform-Specific Malware on Linux and Windows SystemsWiz Research has uncovered an active cryptomining campaign, dubbed Soco404, that exploits misconfigurations in PostgreSQL databases and other cloud services to deploy platform-specific malware on both Linux and Windows systems. This operation, part of a broader crypto-scam infras…GBHACKERS.COM
25 JulThis AI Suggestion Could Break Your Code 😳When cybersecurity analyst Janet Worthington warned that GenAI coding tools could lead to real-world breaches, many thought it was too early to worry. But now, with AI suggesting outdated or vulnerable open source libraries, developers are unknowingly building risk into their own…YOUTUBE.COM
25 JulWarning: Ransomware Attacks Surged by 63% Last QuarterRansomware attacks increased by 63% year-over-year in the second quarter of 2025, with a total of 276 publicly disclosed incidents, according to a new report from BlackFog.KNOWBE4.COM
25 JulExcel Is the #1 Cybersecurity Tool?! 🤯Most people think of Excel as a spreadsheet tool… not a cybersecurity powerhouse. But in this eye-opening short, Matthew Toussain breaks down how even top-tier organizations rely on Excel more than any other platform when it comes to vulnerability management. With multiple tools …YOUTUBE.COM
25 JulSharePoint under fire: ToolShell attacks hit organizations worldwideThe ToolShell bugs are being exploited by cybercriminals and APT groups alike, with the US on the receiving end of 13 percent of all attacksWELIVESECURITY.COM
25 JulNews alert: xonPlus launches real-time alerting platform to detect exposed enterprise credentialsChennai, India, July 25, 2025, CyberNewswire — xonPlus , a real-time digital risk alerting system, officially launches today to help security teams detect credential exposures before attackers exploit them. The platform detects data breaches and alerts teams and systems to ……LASTWATCHDOG.COM
📢 SECURITY ADVISORIES 3[−]
25 JulOvercoming Risks from Chinese GenAI Tool UsageA recent analysis of enterprise data suggests that generative AI tools developed in China are being used extensively by employees in the US and UK, often without oversight or approval from security teams. The study, conducted by Harmonic Security, also identifies hundreds of inst…THEHACKERNEWS.COM
25 JulWhat Is AI Governance? (And Why It’s Already Too Late) ⏳While most cybersecurity experts are still trying to catch up with emerging threats, Martin Tschammer from Syntesia drops a reality check: AI governance isn’t coming—it’s already here. Before the term even existed, Syntesia built it into their DNA. In just seconds, this Short unp…YOUTUBE.COM
25 JulMicrosoft investigates outage affecting Microsoft 365 admin centerMicrosoft is investigating an ongoing outage blocking Microsoft 365 administrators with business or enterprise subscriptions from accessing the admin center. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 10[−]
25 JulHackers Inject Destructive Commands into Amazon’s AI Coding AgentA significant security breach has exposed critical vulnerabilities in Amazon’s artificial intelligence infrastructure, with hackers successfully injecting malicious computer-wiping commands into the tech giant’s popular AI coding assistant. The incident represents a c…GBHACKERS.COM
25 JulChinese Spies Target Networking and Virtualization Flaws to Breach Isolated EnvironmentsChinese cyberespionage group Fire Ant is targeting virtualization and networking infrastructure to access isolated environments. The post Chinese Spies Target Networking and Virtualization Flaws to Breach Isolated Environments appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulLUP-Kliniken: Patientendaten nach Cyberangriff im Darknet entdecktBei dem Cyberangriff auf die LUP-Kliniken sind auch Patientendaten abgeflossen. khunkornStudio – shutterstock.com Im Februar 2025 wurden die LUP-Kliniken in Hagenow und Ludwigslust Ziel einer Cyberattacke. Die forensische Ermittlungen haben nun ergeben, dass personenbezogene Date…CSOONLINE.COM
25 JulFire Ant Hackers Target VMware ESXi and vCenter Flaws to Infiltrate OrganizationsCybersecurity firm Sygnia has been tracking and mitigating a sophisticated espionage operation dubbed Fire Ant, which zeroes in on virtualization and networking infrastructure, particularly VMware ESXi hypervisors and vCenter management servers, alongside network appliances. The …GBHACKERS.COM
25 JulCyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET BackdoorRussian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a backdoor called EAGLET to facilitate data exfiltration. The activity, dubbed Operation CargoTalon, has been assigned to a threat cluster tracked as UNG0901 (short for Unk…THEHACKERNEWS.COM
25 JulHackers Use Weaponized .HTA Files to Infect Victims with Red RansomwareCloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware. This variant deviates from traditional clipboard-based command injection tactics by directing victims to a secondary page on the same domain, where m…GBHACKERS.COM
25 JulNew Gunra Ransomware Targets Windows Systems, Encrypts Files, and Erases Shadow CopiesAhnLab’s Threat Intelligence Platform (TIP) has been instrumental in monitoring ransomware activities across dark web forums and marketplaces. Through its Live View > Dark Web Watch feature, security teams can track active groups, their collaborations, and emerging atta…GBHACKERS.COM
25 JulThe role of the cybersecurity PM in incident-driven developmentFrom PowerShell abuse to USB data theft, modern threats hit fast—and hard.vSee how security-minded PMs are responding with real-time controls, smarter policies, and tools like ThreatLocker Patch Management. [...]BLEEPINGCOMPUTER.COM
25 JulAmazon AI coding agent hacked to inject data wiping commandsA hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. [...]BLEEPINGCOMPUTER.COM
25 JulGiving Strangers the Keys to Your Data Center!?When cybersecurity expert Sheena Thomas talks about moving data to the cloud, she reveals the uncomfortable truth every tech team faces: you're literally handing the "keys to the kingdom" to someone else. In this clip, she breaks down the real risk behind cutting costs and trusti…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 30[−]
25 JulQuid Miner Launches Mobile Cloud Mining App for Seamless, Secure BTC and DOGE Cryptocurrency Daily Income of $17,777[London, UK ] July 2025 – As digital assets continue to gain mainstream adoption, investors are turning to innovative tools that simplify how they participate in the crypto economy. Quid Miner, a UK-based platform, is leading this shift with a sleek, mobile-first application that…GBHACKERS.COM
25 JulHackers—hope to defect to Russia? Don’t Google “defecting to Russia.”submitted by PhilipTheBucket to cybersecurity 3 points | 0 comments https://arstechnica.com/security/2025/07/hackers-hope-to-defect-to-russia-dont-google-defecting-to-russia/ To the casual observer, cybercriminals can look like swashbuckling geniuses. They possess technical skill…SH.ITJUST.WORKS
25 JulHacker Plants Computer 'Wiping' Commands in Amazon's AI Coding Agentsubmitted by cm0002 to cybersecurity 2 points | 0 comments https://www.404media.co/hacker-plants-computer-wiping-commands-in-amazons-ai-coding-agent/INFOSEC.PUB
25 JulISC Stormcast For Friday, July 25th, 2025 https://isc.sans.edu/podcastdetail/9542, (Fri, Jul 25th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
25 JulBulletproof Host Aeza Group Moves Infrastructure to New Autonomous SystemThreat analysts at Silent Push announced the discovery of a major infrastructure shift by the bulletproof hosting provider Aeza Group, which was designated and sanctioned by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on July 1 for facilitating g…GBHACKERS.COM
25 JulUS Targets North Korea’s Illicit Funds: $15M Rewards Offered as American Woman Jailed in IT Worker ScamChristina Chapman was sentenced to prison for helping North Korean IT workers infiltrate US companies and running a laptop farm for them. The post US Targets North Korea’s Illicit Funds: $15M Rewards Offered as American Woman Jailed in IT Worker Scam appeared first on Secur…SECURITYWEEK.COM
25 JulNew CastleLoader Attack Uses Cloudflare-Themed Clickfix Method to Compromise Windows SystemsA newly identified loader malware dubbed CastleLoader has emerged as a significant threat since early 2025, rapidly evolving into a distribution platform for various information stealers and remote access trojans (RATs). Leveraging sophisticated phishing tactics under T1566 and d…GBHACKERS.COM
25 JulMalware Campaign Uses YouTube and Discord to Harvest Credentials from ComputersThe Acronis Threat Research Unit (TRU) has uncovered a sophisticated malware campaign deploying infostealers like Leet Stealer, its modified variant RMC Stealer, and Sniffer Stealer, leveraging social engineering tactics centered on gaming hype. These threats masquerade as indie …GBHACKERS.COM
25 JulUK Student Sentenced to Prison for Selling Phishing KitsOllie Holman was sentenced to prison for selling over 1,000 phishing kits that caused estimated losses of over $134 million. The post UK Student Sentenced to Prison for Selling Phishing Kits appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulTridium Niagara Framework Flaws Expose Sensitive Network DataCybersecurity researchers at Nozomi Networks Labs have discovered 13 critical vulnerabilities in Tridium’s widely-used Niagara Framework, potentially exposing sensitive network data across building management, industrial automation, and smart infrastructure systems worldwid…GBHACKERS.COM
25 JulUS Announces $15M Reward for North Korean IT Scheme LeadersThe United States government announced coordinated actions across multiple departments today, offering rewards totaling up to $15 million for information leading to the arrests and convictions of North Korean nationals involved in extensive revenue generation schemes targeting Am…GBHACKERS.COM
25 JulSubliminal Learning in AIsToday’s freaky LLM behavior : We study subliminal learning, a surprising phenomenon where language models learn traits from model-generated data that is semantically unrelated to those traits. For example, a “student” model learns to prefer owls when trained on …SCHNEIER.COM
25 JulWoman gets 8 years for aiding North Koreans infiltrate 300 US firmsChristina Marie Chapman, a 50-year-old woman from Arizona, was sentenced to 102 months in prison after pleading guilty to her involvement in a scheme that enabled North Korean IT workers to infiltrate 309 U.S. companies. [...]BLEEPINGCOMPUTER.COM
25 JulSophisticated Koske Linux Malware Developed With AI AidThe Koske Linux malware shows how cybercriminals can use AI for payload development, persistence, and adaptivity. The post Sophisticated Koske Linux Malware Developed With AI Aid appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulPhishing Attack Spoofs Facebook Login Page to Capture CredentialsCybercriminals are using a variety of dishonest tactics in a sophisticated phishing effort aimed at Facebook users in order to obtain login information. The attack begins with a malicious redirect that leads victims to a fraudulent website mimicking legitimate Facebook interfaces…GBHACKERS.COM
25 JulFake Indian Banking Apps on Android Steal Login Credentials from UsersA malicious Android application has been uncovered, impersonating legitimate Indian banking apps to orchestrate credential theft, surveillance, and unauthorized financial transactions. This malware employs a modular architecture featuring a dropper and a primary payload, leveragi…GBHACKERS.COM
25 JulSchwarzmarkthändler wollen mit Bots an Tickets kommensrcset="https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2161920885.jpg?quality=50&strip=all 4000w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2161920885.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
25 JulUS sanctions North Korean firm, nationals behind IT worker schemesThe U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned three North Korean nationals and a company for supporting fraudulent IT worker schemes that generated illicit revenue for the Democratic People's Republic of Korea (DPRK) government. [...…BLEEPINGCOMPUTER.COM
25 JulOff-Topic Fridaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
25 JulArcaneChat 2.6.0 released with major security enhancementsubmitted by cm0002 to cybersecurity 1 points | 0 comments ArcaneChat 2.6.0 is on its way to Google Play and f-droid and should be available in the upcoming days, can’t wait? for other download options check arcanechat.me 🔮 What’s new? ★ More security: chats are now encrypted for…INFOSEC.PUB
25 JulU.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop FarmThe U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology (IT) worker scheme designed to generate illicit revenues fo…THEHACKERNEWS.COM
25 JulPatchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK FilesThe threat actor known as Patchwork has been attributed to a new spear-phishing campaign targeting Turkish defense contractors with the goal of gathering strategic intelligence. "The campaign employs a five-stage execution chain delivered via malicious LNK files disguised as conf…THEHACKERNEWS.COM
25 JulHow Cybersecurity Can Ruin Customer ExperienceWhen cybersecurity teams focus too much on isolated systems, the entire customer experience can suffer. In this short, Melina Scotto highlights how businesses can no longer afford to treat security as a siloed function—especially when microservices now define every part of a user…YOUTUBE.COM
25 JulBridging the Gap: Human Risk in African CybersecurityAfrica's cybersecurity landscape presents a paradox: a widespread belief in preparedness among organisations, although significant blind spots continue to exist, particularly concerning their human layer - their employees.KNOWBE4.COM
25 JulBefore ChatGPT: This Was the OG AI!Before ChatGPT and the buzz around Generative AI, there was a different kind of intelligence running the show. In this short, Pravallika Devineni takes us back to a time when AI meant neural networks, and data mining was the hot topic in every textbook. From predicting buying pat…YOUTUBE.COM
25 JulWhy Linking AI to Your Data Might Be a HUGE MistakeMost companies think AI risk ends with training protections... but Matt Muller, a leading voice in cybersecurity, reveals the overlooked danger hiding in plain sight: how organizations connect their internal data to AI models. This short breaks down the real threat that could put…YOUTUBE.COM
25 JulHow ThreatLocker Changed 54,000 Companies' MindsetsMost businesses fear blocking software by default... until they meet ThreatLocker. In this short, cybersecurity expert Danny Jenkins explains how 54,000 companies completely shifted their mindset — from avoiding software control to embracing it as the new standard. Discover how s…YOUTUBE.COM
25 JulFriday Squid Blogging: Stable Quasi-Isodynamic DesignsYet another SQUID acronym: “ Stable Quasi-Isodynamic Design .” It’s a stellarator for a fusion nuclear power plant.SCHNEIER.COM
25 JulTotal Recall, Steam, Storm-2063, Unmarker, Altair, Josh Marpet, and More... - SWN #497Total Recall, Steam, Storm-2063, Unmarker, Altair, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-497YOUTUBE.COM
25 JulSecure by Simplicity: The Cyber Rule No One Talks AboutIn this short, Vlad breaks down a powerful truth in cybersecurity: if security tools are too complex, developers will avoid them—often compromising safety. He explains why simplicity isn't just a UX choice, it's a security necessity. Discover how making things easier for devs act…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
25 JulHijacking Discord invite links to install malware | Kaspersky official blogAttackers hijack Discord invite links to redirect users to malicious servers and install AsyncRAT and Skuld Stealer.KASPERSKY.COM
25 JulGoogle took a month to shut down Catwatchful, a phone spyware operation hosted on its serversGoogle has suspended the Firebase account of Catwatchful following a TechCrunch investigation. The spyware operation was caught using Google's own servers to host and run its surveillance app, which was stealthily monitoring thousands of people's phones.TECHCRUNCH.COM
📡 INFOSEC NEWS 2[−]
25 JulSinkholing Suspicious Scripts or Executables on Linux, (Fri, Jul 25th)When you need to analyze some suspicious pieces of code, it&#;x26;#;39;s interesting to detonate them in a sandbox. If you don&#;x26;#;39;t have a complete sandbox environment available or you just want to avoid generatin no…ISC.SANS.EDU
25 JulMicrosoft lifts Windows 11 update block for Easy Anti-Cheat usersMicrosoft has removed a compatibility hold that prevented some Easy Anti-Cheat users from installing the Windows 11 2024 Update because of a known issue that triggers restarts with blue screen of death (BSOD) errors. [...]BLEEPINGCOMPUTER.COM