93Articles
8Categories
2025-07-28Date
🚨 CISA KEV 1[−]
28 Jul KEVCISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-20281 Cisco Identity Services Engine Injection Vulnerability CVE-2025-20337 Cisco Identity Services Engine Injection Vulnerability CV…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
28 JulNew “ToolShell” Exploit Targets SharePoint Servers for Full TakeoverFortiGuard Labs has identified a critical new exploit chain dubbed “ToolShell” that is actively being used by multiple threat actors to target on-premises Microsoft SharePoint servers. This sophisticated attack combines two previously patched vulnerabilities with two …GBHACKERS.COM
28 JulLG Innotek Camera Flaws Could Give Hackers Full Admin AccessA critical security vulnerability has been discovered in LG Innotek’s LNV5110R CCTV camera model that could allow remote attackers to gain complete administrative control over affected devices. The vulnerability, designated as CVE-2025-7742, represents a significant authent…GBHACKERS.COM
28 Jul400,000 WordPress Websites Exposed by Post SMTP Plugin VulnerabilityA critical security vulnerability has been discovered in the popular Post SMTP plugin for WordPress, potentially exposing over 400,000 websites to account takeover attacks. The vulnerability, tracked as CVE-2025-24000, affects versions 3.2.0 and below of the plugin, allowing even…GBHACKERS.COM
28 JulMicrosoft SharePoint Zero-DayChinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwide: The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint Servers exposed …SCHNEIER.COM
28 JulChinese ‘Fire Ant’ spies start to bite unpatched VMware instancesSuspected China-aligned actors are running a new “Fire Ant” espionage campaign, active since early 2025, that targets VMWare ESXi, vCenter servers, and F5 appliances to achieve stealthy hypervisor-level control. According to a Sygnia discovery, the campaign has been exploiting cr…CSOONLINE.COM
28 JulSploitlight: Analyzing a Spotlight-based macOS TCC vulnerabilityMicrosoft Threat Intelligence has discovered a macOS vulnerability, tracked as CVE-2025-31199, that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC), including the ability to extract and leak sensitive information…MICROSOFT.COM
28 JulExploit available for critical Cisco ISE bug exploited in attacksSecurity researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an unauthenticated remote code execution vulnerability in Cisco Identity Services Engine (ISE). [...]BLEEPINGCOMPUTER.COM
28 JulToolShell: Uncovering Five Critical Vulnerabilities in Microsoft SharePointSecurity researchers from Kaspersky have detailed a sophisticated exploit chain dubbed “ToolShell,” actively targeting on-premise Microsoft SharePoint servers worldwide. The campaign, which began widespread exploitation leverages an unauthenticated remote code executi…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 27[−]
28 JulDarkweb – das verkannte Security-ToolEin Besuch im Darkweb kann der IT-Sicherheit zuträglich sein. Postmodern Studio | shutterstock.com Ist vom Darkweb die Rede, weckt das bei den meisten Menschen dunkle Assoziationen von einem florierenden Cyberuntergrund, in dem (unter anderem) mit Waffen, Drogen und Zugangsdaten …CSOONLINE.COM
28 JulCritical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems WorldwideCybersecurity researchers have discovered over a dozen security vulnerabilities impacting Tridium's Niagara Framework that could allow an attacker on the same network to compromise the system under certain circumstances. "These vulnerabilities are fully exploitable if a Niagara s…THEHACKERNEWS.COM
28 JulCritical Salesforce Flaws Allow Remote Code Execution – Patch Immediately!Salesforce has disclosed a series of critical security vulnerabilities in its Tableau Server platform that could allow attackers to execute remote code and gain unauthorized access to production databases. The vulnerabilities, announced on June 26, 2025, affect multiple versions …GBHACKERS.COM
28 JulScattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. InfrastructureThe notorious cybercrime group known as Scattered Spider is targeting VMware ESXi hypervisors in attacks targeting retail, airline, and transportation sectors in North America. "The group's core tactics have remained consistent and do not rely on software exploits. Instead, they …THEHACKERNEWS.COM
28 JulThe CISO’s challenge: Getting colleagues to understand what you doThe first-ever CISO, the late Steve Katz , earned the title chief information security officer at Citicorp in 1995 after Russian hackers stole more than $10 million from the financial institution. Thirty years later, this relative late-comer leadership role remains largely misund…CSOONLINE.COM
28 JulAmazon AI Tool Hacked, Scattered Spider Attacks VMware, and Major Ransomware Takedown | Cybersecurity TodayIn this episode of Cybersecurity Today, host David Shipley covers several key incidents impacting the cybersecurity landscape. Amazon's generative AI coding assistant 'Q' was compromised by a hacker who injected data-wiping code into the tool's GitHub repository. Scattered Spider…CYBERSECURITYTODAY.LIBSYN.COM
28 JulEntwickler-Tool von Amazon verseuchtsrcset="https://b2b-contenthub.com/wp-content/uploads/2025/07/Tada_Images-shutterstock_2395625183-NR_16z9.jpg?quality=50&strip=all 5984w, https://b2b-contenthub.com/wp-content/uploads/2025/07/Tada_Images-shutterstock_2395625183-NR_16z9.jpg?resize=300%2C168&quality=50&…CSOONLINE.COM
28 JulFlaw Allowing Website Takeover Found in WordPress Plugin With 400k InstallationsThe Post SMTP email delivery WordPress plugin is affected by a critical vulnerability and half of websites using it remain unpatched. The post Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations appeared first on SecurityWeek .SECURITYWEEK.COM
28 Jultj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - D... - ESW #417Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Ac…YOUTUBE.COM
28 JulBlackSuit Ransomware Group Transitioning to ‘Chaos’ Amid Leak Site SeizureThe emerging Chaos ransomware appears to be a rebranding of BlackSuit, which had its leak site seized by law enforcement. The post BlackSuit Ransomware Group Transitioning to ‘Chaos’ Amid Leak Site Seizure appeared first on SecurityWeek .SECURITYWEEK.COM
28 JulInside Muddled Libra’s Playbook: Call Center Attacks for Initial BreachPalo Alto Networks’ Unit 42, the cybercrime group tracked as Muddled Libra also known as Scattered Spider or UNC3944 has demonstrated remarkable resilience and adaptation in 2025, following international law enforcement disruptions in late 2024. Despite federal charges agai…GBHACKERS.COM
28 JulRoot Evidence Launches With $12.5 Million in Seed FundingRoot Evidence is developing fully integrated vulnerability scanning and attack surface management technology. The post Root Evidence Launches With $12.5 Million in Seed Funding appeared first on SecurityWeek .SECURITYWEEK.COM
28 JulAndroid Malware-as-a-Service Gets Cheaper, Packing 2FA InterceptionMalware-as-a-service (MaaS) platforms like PhantomOS and Nebula are democratizing Android device attacks because they provide pre-built, subscription-based malware kits for as little as $300 per month, marking a fundamental shift in the cybercrime scene. These services eliminate …GBHACKERS.COM
28 JulNPM ‘is’ Package with 2.8M Weekly Downloads Exploited in Attack on DevelopersThe popular npm package ‘is’, which has about 2.8 million weekly downloads, has been taken over by threat actors in a sophisticated escalation of a phishing effort that was first disclosed last Friday. The attack began with emails spoofing npm’s support@npmjs.or…GBHACKERS.COM
28 Jul“We’re Too New To Be Hacked” – Famous Last Words 😬 #infosecA biotech startup fresh out of Johns Hopkins thinks they’re too early for hackers to care. No data, no risk… right? Wrong. Melina Scotto breaks down the real reason why brand-new companies with big VC funding are prime targets for cyberattacks. This short is a must-watch for any …YOUTUBE.COM
28 JulParasitic Sharepoint Exploits, (Mon, Jul 28th)Last week, newly exploited SharePoint vulnerabilities took a lot of our attention. It is fair to assume that last Monday (July 21st), all exposed vulnerable SharePoint installs were exploited. Of course, there is nothing to prevent multiple exploitation of the same instance, and …ISC.SANS.EDU
28 JulCISA flags PaperCut RCE bug as exploited in attacks, patch nowCISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery (CSRF) attacks. [...]BLEEPINGCOMPUTER.COM
28 JulRaven Stealer Malware Exploits Telegram to Steal Logins, Payment Data, and Autofill InfoRaven Stealer has emerged as sophisticated, lightweight information-stealing malware crafted in Delphi and C++, targeting Windows systems with a focus on extracting sensitive data like logins, payment details, and autofill information from Chromium-based browsers such as Chrome a…GBHACKERS.COM
28 JulWhy Open Source Might Save Your Job 🔓When cybersecurity expert Matthew Toussain saw organizations getting hacked within days of new vulnerabilities dropping, he knew the tools weren’t keeping up. So he built an open-source vulnerability scanner that actually works for enterprise needs—UI, agents, scans, the full sta…YOUTUBE.COM
28 JulUNC3886 Hackers Target Singapore’s Critical Infrastructure by Exploiting 0-Day VulnerabilitiesSingapore’s critical infrastructure sectors, including energy, water, telecommunications, finance, and government services, are facing an active cyberattack from UNC3886, a sophisticated China-linked advanced persistent threat (APT) group renowned for leveraging zero-day ex…GBHACKERS.COM
28 JulSploitlight: Analyzing a Spotlight-based macOS TCC vulnerabilitysubmitted by Pro to cybersecurity 1 points | 0 comments https://www.microsoft.com/en-us/security/blog/2025/07/28/sploitlight-analyzing-a-spotlight-based-macos-tcc-vulnerability/INFOSEC.PUB
28 JulMicrosoft: macOS Sploitlight flaw leaks Apple Intelligence dataAttackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached data. [...]BLEEPINGCOMPUTER.COM
28 JulChinese Hackers Exploit Software Vulnerabilities to Breach Targeted SystemsChina’s Cyberspace Administration, Ministry of Public Security, and Ministry of Industry and Information Technology introduced the Regulations on the Management of Network Product Security Vulnerabilities (RMSV) in July 2021, mandating that software vulnerabilities exploita…GBHACKERS.COM
28 JulFlaw in Gemini CLI AI coding assistant allowed stealthy code executionA vulnerability in Google's Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from developers' computers using allowlisted programs. [...]BLEEPINGCOMPUTER.COM
28 JulArmouryLoader Bypasses Security Protections to Inject Malicious CodeArmouryLoader and other malicious code loaders have become essential tools for introducing Trojan-type payloads into hacked systems in the ever-changing world of cyberattacks. First identified in 2024, ArmouryLoader exploits the ASUS Armoury Crate software by hijacking its export…GBHACKERS.COM
28 JulVulnhuntr: Open-source tool to identify remotely exploitable vulnerabilitiessubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2025/07/28/vulnhuntr-open-source-tool-identify-remotely-exploitable-vulnerabilities/INFOSEC.PUB
28 JulLovense sex toy app flaw leaks private user email addressesThe connected sex toy platform Lovense is vulnerable to a zero-day flaw that allows an attacker to get access to a member's email address simply by knowing their username, putting them at risk of doxxing and harassment. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 12[−]
28 JulWhen AI Meets Security… You Get THIS NightmareWhen AI companies try to scale without proper certifications like SOC 2 or ISO 27001, things can get messy fast. In this clip, Martin Tschammer reveals how AI governance questionnaires are becoming just as common—and critical—as traditional security ones. Enterprise buyers aren’t…YOUTUBE.COM
28 JulInternet Archive is now a US federal depository libraryThe Internet Archive has become an official U.S. federal depository library, providing online users with access to archived congressional bills, laws, regulations, presidential documents, and other U.S. government documents. [...]BLEEPINGCOMPUTER.COM
28 JulAre passkeys enterprise-ready? | Kaspersky official blogRegulation and the evolving threat landscape are driving companies to adopt more resilient forms of employee authentication. Are passkeys a cost-effective and straightforward replacement for traditional passwords?KASPERSKY.COM
🔥 INCIDENT REPORTING 17[−]
28 JulLeak Zone Dark Web Forum Breach Exposes 22 Million User IPs and LocationsA significant data breach has exposed sensitive information about users of Leakzone, a prominent dark web forum known for trading hacking tools and compromised accounts. Security firm UpGuard discovered an unprotected Elasticsearch database containing approximately 22 million web…GBHACKERS.COM
28 JulHackers Breach Intelligence Portal Used by the CIA and Other AgenciesUnidentified hackers have successfully compromised a critical intelligence website operated by the National Reconnaissance Office, marking a significant security breach affecting the CIA and multiple government agencies. The attack targeted the Acquisition Research Center website…GBHACKERS.COM
28 JulWomen’s Dating App “Tea” Data Leak Exposes 13,000 User SelfiesTea, a women-only dating safety app that allows users to review and share information about men they’ve dated anonymously, has suffered a significant data breach that exposed approximately 72,000 user images, including 13,000 sensitive selfies and photo identification docum…GBHACKERS.COM
28 JulWeekly Update 462Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite This will be the title of the blog post: "Court Injunctions are the Thoughts and Prayers of Data Breach Response". It's …TROYHUNT.COM
28 JulThreat Actors Claim Breach of Airpay Payment GatewayCybercriminals have reportedly claimed a successful breach of Airpay, an Indian payment gateway service, raising serious concerns about the security of financial data and customer information. The allegations surfaced on underground forums where threat actors are allegedly offeri…GBHACKERS.COM
28 JulAllianz Life Data Breach Impacts Most of 1.4 Million US CustomersAllianz subsidiary said the information of customers, financial professionals and employees was compromised as a result of a hack. The post Allianz Life Data Breach Impacts Most of 1.4 Million US Customers appeared first on SecurityWeek .SECURITYWEEK.COM
28 JulEmail Security Is Stuck in the Antivirus Era: Why It Needs a Modern ApproachPicture this: you’ve hardened every laptop in your fleet with real‑time telemetry, rapid isolation, and automated rollback. But the corporate mailbox—the front door for most attackers—is still guarded by what is effectively a 1990s-era filter. This isn't a balanced approach. Emai…THEHACKERNEWS.COM
28 JulScattered Spider Targeting VMware vSphere EnvironmentsThe financially motivated group is pivoting from Active Directory to VMware vSphere environments, deploying ransomware from the hypervisor. The post Scattered Spider Targeting VMware vSphere Environments appeared first on SecurityWeek .SECURITYWEEK.COM
28 JulNASCAR Confirms Personal Information Stolen in Ransomware AttackNASCAR says names, Social Security numbers, and other personal information was stolen in an April 2025 ransomware attack. The post NASCAR Confirms Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
28 Jul⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and MoreSome risks don’t breach the perimeter—they arrive through signed software, clean resumes, or sanctioned vendors still hiding in plain sight. This week, the clearest threats weren’t the loudest—they were the most legitimate-looking. In an environment where identity, trust, and too…THEHACKERNEWS.COM
28 JulFlights grounded as Russia’s largest airline Aeroflot hit by cyberattackRussian prosecutor said it opened a criminal investigation into the cyberattack targeting Aeroflot, the largest airline in Russia.TECHCRUNCH.COM
28 JulFrench submarine secrets surface after cyber attackEuropean defence giant Naval Group has confirmed that it is investigating an alleged cyber attack which has seen what purports to be sensitive internal data published on the internet by hackers. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
28 JulFrance's warship builder Naval Group investigates 1TB data breachFrance's state-owned defense firm Naval Group is investigating a cyberattack after 1TB of allegedly stolen data was leaked on a hacking forum. [...]BLEEPINGCOMPUTER.COM
28 JulHackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 DownloadsIn what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub organization account and leveraged that access to publish 10 malicious packages to the npm registry. The packages contained code to exfiltrate GitHub authe…THEHACKERNEWS.COM
28 JulNew York state cyber chief calls out Trump for cybersecurity cutsThe top cybersecurity official in New York told TechCrunch in an interview that Trump's budget cuts are going to put the government at risk from cyberattacks, and will put more pressure on states to secure themselves.TECHCRUNCH.COM
28 JulTea app leak worsens with second database exposing user chatsThe Tea app data breach has grown into an even larger leak, with the stolen data now shared on hacking forums and a second database discovered that allegedly contains 1.1 million private messages exchanged between the app's members. [...]BLEEPINGCOMPUTER.COM
28 JulUnlocking the Power of Amazon Security Lake for Proactive SecuritySecurity is a central challenge in modern application development and maintenance, requiring not just traditional practices but also a deep understanding of application architecture and data flow. While organizations now have access to rich data like logs and telemetry, the real …TRENDMICRO.COM
🕵️ THREAT INTELLIGENCE 20[−]
28 JulISC Stormcast For Monday, July 28th, 2025 https://isc.sans.edu/podcastdetail/9544, (Mon, Jul 28th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
28 JulSHUYAL Emerges: Stealing Login Credentials from 19 Major BrowsersA sophisticated new information stealer named SHUYAL was recently discovered by Hybrid Analysis. It has demonstrated extensive capabilities in credential extraction from 19 different web browsers, including popular ones like Google Chrome, Microsoft Edge, Opera, Brave, and Yandex…GBHACKERS.COM
28 JulInside Laundry Bear: Unveiling Infrastructure, Tactics, and ProceduresDutch intelligence agencies AIVD and MIVD, alongside Microsoft Threat Intelligence, have identified Laundry Bear also tracked as Void Blizzard as a sophisticated Russian state-sponsored advanced persistent threat (APT) group active since at least April 2024. This actor has focuse…GBHACKERS.COM
28 JulKnowBe4 Named a 2025 Gartner Peer Insights™ Customers’ Choice for Email Security PlatformsKnowBe4 is excited to announce that we have been recognized as an overall Customers’ Choice in the July 2025 Gartner Peer Insights Voice of the Customer for Email Security Platforms Report.KNOWBE4.COM
28 JulAtomic macOS Stealer Upgraded with Remote Access BackdoorThe Atomic macOS Stealer (AMOS), a notorious infostealer malware targeting Apple’s macOS ecosystem, has undergone a significant upgrade by incorporating a sophisticated backdoor mechanism that facilitates persistent access and remote command execution on infected systems. T…GBHACKERS.COM
28 Jul10 Best Ethical Hacking Service Providers in 2025In 2025, the demand for sophisticated ethical hacking services has intensified, driven by the rapid evolution of digital infrastructure and increasingly cunning cyber adversaries. Organizations are moving beyond periodic checks towards continuous security validation, seeking part…GBHACKERS.COM
28 JulLLM Honeypots Deceive Hackers into Exposing Attack MethodsCybersecurity researchers have successfully deployed artificial intelligence-powered honeypots to trick cybercriminals into revealing their attack strategies, demonstrating a promising new approach to threat intelligence gathering. The innovative technique uses large language mod…GBHACKERS.COM
28 JulRevisiting UNC3886 Tactics to Defend Against Present RiskWe examine the past tactics used by UNC3886 to gain insight on how to best strengthen defenses against the ongoing and emerging threats of this APT group.TRENDMICRO.COM
28 JulFree Tool Autoswagger Finds The API Flaws Attackers Hope You MissExposed API documentation is a gift-wrapped roadmap for threat actors. The free Autoswagger tool from Intruder scans for exposed docs and flags endpoints with broken access controls—before attackers find them. [...]BLEEPINGCOMPUTER.COM
28 JulBotconf 2025submitted by ashar to security_cpe 1 points | 0 comments Botconf 2025 playlist ScheduleINFOSEC.PUB
28 JulYou Have an Alarm, But Did You Lock the Door? 🔐Most people focus on threat detection, but Danny Jenkins flips the script. In this short, he compares cybersecurity to home defense — and asks a question every IT pro should answer: if you had to choose, would you rather lock the door or set the alarm? This clip breaks down why b…YOUTUBE.COM
28 JulMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
28 JulGranular Access is Greater Than Admin Chaos 🧠 Here's The FixSecrets don’t belong in plaintext. In this short, Mike and Vlad break down why static secrets are a thing of the past—and how granular, ephemeral access is reshaping security workflows. Instead of giving devs unlimited access, imagine a system where secrets are time-bound, role-r…YOUTUBE.COM
28 JulOyster Backdoor Disguised as PuTTY and KeyPass Targets IT Admins via SEO PoisoningThreat actors have been using trojanized versions of well-known IT tools like PuTTY and WinSCP to spread the Oyster backdoor, also known as Broomstick or CleanupLoader, in a sophisticated malvertising and SEO poisoning campaign that Arctic Wolf researchers first noticed in early …GBHACKERS.COM
28 JulThat Time Tom Lehrer Pranked the NSABluesky thread . Here’s the paper , from 1957. Note reference 3.SCHNEIER.COM
28 JulFeeling Lost in Tech? Here’s What to Do 🚀When Sheena Thomas speaks, aspiring cybersecurity professionals listen. In this inspiring short, Sheena shares a raw and relatable truth—you don’t have to have all the answers to start. Whether you’re lost in the world of tech or unsure how to move forward in your cybersecurity j…YOUTUBE.COM
28 JulNobody Knew We Were Making Millions 💰When a private cybersecurity company suddenly raised $200M, the whole industry took notice. Jeff Shiner reveals how they went from total obscurity to attracting world-class leaders in sales, finance, and marketing—all without anyone knowing if they were profitable. This eye-openi…YOUTUBE.COM
28 JulWhy Even Hardcore Hackers Use Active Directory TodayEven Linux veterans are switching to Active Directory — but why? In this short, cybersecurity expert Doug White breaks down the surprising reason why Microsoft’s tool is now dominating CTF challenges and real-world infrastructure alike. If you're serious about cybersecurity in 20…YOUTUBE.COM
28 JulWant to Join CCDC But No Team? Here's Your Shortcut!When a student wants to compete in CCDC but their school doesn’t have a team, what can they do? In this short, Doug White asks the big question—and gets a clear answer. Viewers will learn how anyone can become a cyber coach, start a team from scratch, and join the Collegiate Cybe…YOUTUBE.COM
28 JulMY TAKE: The signal vs. the noise: email messaging in the era of my AI talking to your AINot long ago, I found myself staring at a reply that could’ve come from a bot. Related: Microsoft purges ‘knowledge workers’ It was a polite follow-up from a PR rep reiterating a pitch I had already acknowledged — and responded … (more…) The post MY TAKE: The si…LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
28 JulEndgame Gear mouse config tool infected users with malwareGaming peripherals maker Endgame Gear is warning that malware was hidden in its configuration tool for the OP1w 4k v2 mouse hosted on the official website between June 26 and July 9, 2025. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 6[−]
28 JulSophos’ Secure by Design 2025 ProgressWe are pleased to openly share our pledges and the progress we are making in each of the seven core pillars of product security in the Secure by Design frameworkSOPHOS.COM
28 JulOpenAI could rival Google Shopping with ChatGPT ShopAI companies like OpenAI and Perplexity like to be the "everything company," and OpenAI's latest ChatGPT feature, "Shopping," makes that obvious. [...]BLEEPINGCOMPUTER.COM
28 JulOpenAI prepares GPT-5 for roll outOpenAI's ChatGPT-5 could drop in the coming days, and it could be one of the best models from the Microsoft-backed startup. [...]BLEEPINGCOMPUTER.COM
28 JulMicrosoft will stop supporting Windows 11 22H2 in OctoberMicrosoft has reminded customers today that the last supported editions of Windows 11 22H2 will reach their end of servicing on October 14. [...]BLEEPINGCOMPUTER.COM
28 JulAdvancing cybersecurity for K-12 and libraries: Strategic considerations for the FCC Cybersecurity Pilot ProgramIf you are preparing an RFP or Form 470 submission under the Cybersecurity Pilot Program, we encourage you to connect with us.SOPHOS.COM
28 JulAllianz Life hit by hackers, customer and staff personal data stolenThe US insurance giant has admitted that hackers stole personal info of the "majority" of its customers and staff earlier this month.GRAHAMCLULEY.COM