matlock.ca // THREAT INTELLIGENCE

108Articles

10Categories

2025-07-30Date

🚨

CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitationsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://thehackernews.com/2025/07/cisa-adds-papercut-ngmf-csrf.html

KEVINFOSEC.PUB — 30 Jul 2025

🚨

32% of exploited vulnerabilities are now zero-days or 1-daysPatching windows for organizations keep shortening, as threat actors exploit important vulnerabilities increasingly faster. According to recent report from VulnCheck , a third of flaws leveraged by attackers this year have been zero-days or 1-days. With so little advance warning,…

KEVCSOONLINE.COM — 30 Jul 2025

🐛

Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome

SECURITYWEEK.COM — 30 Jul 2025

🐛

BeyondTrust Privilege Management Flaw Lets Hackers Escalate System Access

GBHACKERS.COM — 30 Jul 2025

🐛

Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome

THEHACKERNEWS.COM — 30 Jul 2025

🐛

WordPress Theme Security Vulnerability Enables to Execute Arbitrary Code Remotely

GBHACKERS.COM — 30 Jul 2025

⚠️

Enterprise LLMs Vulnerable to Prompt-Based Attacks Leading to Data Breaches

GBHACKERS.COM — 30 Jul 2025

⚠️

How CISOs can scale down without compromising security

CSOONLINE.COM — 30 Jul 2025

⚠️

Prepping for the quantum threat requires a phased approach to crypto agility

CSOONLINE.COM — 30 Jul 2025

⚠️

Free Decryptor Released for AI-Powered FunkSec Ransomware

GBHACKERS.COM — 30 Jul 2025

⚠️

Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware

THEHACKERNEWS.COM — 30 Jul 2025

⚠️

Hackers Target SAP NetWeaver to Deploy New Auto-Color Linux Malware

GBHACKERS.COM — 30 Jul 2025

⚠️

Severe Vulnerability in AI Vibe Lets Attackers Access Private User Applications

GBHACKERS.COM — 30 Jul 2025

⚠️

Tonic Security Launches With $7 Million in Seed Funding

SECURITYWEEK.COM — 30 Jul 2025

⚠️

Measuring the Attack/Defense Balance

SCHNEIER.COM — 2025-07-30

⚠️

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications

SECURITYWEEK.COM — 30 Jul 2025

⚠️

Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits

THEHACKERNEWS.COM — 30 Jul 2025

⚠️

Microsoft SharePoint Server 0-Day Exploit Targets African Treasury, Companies, and University

GBHACKERS.COM — 30 Jul 2025

⚠️

Apple Patches Multiple Vulnerabilities, Including Safari Vulnerability Abused in Chrome 0-Day Attacks

GBHACKERS.COM — 30 Jul 2025

⚠️

LLM Honeypots Can Deceive Threat Actors into Exposing Binaries and Known Exploits

GBHACKERS.COM — 30 Jul 2025

⚠️

Game changer: How AI simplifies implementation of Zero Trust security objectives

CSOONLINE.COM — 30 Jul 2025

⚠️

Minnesota activates National Guard as cyberattack on Saint Paul disrupts public services

TECHCRUNCH.COM — 30 Jul 2025

⚠️

Apple patches security flaw exploited in Chrome zero-day attacks

BLEEPINGCOMPUTER.COM — 30 Jul 2025

⚠️

Qilin Ransomware Uses TPwSav.sys Driver to Bypass EDR Security Measures

GBHACKERS.COM — 30 Jul 2025

⚠️

Eviction Strategies Tool Released

CISA.GOV — Wed, 30 Jul 25 1

⚠️

When Vulnerabilities Linger Too Long... 💣

YOUTUBE.COM — 2025-07-30

⚠️

Hackers actively exploit critical RCE in WordPress Alone theme

BLEEPINGCOMPUTER.COM — 30 Jul 2025

⚠️

Law Enforcement vs Hackers: The Culture Clash!

YOUTUBE.COM — 2025-07-30

⚠️

ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH

BLEEPINGCOMPUTER.COM — 30 Jul 2025

⚠️

This ASUS Feature Lets Hackers Take Over Your PC 🔥

YOUTUBE.COM — 2025-07-30

⚠️

Securing Firebase: Lessons Re-Learned from the Tea Breach, (Wed, Jul 30th)

ISC.SANS.EDU — 30 Jul 2025

⚠️

CISA Releases Open-Source Eviction Strategies Tool for Cyber Incident Response

CISA.GOV — Wed, 30 Jul 25 1

⚠️

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

CISECURITY.ORG — 30 Jul 2025

⚠️

A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution

CISECURITY.ORG — 30 Jul 2025

📋

Chrome Vulnerabilities Allow Attackers to Hijack Memory and Run Malicious Code

GBHACKERS.COM — 30 Jul 2025

📋

New Lenovo UEFI firmware updates fix Secure Boot bypass flaws

BLEEPINGCOMPUTER.COM — 30 Jul 2025

📢

MCP‑Sicherheit: Das Rückgrat von Agentic AI sichern

CSOONLINE.COM — 30 Jul 2025

📢

CISA and FBI Release Tactics, Techniques, and Procedures of the Scattered Spider Hacker Group

GBHACKERS.COM — 30 Jul 2025

📢

Google Chrome security advisory (AV25-465)

CYBER.GC.CA — 2025-07-30

📢

Dobrindt prüft Einsatz von US-Software Palantir

CSOONLINE.COM — 30 Jul 2025

📢

SonicWall security advisory (AV25-466)

CYBER.GC.CA — 2025-07-30

📢

Palo Alto Networks security advisory (AV25-467)

CYBER.GC.CA — 2025-07-30

📢

Palo Alto kauft CyberArk

CSOONLINE.COM — 30 Jul 2025

📢

Controls ≠ Context: Stop Copy-Pasting Cyber Rules!

YOUTUBE.COM — 2025-07-30

📢

HPE security advisory (AV25-468)

CYBER.GC.CA — 2025-07-30

📢

Drupal security advisory (AV25-469)

CYBER.GC.CA — 2025-07-30

📢

Senate Committee Advances Trump Nominee to Lead CISA

SECURITYWEEK.COM — 30 Jul 2025

📢

Splunk security advisory (AV25-470)

CYBER.GC.CA — 2025-07-30

📢

Node-SAML security advisory (AV25-471)

CYBER.GC.CA — 2025-07-30

🔥

Tea App Takes Messaging System Offline After Second Security Issue Reported

SECURITYWEEK.COM — 30 Jul 2025

🔥

Orange Hit by Cyberattack, Internal Systems Hacked

GBHACKERS.COM — 30 Jul 2025

🔥

Cybersecurity Today: Major Data Leaks, Airline Disruptions, Malware in Games, and AI Bypasses Captchas

CYBERSECURITYTODAY.LIBSYN.COM — 30 Jul 2025

🔥

New Gunra Ransomware Linux Variant Launches 100 Encryption Threads with Partial Encryption Feature

GBHACKERS.COM — 30 Jul 2025

🔥

Minnesota Activates National Guard in Response to Cyberattack

SECURITYWEEK.COM — 30 Jul 2025

🔥

Cost of Data Breach in US Rises to $10.22 Million, Says Latest IBM Report

SECURITYWEEK.COM — 30 Jul 2025

🔥

Palo Alto Networks eyes $20B CyberArk deal as identity security takes center stage

CSOONLINE.COM — 30 Jul 2025

🔥

Ransomware upstart Gunra goes cross-platform with encryption upgrades

CSOONLINE.COM — 30 Jul 2025

🔥

Telecom Giant Orange Hit by Cyberattack

SECURITYWEEK.COM — 30 Jul 2025

🔥

APT Hackers Target Maritime and Shipping Industry for Ransomware Attacks

GBHACKERS.COM — 30 Jul 2025

🔥

Erneuter Hackerangriff bei Orange

CSOONLINE.COM — 30 Jul 2025

🔥

Palo Alto Networks to buy CyberArk for $25B as identity security takes center stage

CSOONLINE.COM — 30 Jul 2025

🔥

Hackers Deploy Cobalt Strike Beacon Using GitHub and Social Media

GBHACKERS.COM — 30 Jul 2025

🔥

FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant

THEHACKERNEWS.COM — 30 Jul 2025

🔥

Safepay ransomware threatens to leak 3.5TB of Ingram Micro data

BLEEPINGCOMPUTER.COM — 30 Jul 2025

🔥

Hackers stole Social Security numbers during Allianz Life cyberattack

TECHCRUNCH.COM — 30 Jul 2025

🔥

Cloudflare Just Witnessed a DDoS MONSTER 🧠

YOUTUBE.COM — 2025-07-30

🔥

Crypto Wallets Are Being Hacked by Your Own Screenshots 💀

YOUTUBE.COM — 2025-07-30

🔥

Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP

RISKY.BIZ — 30 Jul 2025

🕵️

ISC Stormcast For Wednesday, July 30th, 2025 https://isc.sans.edu/podcastdetail/9548, (Wed, Jul 30th)

ISC.SANS.EDU — 30 Jul 2025

🕵️

New Microsoft Guidance Targets Defense Against Indirect Prompt Injection

GBHACKERS.COM — 30 Jul 2025

🕵️

Axonius Acquires Medical Device Security Firm Cynerio in $100 Million Deal

SECURITYWEEK.COM — 30 Jul 2025

🕵️

ChatGPT Agent Defeats Cloudflare’s ‘I Am Not a Robot’ Security Check

GBHACKERS.COM — 30 Jul 2025

🕵️

Aligning Security Objectives, Ditch the Ego, Lead for Real and Succeed - BSW #406

YOUTUBE.COM — 2025-07-30

🕵️

Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

THEHACKERNEWS.COM — 30 Jul 2025

🕵️

Social Engineering on the Rise — New Unit 42 Report

PALOALTONETWORKS.COM — 30 Jul 2025

🕵️

New JSCEAL Attack Aims to Steal Credentials and Wallets from Crypto App Users

GBHACKERS.COM — 30 Jul 2025

🕵️

Cobalt Strike Beacon delivered via GitHub and social media

INFOSEC.PUB — 30 Jul 2025

🕵️

Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools

THEHACKERNEWS.COM — 30 Jul 2025

🕵️

Cyata Emerges From Stealth With $8.5 Million in Funding

SECURITYWEEK.COM — 30 Jul 2025

🕵️

Dropbox Passwords Service Ending: Export Your Vault Before Oct 28, 2025

GBHACKERS.COM — 30 Jul 2025

🕵️

Lazarus Group Enhances Malware with New OtterCookie Payload Delivery Technique

GBHACKERS.COM — 30 Jul 2025

🕵️

Scattered Spider Activity Drops Following Arrests, but Others Adopting Group’s Tactics

SECURITYWEEK.COM — 30 Jul 2025

🕵️

Palo Alto Networks to Acquire CyberArk for $25 Billion

SECURITYWEEK.COM — 30 Jul 2025

🕵️

Legion Emerges From Stealth With $38 Million in Funding

SECURITYWEEK.COM — 30 Jul 2025

🕵️

Researchers Reveal North Korean Threat Actors’ Tactics for Uncovering Illicit Access

GBHACKERS.COM — 30 Jul 2025

🕵️

Progress Bar: Hacking 100% 🔓

YOUTUBE.COM — 2025-07-30

🕵️

BlinkOps Raises $50 Million for Agentic Security Automation Platform

SECURITYWEEK.COM — 30 Jul 2025

🕵️

New Spear Phishing Attack Distributes VIP Keylogger Through Email Attachment

GBHACKERS.COM — 30 Jul 2025

🕵️

Palo Alto to scoop up CyberArk for $25 billion to tackle AI-era threats

INFOSEC.PUB — 30 Jul 2025

🕵️

Threat Actors Use LNK Files to Deploy RedLoader Malware on Windows Systems

GBHACKERS.COM — 30 Jul 2025

🕵️

If You Knew This, You’d Use a Password Manager TODAY

YOUTUBE.COM — 2025-07-30

🕵️

Handling malicious requests with fail2ban

INFOSEC.PUB — 30 Jul 2025

🕵️

Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps

THEHACKERNEWS.COM — 30 Jul 2025

🕵️

Hackers target Python devs in phishing attacks using fake PyPI site

BLEEPINGCOMPUTER.COM — 30 Jul 2025

🕵️

More Vendors, More Chaos: Is Supply Chain Security Broken?

YOUTUBE.COM — 2025-07-30

🕵️

Scammers Unleash Flood of Slick Online Gaming Sites

INFOSEC.PUB — 30 Jul 2025

🕵️

[CASE STUDY] Retail Organization Sees 50-Fold Increase in Phishing Reporting with KnowBe4's Phish Alert Button and Training

KNOWBE4.COM — 30 Jul 2025

🕵️

SHARED INTEL Q&A: Inside the access mess no one sees — and the identity risk no one owns

LASTWATCHDOG.COM — 30 Jul 2025

🌐

Scammers Unleash Flood of Slick Online Gaming Sites

KREBSONSECURITY.COM — 30 Jul 2025

🎙️

Smashing Security podcast #428: Red flags, leaked chats, and a final farewell

GRAHAMCLULEY.COM — 30 Jul 2025

📡

Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure

THEHACKERNEWS.COM — 30 Jul 2025

📡

Product Walkthrough: A Look Inside Pillar's AI Security Platform

THEHACKERNEWS.COM — 30 Jul 2025

📡

AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds

BLEEPINGCOMPUTER.COM — 30 Jul 2025

📡

Passkey support in business applications | Kaspersky official blog

KASPERSKY.COM — 30 Jul 2025

📡

Skechers is making kids’ shoes with a hidden AirTag compartment

TECHCRUNCH.COM — 30 Jul 2025

📡

Hackers plant 4G Raspberry Pi on bank network in failed ATM heist

BLEEPINGCOMPUTER.COM — 30 Jul 2025

📡

Germ brings end-to-end encrypted messages to Bluesky

TECHCRUNCH.COM — 30 Jul 2025

📡

Palo Alto Networks agrees to buy CyberArk for $25 billion

TECHCRUNCH.COM — 30 Jul 2025