Source: socprime.com – Author: Veronika Telychko WRITTEN BY Veronika Telychko Technical Writer [post-views] June 27, 2025 · 4 min read As the summer heat intensifies, so does...
Day: June 27, 2025
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign – Source:thehackernews.com
Source: thehackernews.com – Author: . Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been...
PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack – Source:thehackernews.com
Source: thehackernews.com – Author: . A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan...
Business Case for Agentic AI SOC Analysts – Source:thehackernews.com
Source: thehackernews.com – Author: . Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are...
Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit – Source:thehackernews.com
Source: thehackernews.com – Author: . A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver...
Taking over millions of developers exploiting an Open VSX Registry flaw – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini A critical flaw in Open VSX Registry could let attackers hijack the VS Code extension hub, exposing millions of developers...
OneClik APT campaign targets energy sector with stealthy backdoors – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini A OneClik campaign, likely carried out by China-linked actor, targets energy sectors using stealthy ClickOnce and Golang backdoors. Trellix cybersecurity...
APT42 impersonates cyber professionals to phish Israeli academics and journalists – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email credentials and 2FA codes. Iran-linked...
Some Brother printers have a remote code execution vulnerability, and they can’t fix it – Source: www.csoonline.com
Source: www.csoonline.com – Author: An authentication bypass vulnerability in the printers, hardcoded at the factory, can be chained with another flaw for remote code execution on...
Microsoft-Lücke ermöglicht E-Mail-Versand ohne Authentifizierung – Source: www.csoonline.com
Source: www.csoonline.com – Author: Eine Sicherheitslücke in Microsoft 365 Direct Send erlaubt es Cyberkriminellen, Mitarbeiter ohne gestohlene Anmeldedaten anzugreifen. Drucker und Scanner werden dank einer Schwachstelle...
The rise of the compliance super soldier: A new human-AI paradigm in GRC – Source: www.csoonline.com
Source: www.csoonline.com – Author: AI is reshaping GRC, demanding a new kind of archetype — forward-operating professionals who don’t just manage governance; they engineer it. As...
6 key trends redefining the XDR market – Source: www.csoonline.com
Source: www.csoonline.com – Author: X marks the spot: Extended detection and response (XDR) continues to evolve, with XDR-as-a-service on the rise, AI developments reshaping what’s possible,...
Don’t trust that email: It could be from a hacker using your printer to scam you – Source: www.csoonline.com
Source: www.csoonline.com – Author: New research reveals a simple way threat actors are using Microsoft 365 Direct Send to phish employees, without even having to steal...
Cisco warns of critical API vulnerabilities in ISE and ISE-PIC – Source: www.csoonline.com
Source: www.csoonline.com – Author: Patch these holes before threat actors exploit them to get root access. CSOs are being urged to quickly patch multiple vulnerabilities in...
New Stealthy Remcos Malware Campaigns Target Businesses and Schools – Source:hackread.com
Source: hackread.com – Author: Deeba Ahmed. Forcepoint’s X-Labs reveals Remcos malware using new tricky phishing emails from compromised accounts and advanced evasion techniques like path bypass...
Researchers Warn Free VPNs Could Leak US Data to China – Source:hackread.com
Source: hackread.com – Author: Deeba Ahmed. A recent report by the Washington, D.C.-based Tech Transparency Project (TTP) reveals that numerous free Virtual Private Network (VPN) apps,...
SafePay ransomware: What you need to know – Source: www.fortra.com
Source: www.fortra.com – Author: Graham Cluley What is the SafePay ransomware? SafePay is a relatively new ransomware threat that was first observed around September 2024. Like...
Hawaiian Airlines Hit by Cybersecurity Incident – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: Hawaiian Airlines has been hit by a cybersecurity incident, impacting some of its IT systems. The US airline disclosed the “cybersecurity event”...
CitrixBleed 2 Vulnerability Exploited, Recalling Earlier CitrixBleed Fallout – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: A new critical vulnerability in Citrix NetScaler ADC and Gateway devices, bearing similarities to the notorious CitrixBleed flaw of 2023, is reportedly...
MOVEit Transfer Systems Face Fresh Attack Risk Following Scanning Activity Surge – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: A significant rise in scanning activity targeting MOVEit Transfer systems has been detected, indicating the software could face a resurgence in attacks....
So you CAN turn an entire car into a video game controller – Source: go.theregister.com
Source: go.theregister.com – Author: Connor Jones Cybersecurity nerds figured out a way to make those at-home racing simulators even more realistic by turning an actual car...
Data spill in aisle 5: Grocery giant Ahold Delhaize says 2.2M affected after cyberattack – Source: go.theregister.com
Source: go.theregister.com – Author: Connor Jones Multinational grocery and retail megacorp Ahold Delhaize says upwards of 2.2 million people had their data compromised during its November...
FBI used bitcoin wallet records to peg notorious IntelBroker as UK national – Source: go.theregister.com
Source: go.theregister.com – Author: Jessica Lyons The notorious data thief known as IntelBroker allegedly broke into computer systems belonging to more than 40 victims worldwide and...
What if Microsoft just turned you off? Security pro counts the cost of dependency – Source: go.theregister.com
Source: go.theregister.com – Author: Liam Proven Comment A sharply argued blog post warns that heavy reliance on Microsoft poses serious strategic risks for organizations – a...
Taking the shine off BreachForums – Source: news.sophos.com
Source: news.sophos.com – Author: mindimcdowell ShinyHunters threat group members were arrested in a coordinated law enforcement action for their association with BreachForums On June 25, 2025,...
Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs Microsoft on Thursday shared an update on the progress of its resiliency initiative, triggered by the highly disruptive CrowdStrike incident...
How I Built My STEM Career Without a Network
What happens when you don’t have referrals or connections? Akanksha Prasad, a senior chemical engineering scientist, shares how to build your own way forward and develop...
LGBTQ+ Students and Professionals Need Community Now More Than Ever
As sweeping anti-DEI legislation threatens progress worldwide, LGBTQ+ people in STEM face growing risks and fewer resources. Here’s how the STEM community can step up. Source...
MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted – Source:thehackernews.com
Source: thehackernews.com – Author: . Threat intelligence firm GreyNoise is warning of a “notable surge” in scanning activity targeting Progress MOVEit Transfer systems starting May 27,...
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors – Source:thehackernews.com
Source: thehackernews.com – Author: . Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to...