Top Security News for Today
Canada, Australia or Netherlands
https://www.reddit.com/r/netsec/comments/1l0lssn/canada_australia_or_netherlands/
r/netsec monthly discussion & tool thread
https://www.reddit.com/r/netsec/comments/1l0ozt4/rnetsec_monthly_discussion_tool_thread/
Certification roadmap please
https://www.reddit.com/r/netsec/comments/1l1bsrz/certification_roadmap_please/
Is Continuous Deployment Too Risky? Security Concerns and Mitigations
https://www.tripwire.com/state-of-security/continuous-deployment-too-risky-security-concerns-and-mitigations
The Evolution of Phishing Attacks: Why Traditional Detection Methods Are Failing
https://www.tripwire.com/state-of-security/evolution-phishing-attacks-why-traditional-detection-methods-are-failing
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Canada, Australia or Netherlands
https://www.reddit.com/r/netsec/comments/1l0lssn/canada_australia_or_netherlands/
r/netsec monthly discussion & tool thread
https://www.reddit.com/r/netsec/comments/1l0ozt4/rnetsec_monthly_discussion_tool_thread/
Certification roadmap please
https://www.reddit.com/r/netsec/comments/1l1bsrz/certification_roadmap_please/
Is Continuous Deployment Too Risky? Security Concerns and Mitigations
https://www.tripwire.com/state-of-security/continuous-deployment-too-risky-security-concerns-and-mitigations
The Evolution of Phishing Attacks: Why Traditional Detection Methods Are Failing
https://www.tripwire.com/state-of-security/evolution-phishing-attacks-why-traditional-detection-methods-are-failing
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Canada, Australia or Netherlands
Posted by ash347799 - 1 vote and 1 comment
Top Security News for Today
Certification Roadmap Please
https://www.reddit.com/r/netsec/comments/1l1bsrz/certification_roadmap_please/
Australia Requires Ransomware Victims to Declare Payments
https://www.schneier.com/blog/archives/2025/06/australia-requires-ransomware-victims-to-declare-payments.html
Vulnerabilities Found in Preinstalled Apps on Android Smartphones Could Perform Factory Reset of Device, Exfiltrate PIN Code or Inject an Arbitrary Intent with System-Level Privileges
https://www.reddit.com/r/netsec/comments/1l1fh52/vulnerabilities_found_in_preinstalled_apps_on/
Seeking Insights from Network Security Leaders at Large Companies on Vendor Selection and Challenges
https://www.reddit.com/r/netsec/comments/1l1io63/seeking_insights_from_network_security_leaders_at/
2nd June – Threat Intelligence Report
https://research.checkpoint.com/2025/2nd-june-threat-intelligence-report/
Announcing a New Strategic Collaboration to Bring Clarity to Threat Actor Naming
https://www.microsoft.com/en-us/security/blog/2025/06/02/announcing-a-new-strategic-collaboration-to-bring-clarity-to-threat-actor-naming/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Certification Roadmap Please
https://www.reddit.com/r/netsec/comments/1l1bsrz/certification_roadmap_please/
Australia Requires Ransomware Victims to Declare Payments
https://www.schneier.com/blog/archives/2025/06/australia-requires-ransomware-victims-to-declare-payments.html
Vulnerabilities Found in Preinstalled Apps on Android Smartphones Could Perform Factory Reset of Device, Exfiltrate PIN Code or Inject an Arbitrary Intent with System-Level Privileges
https://www.reddit.com/r/netsec/comments/1l1fh52/vulnerabilities_found_in_preinstalled_apps_on/
Seeking Insights from Network Security Leaders at Large Companies on Vendor Selection and Challenges
https://www.reddit.com/r/netsec/comments/1l1io63/seeking_insights_from_network_security_leaders_at/
2nd June – Threat Intelligence Report
https://research.checkpoint.com/2025/2nd-june-threat-intelligence-report/
Announcing a New Strategic Collaboration to Bring Clarity to Threat Actor Naming
https://www.microsoft.com/en-us/security/blog/2025/06/02/announcing-a-new-strategic-collaboration-to-bring-clarity-to-threat-actor-naming/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Certification roadmap please
Explore this post and more from the netsec community
Top Security News for Today
Host-based logs, container-based threats: How to tell where an attack began
https://securelist.com/host-based-logs-container-based-threats/116643/
New Linux Vulnerabilities
https://www.schneier.com/blog/archives/2025/06/new-linux-vulnerabilities.html
How to build a high-performance network fuzzer with LibAFL and libdesock
https://www.reddit.com/r/netsec/comments/1l29uvp/how_to_build_a_highperformance_network_fuzzer/
Bypassing tamper protection and getting root shell access on a Worldline Yomani XR credit card terminal
https://www.reddit.com/r/netsec/comments/1l2ef65/bypassing_tamper_protection_and_getting_root/
How Microsoft Defender for Endpoint is redefining endpoint security
https://www.microsoft.com/en-us/security/blog/2025/06/03/how-microsoft-defender-for-endpoint-is-redefining-endpoint-security/
OSSEC – Open Source Host-Based Intrusion Detection for Linux, Windows and Unix Systems
https://www.darknet.org.uk/2025/06/ossec-open-source-host-based-intrusion-detection-for-linux-windows-and-unix-systems/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Host-based logs, container-based threats: How to tell where an attack began
https://securelist.com/host-based-logs-container-based-threats/116643/
New Linux Vulnerabilities
https://www.schneier.com/blog/archives/2025/06/new-linux-vulnerabilities.html
How to build a high-performance network fuzzer with LibAFL and libdesock
https://www.reddit.com/r/netsec/comments/1l29uvp/how_to_build_a_highperformance_network_fuzzer/
Bypassing tamper protection and getting root shell access on a Worldline Yomani XR credit card terminal
https://www.reddit.com/r/netsec/comments/1l2ef65/bypassing_tamper_protection_and_getting_root/
How Microsoft Defender for Endpoint is redefining endpoint security
https://www.microsoft.com/en-us/security/blog/2025/06/03/how-microsoft-defender-for-endpoint-is-redefining-endpoint-security/
OSSEC – Open Source Host-Based Intrusion Detection for Linux, Windows and Unix Systems
https://www.darknet.org.uk/2025/06/ossec-open-source-host-based-intrusion-detection-for-linux-windows-and-unix-systems/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
How to find container-based threats in host-based logs
Kaspersky expert shares insights on how to determine whether an attack was first launched in a container or on the host itself when an organization’s logs lack container visibility.
Top Security News for Today
The Ramifications of Ukraine’s Drone Attack
https://www.schneier.com/blog/archives/2025/06/the-ramifications-of-ukraines-drone-attack.html
So you want to rapidly run a BOF? Let's look at this 'cli4bofs' thing then
https://www.reddit.com/r/netsec/comments/1l33fxt/so_you_want_to_rapidly_run_a_bof_lets_look_at/
The Ultimate Guide to Windows Coercion Techniques in 2025
https://www.reddit.com/r/netsec/comments/1l3079i/the_ultimate_guide_to_windows_coercion_techniques/
Multiple CVEs in Infoblox NetMRI: RCE, Auth Bypass, SQLi, and File Read Vulnerabilities
https://www.reddit.com/r/netsec/comments/1l39v5s/multiple_cves_in_infoblox_netmri_rce_auth_bypass/
2025 Red Team Tools – C2 Frameworks, Active Directory & Network Exploitation
https://bishopfox.com/blog/2025-red-team-tools-c2-frameworks-active-directory-network-exploitation
Detailed research for Roundcube ≤ 1.6.10 Post-Auth RCE is out
https://www.reddit.com/r/netsec/comments/1l3o04q/detailed_research_for_roundcube_1610_postauth_rce/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The Ramifications of Ukraine’s Drone Attack
https://www.schneier.com/blog/archives/2025/06/the-ramifications-of-ukraines-drone-attack.html
So you want to rapidly run a BOF? Let's look at this 'cli4bofs' thing then
https://www.reddit.com/r/netsec/comments/1l33fxt/so_you_want_to_rapidly_run_a_bof_lets_look_at/
The Ultimate Guide to Windows Coercion Techniques in 2025
https://www.reddit.com/r/netsec/comments/1l3079i/the_ultimate_guide_to_windows_coercion_techniques/
Multiple CVEs in Infoblox NetMRI: RCE, Auth Bypass, SQLi, and File Read Vulnerabilities
https://www.reddit.com/r/netsec/comments/1l39v5s/multiple_cves_in_infoblox_netmri_rce_auth_bypass/
2025 Red Team Tools – C2 Frameworks, Active Directory & Network Exploitation
https://bishopfox.com/blog/2025-red-team-tools-c2-frameworks-active-directory-network-exploitation
Detailed research for Roundcube ≤ 1.6.10 Post-Auth RCE is out
https://www.reddit.com/r/netsec/comments/1l3o04q/detailed_research_for_roundcube_1610_postauth_rce/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
The Ramifications of Ukraine's Drone Attack - Schneier on Security
You can read the details of Operation Spiderweb elsewhere. What interests me are the implications for future warfare: If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the Chinese from doing…
Top Security News for Today
IT threat evolution in Q1 2025. Non-mobile statistics
https://securelist.com/malware-report-q1-2025-pc-iot-statistics/116686/
IT threat evolution in Q1 2025. Mobile statistics
https://securelist.com/malware-report-q1-2025-mobile-statistics/116676/
Analysis of Spyware That Helped to Compromise a Syrian Army from Within
https://www.reddit.com/r/netsec/comments/1l3trgn/analysis_of_spyware_that_helped_to_compromise_a/
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3
https://www.microsoft.com/en-us/security/blog/2025/06/05/meet-the-deputy-cisos-who-help-shape-microsofts-approach-to-cybersecurity-part-3/
Tnok - Next Generation Port Security
https://www.reddit.com/r/netsec/comments/1l466co/tnok_next_generation_port_security/
Vulnerabilities in Anthropic’s MCP: Full-Schema Poisoning + Secret-Leaking Tool Attacks (PoC Inside)
https://www.reddit.com/r/netsec/comments/1l43aqc/vulnerabilities_in_anthropics_mcp_fullschema/
Proxy Services Feast on Ukraine’s IP Address Exodus
https://krebsonsecurity.com/2025/06/proxy-services-feast-on-ukraines-ip-address-exodus/
DroidGround: Elevate your Android CTF Challenges
https://www.reddit.com/r/netsec/comments/1l4am2x/droidground_elevate_your_android_ctf_challenges/
Cards Are Still the Weakest Link
https://www.reddit.com/r/netsec/comments/1l4brpy/cards_are_still_the_weakest_link/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
IT threat evolution in Q1 2025. Non-mobile statistics
https://securelist.com/malware-report-q1-2025-pc-iot-statistics/116686/
IT threat evolution in Q1 2025. Mobile statistics
https://securelist.com/malware-report-q1-2025-mobile-statistics/116676/
Analysis of Spyware That Helped to Compromise a Syrian Army from Within
https://www.reddit.com/r/netsec/comments/1l3trgn/analysis_of_spyware_that_helped_to_compromise_a/
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3
https://www.microsoft.com/en-us/security/blog/2025/06/05/meet-the-deputy-cisos-who-help-shape-microsofts-approach-to-cybersecurity-part-3/
Tnok - Next Generation Port Security
https://www.reddit.com/r/netsec/comments/1l466co/tnok_next_generation_port_security/
Vulnerabilities in Anthropic’s MCP: Full-Schema Poisoning + Secret-Leaking Tool Attacks (PoC Inside)
https://www.reddit.com/r/netsec/comments/1l43aqc/vulnerabilities_in_anthropics_mcp_fullschema/
Proxy Services Feast on Ukraine’s IP Address Exodus
https://krebsonsecurity.com/2025/06/proxy-services-feast-on-ukraines-ip-address-exodus/
DroidGround: Elevate your Android CTF Challenges
https://www.reddit.com/r/netsec/comments/1l4am2x/droidground_elevate_your_android_ctf_challenges/
Cards Are Still the Weakest Link
https://www.reddit.com/r/netsec/comments/1l4brpy/cards_are_still_the_weakest_link/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
Desktop and IoT threat statistics for Q1 2025
The report presents statistics for Windows, macOS, IoT, and other threats, including ransomware, miners, local and web-based threats, for Q1 2025.
Top Security News for Today
Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721
https://securelist.com/mirai-botnet-variant-targets-dvr-devices-with-cve-2024-3721/116742/
US Offers $10 Million Reward for Tips About State-Linked RedLine Cybercriminals
https://www.tripwire.com/state-of-security/us-offers-10-million-reward-tips-about-state-linked-redline-cybercriminals
NEOM McLaren Formula E Team & Trend Micro Innovation History
https://www.trendmicro.com/en_us/research/25/f/neom-mclaren-innovation-history.html
Report on the Malicious Uses of AI
https://www.schneier.com/blog/archives/2025/06/report-on-the-malicious-uses-of-ai.html
Hearing on the Federal Government and AI
https://www.schneier.com/blog/archives/2025/06/hearing_on_the_federal_government_and_ai.html
Hello, won't you tell me your name?: Investigating Anonymity Abuse in IPFS
https://arxiv.org/abs/2506.04307
Learning to Diagnose Privately: DP-Powered LLMs for Radiology Report Classification
https://arxiv.org/abs/2506.04556
Possible Malware in Official MicroDicom Installer (PDF + Hashes + Scan Results Included)
https://www.reddit.com/r/netsec/comments/1l52z1k/possible_malware_in_official_microdicom_installer/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721
https://securelist.com/mirai-botnet-variant-targets-dvr-devices-with-cve-2024-3721/116742/
US Offers $10 Million Reward for Tips About State-Linked RedLine Cybercriminals
https://www.tripwire.com/state-of-security/us-offers-10-million-reward-tips-about-state-linked-redline-cybercriminals
NEOM McLaren Formula E Team & Trend Micro Innovation History
https://www.trendmicro.com/en_us/research/25/f/neom-mclaren-innovation-history.html
Report on the Malicious Uses of AI
https://www.schneier.com/blog/archives/2025/06/report-on-the-malicious-uses-of-ai.html
Hearing on the Federal Government and AI
https://www.schneier.com/blog/archives/2025/06/hearing_on_the_federal_government_and_ai.html
Hello, won't you tell me your name?: Investigating Anonymity Abuse in IPFS
https://arxiv.org/abs/2506.04307
Learning to Diagnose Privately: DP-Powered LLMs for Radiology Report Classification
https://arxiv.org/abs/2506.04556
Possible Malware in Official MicroDicom Installer (PDF + Hashes + Scan Results Included)
https://www.reddit.com/r/netsec/comments/1l52z1k/possible_malware_in_official_microdicom_installer/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
New Mirai botnet campaign targets DVR devices
Kaspersky GReAT experts describe the new features of a Mirai variant: the latest botnet infections target TBK DVR devices with CVE-2024-3721.
Top Security News for Today
A masochist’s guide to web development
https://www.reddit.com/r/lowlevel/comments/1l5gsf4/a_masochists_guide_to_web_development/
Weaponizing Dependabot – Exploiting GitHub Automation for Supply Chain Attacks
https://www.darknet.org.uk/2025/06/weaponizing-dependabot-exploiting-github-automation-for-supply-chain-attacks/
Riding The Time Machine: Journey Through An Old vBulletin PHP Object Injection
https://www.reddit.com/r/netsec/comments/1l5lj9b/riding_the_time_machine_journey_through_an_old/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
A masochist’s guide to web development
https://www.reddit.com/r/lowlevel/comments/1l5gsf4/a_masochists_guide_to_web_development/
Weaponizing Dependabot – Exploiting GitHub Automation for Supply Chain Attacks
https://www.darknet.org.uk/2025/06/weaponizing-dependabot-exploiting-github-automation-for-supply-chain-attacks/
Riding The Time Machine: Journey Through An Old vBulletin PHP Object Injection
https://www.reddit.com/r/netsec/comments/1l5lj9b/riding_the_time_machine_journey_through_an_old/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the lowlevel community on Reddit: A masochist’s guide to web development
Posted by FoxInTheRedBox - 2 votes and 0 comments
Top Security News for Today
ProxyBlob – SOCKS5 Over Azure Blob Storage for Covert Network Tunneling
https://www.darknet.org.uk/2025/06/proxyblob-socks5-over-azure-blob-storage-for-covert-network-tunneling/
LLM App Security: Risk & Prevent for GenAI Development
https://www.reddit.com/r/netsec/comments/1l40ufu/llm_app_security_risk_prevent_for_genai/
HMAS Canberra accidentally blocks wireless internet and radio services in New Zealand
https://www.reddit.com/r/netsec/comments/1l6pdv7/hmas_canberra_accidentally_blocks_wireless/
Monkey365 – PowerShell Security Scanner for Microsoft 365, Azure, and Entra ID
https://www.darknet.org.uk/2025/06/monkey365-powershell-security-scanner-for-microsoft-365-azure-and-entra-id/
9th June – Threat Intelligence Report
https://research.checkpoint.com/2025/9th-june-threat-intelligence-report/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
ProxyBlob – SOCKS5 Over Azure Blob Storage for Covert Network Tunneling
https://www.darknet.org.uk/2025/06/proxyblob-socks5-over-azure-blob-storage-for-covert-network-tunneling/
LLM App Security: Risk & Prevent for GenAI Development
https://www.reddit.com/r/netsec/comments/1l40ufu/llm_app_security_risk_prevent_for_genai/
HMAS Canberra accidentally blocks wireless internet and radio services in New Zealand
https://www.reddit.com/r/netsec/comments/1l6pdv7/hmas_canberra_accidentally_blocks_wireless/
Monkey365 – PowerShell Security Scanner for Microsoft 365, Azure, and Entra ID
https://www.darknet.org.uk/2025/06/monkey365-powershell-security-scanner-for-microsoft-365-azure-and-entra-id/
9th June – Threat Intelligence Report
https://research.checkpoint.com/2025/9th-june-threat-intelligence-report/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE
https://www.tripwire.com/state-of-security/expanding-adhics-v20-closer-look-healthcare-cybersecurity-uae
Sleep with one eye open: how Librarian Ghouls steal data by night
https://securelist.com/librarian-ghouls-apt-wakes-up-computers-to-steal-data-and-mine-crypto/116536/
HMAS Canberra accidentally blocks wireless internet and radio services in New Zealand
https://www.reddit.com/r/netsec/comments/1l6pdv7/hmas_canberra_accidentally_blocks_wireless/
New Way to Track Covertly Android Users
https://www.schneier.com/blog/archives/2025/06/new-way-to-track-covertly-android-users.html
Preventing Prompt Injection Attacks at Scale
https://www.reddit.com/r/netsec/comments/1l79xay/preventing_prompt_injection_attacks_at_scale/
A bit more on Twitter/X’s new encrypted messaging
https://www.reddit.com/r/netsec/comments/1l7cgwa/a_bit_more_on_twitterxs_new_encrypted_messaging/
Bruteforcing the phone number of any Google user
https://www.reddit.com/r/netsec/comments/1l7e972/bruteforcing_the_phone_number_of_any_google_user/
How Google’s Wiz Acquisition Impacts CNAPP
https://www.trendmicro.com/en_us/research/25/f/google-wiz-acquisition-cnapp.html
Mexico’s Digital Growth Comes with Cybersecurity Challenges
https://www.tripwire.com/state-of-security/mexicos-digital-growth-comes-cybersecurity-challenges
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE
https://www.tripwire.com/state-of-security/expanding-adhics-v20-closer-look-healthcare-cybersecurity-uae
Sleep with one eye open: how Librarian Ghouls steal data by night
https://securelist.com/librarian-ghouls-apt-wakes-up-computers-to-steal-data-and-mine-crypto/116536/
HMAS Canberra accidentally blocks wireless internet and radio services in New Zealand
https://www.reddit.com/r/netsec/comments/1l6pdv7/hmas_canberra_accidentally_blocks_wireless/
New Way to Track Covertly Android Users
https://www.schneier.com/blog/archives/2025/06/new-way-to-track-covertly-android-users.html
Preventing Prompt Injection Attacks at Scale
https://www.reddit.com/r/netsec/comments/1l79xay/preventing_prompt_injection_attacks_at_scale/
A bit more on Twitter/X’s new encrypted messaging
https://www.reddit.com/r/netsec/comments/1l7cgwa/a_bit_more_on_twitterxs_new_encrypted_messaging/
Bruteforcing the phone number of any Google user
https://www.reddit.com/r/netsec/comments/1l7e972/bruteforcing_the_phone_number_of_any_google_user/
How Google’s Wiz Acquisition Impacts CNAPP
https://www.trendmicro.com/en_us/research/25/f/google-wiz-acquisition-cnapp.html
Mexico’s Digital Growth Comes with Cybersecurity Challenges
https://www.tripwire.com/state-of-security/mexicos-digital-growth-comes-cybersecurity-challenges
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE
Explore ADHICS v2.0 and how it strengthens UAE healthcare cybersecurity with six pillars for resilience, compliance, and innovation.
Top Security News for Today
Why Open Source ≠ Secure Code
https://www.reddit.com/r/netsec/comments/1l7usj1/why_open_source_secure_code/
New ISPConfig Authenticated Remote Code Execution Vulnerability
https://www.reddit.com/r/netsec/comments/1l7vrmd/new_ispconfig_authenticated_remote_code_execution/
CVE-2025-47934 - Spoofing OpenPGP.js signature verification
https://www.reddit.com/r/netsec/comments/1l7z99n/cve202547934_spoofing_openpgpjs_signature/
Feedback - new secure doc sharing platform GetSafeDocs.com
https://www.reddit.com/r/netsec/comments/1l83dmz/feedback_new_secure_doc_sharing_platform/
Stealth Falcon and Horus: A Saga of Middle Eastern Cyber Espionage
https://research.checkpoint.com/2025/stealth-falcon-zero-day/
Microsoft and Adobe Patch Tuesday, June 2025 Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/10/microsoft-and-adobe-patch-tuesday-june-2025-security-update-review
Patch Tuesday, June 2025 Edition
https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/
Argusee and Agentic AI in Cybersecurity
https://www.darknet.org.uk/2025/06/argusee-and-agentic-ai-in-cybersecurity/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Why Open Source ≠ Secure Code
https://www.reddit.com/r/netsec/comments/1l7usj1/why_open_source_secure_code/
New ISPConfig Authenticated Remote Code Execution Vulnerability
https://www.reddit.com/r/netsec/comments/1l7vrmd/new_ispconfig_authenticated_remote_code_execution/
CVE-2025-47934 - Spoofing OpenPGP.js signature verification
https://www.reddit.com/r/netsec/comments/1l7z99n/cve202547934_spoofing_openpgpjs_signature/
Feedback - new secure doc sharing platform GetSafeDocs.com
https://www.reddit.com/r/netsec/comments/1l83dmz/feedback_new_secure_doc_sharing_platform/
Stealth Falcon and Horus: A Saga of Middle Eastern Cyber Espionage
https://research.checkpoint.com/2025/stealth-falcon-zero-day/
Microsoft and Adobe Patch Tuesday, June 2025 Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/10/microsoft-and-adobe-patch-tuesday-june-2025-security-update-review
Patch Tuesday, June 2025 Edition
https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/
Argusee and Agentic AI in Cybersecurity
https://www.darknet.org.uk/2025/06/argusee-and-agentic-ai-in-cybersecurity/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Why Open Source ≠ Secure Code
Posted by kobsoN - 0 votes and 8 comments
Top Security News for Today
Toxic trend: Another malware threat targets DeepSeek
https://securelist.com/browservenom-mimicks-deepseek-to-use-malicious-proxy/115728/
AI-Powered Attacks and Lack of Cyber Readiness. How Mexico Can Respond
https://www.tripwire.com/state-of-security/ai-powered-attacks-and-lack-cyber-readiness-how-mexico-can-respond
Enabling Secure AI Inference: Trend Cybertron Leverages NVIDIA Universal LLM NIM Microservices
https://www.trendmicro.com/en_us/research/25/f/cybertron-nvidia-universal-llm-nim-microservices.html
CVE-2025-33073: A Look in the Mirror - The Reflective Kerberos Relay Attack
https://www.reddit.com/r/netsec/comments/1l8n3r0/cve202533073_a_look_in_the_mirror_the_reflective/
Weaponized Google OAuth Triggers Malicious WebSocket
https://www.reddit.com/r/netsec/comments/1l8st38/weaponized_google_oauth_triggers_malicious/
Innovation in the Fast Lane: Lessons from Motorsport and Cybersecurity
https://www.trendmicro.com/en_us/research/25/f/motorsport-cybersecurity.html
Operation Secure: Trend Micro's Threat Intelligence Fuels INTERPOL's Infostealer Infrastructure Takedown
https://www.trendmicro.com/en_us/research/25/f/interpol-operation-secure.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Toxic trend: Another malware threat targets DeepSeek
https://securelist.com/browservenom-mimicks-deepseek-to-use-malicious-proxy/115728/
AI-Powered Attacks and Lack of Cyber Readiness. How Mexico Can Respond
https://www.tripwire.com/state-of-security/ai-powered-attacks-and-lack-cyber-readiness-how-mexico-can-respond
Enabling Secure AI Inference: Trend Cybertron Leverages NVIDIA Universal LLM NIM Microservices
https://www.trendmicro.com/en_us/research/25/f/cybertron-nvidia-universal-llm-nim-microservices.html
CVE-2025-33073: A Look in the Mirror - The Reflective Kerberos Relay Attack
https://www.reddit.com/r/netsec/comments/1l8n3r0/cve202533073_a_look_in_the_mirror_the_reflective/
Weaponized Google OAuth Triggers Malicious WebSocket
https://www.reddit.com/r/netsec/comments/1l8st38/weaponized_google_oauth_triggers_malicious/
Innovation in the Fast Lane: Lessons from Motorsport and Cybersecurity
https://www.trendmicro.com/en_us/research/25/f/motorsport-cybersecurity.html
Operation Secure: Trend Micro's Threat Intelligence Fuels INTERPOL's Infostealer Infrastructure Takedown
https://www.trendmicro.com/en_us/research/25/f/interpol-operation-secure.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
New BrowserVenom malware being distributed via fake DeepSeek phishing website
Kaspersky GReAT experts discovered a new malicious implant: BrowserVenom. It enables a proxy in browsers like Chrome and Mozilla and spreads through a DeepSeek-mimicking phishing website.
Top Security News for Today
Stryker - Android pentesting app with premium access is now free until 2050
https://www.reddit.com/r/netsec/comments/1l9iee8/stryker_android_pentesting_app_with_premium/
Meta is able to track its users via WebRTC on Android including private mode and behind VPN
https://www.reddit.com/r/netsec/comments/1l9kxjm/meta_is_able_to_track_its_users_via_webrtc_on/
From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery
https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/
An Open Source agent hacked Mercado Libre
https://www.reddit.com/r/netsec/comments/1l9n9oi/an_open_source_agent_hacked_mercado_libre/
Millions of Vulnerabilities: One Checklist to Kill The Noise
https://www.reddit.com/r/netsec/comments/1l9pblf/millions_of_vulnerabilities_one_checklist_to_kill/
Airlines Secretly Selling Passenger Data to the Government
https://www.schneier.com/blog/archives/2025/06/airlines-secretly-selling-passenger-data-to-the-government.html
Introducing: GitHub Device Code Phishing
https://www.reddit.com/r/netsec/comments/1l9qo58/introducing_github_device_code_phishing/
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Stryker - Android pentesting app with premium access is now free until 2050
https://www.reddit.com/r/netsec/comments/1l9iee8/stryker_android_pentesting_app_with_premium/
Meta is able to track its users via WebRTC on Android including private mode and behind VPN
https://www.reddit.com/r/netsec/comments/1l9kxjm/meta_is_able_to_track_its_users_via_webrtc_on/
From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery
https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/
An Open Source agent hacked Mercado Libre
https://www.reddit.com/r/netsec/comments/1l9n9oi/an_open_source_agent_hacked_mercado_libre/
Millions of Vulnerabilities: One Checklist to Kill The Noise
https://www.reddit.com/r/netsec/comments/1l9pblf/millions_of_vulnerabilities_one_checklist_to_kill/
Airlines Secretly Selling Passenger Data to the Government
https://www.schneier.com/blog/archives/2025/06/airlines-secretly-selling-passenger-data-to-the-government.html
Introducing: GitHub Device Code Phishing
https://www.reddit.com/r/netsec/comments/1l9qo58/introducing_github_device_code_phishing/
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Stryker - Android pentesting app with premium access is now free until 2050
Explore this post and more from the netsec community
Top Security News for Today
Paragon Spyware used to Spy on European Journalists
https://www.schneier.com/blog/archives/2025/06/paragon-spyware-used-to-spy-on-european-journalists.html
Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper
https://www.trendmicro.com/en_us/research/25/f/anubis-a-closer-look-at-an-emerging-ransomware.html
Envilder – Secure AWS SSM CLI for Environment Variable Management
https://www.darknet.org.uk/2025/06/envilder-secure-aws-ssm-cli-for-environment-variable-management/
IoTGeM: Generalizable Models for Behaviour-Based IoT Attack Detection
https://arxiv.org/abs/2401.01343
A Unified Framework to Enforce, Discover, and Promote Symmetry in Machine Learning
https://arxiv.org/abs/2311.00212
Two months of Burp AI: empowering security testers with the future of AppSec
https://portswigger.net/blog/two-months-of-burp-ai-empowering-security-testers-with-the-future-of-appsec
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Paragon Spyware used to Spy on European Journalists
https://www.schneier.com/blog/archives/2025/06/paragon-spyware-used-to-spy-on-european-journalists.html
Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper
https://www.trendmicro.com/en_us/research/25/f/anubis-a-closer-look-at-an-emerging-ransomware.html
Envilder – Secure AWS SSM CLI for Environment Variable Management
https://www.darknet.org.uk/2025/06/envilder-secure-aws-ssm-cli-for-environment-variable-management/
IoTGeM: Generalizable Models for Behaviour-Based IoT Attack Detection
https://arxiv.org/abs/2401.01343
A Unified Framework to Enforce, Discover, and Promote Symmetry in Machine Learning
https://arxiv.org/abs/2311.00212
Two months of Burp AI: empowering security testers with the future of AppSec
https://portswigger.net/blog/two-months-of-burp-ai-empowering-security-testers-with-the-future-of-appsec
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Paragon Spyware used to Spy on European Journalists - Schneier on Security
Paragon is a Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of their product. Citizen Lab caught them spying on multiple European journalists with a zero-click iOS exploit: On April 29, 2025…
Top Security News for Today
Make Self-XSS Great Again
https://www.reddit.com/r/netsec/comments/1lb3wfp/make_selfxss_great_again/
GIMP Heap Overflow Re-Discovery and Exploitation (CVE-2025–6035)
https://www.reddit.com/r/netsec/comments/1lbcbap/gimp_heap_overflow_rediscovery_and_exploitation/
Upcoming Speaking Engagements
https://www.schneier.com/blog/archives/2025/06/upcoming-speaking-engagements-47.html
Input on using the ROT and network connection to hack voting and tabulating software and hardware.
https://www.reddit.com/r/netsec/comments/1lbs0a8/input_on_using_the_rot_and_network_connection_to/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Make Self-XSS Great Again
https://www.reddit.com/r/netsec/comments/1lb3wfp/make_selfxss_great_again/
GIMP Heap Overflow Re-Discovery and Exploitation (CVE-2025–6035)
https://www.reddit.com/r/netsec/comments/1lbcbap/gimp_heap_overflow_rediscovery_and_exploitation/
Upcoming Speaking Engagements
https://www.schneier.com/blog/archives/2025/06/upcoming-speaking-engagements-47.html
Input on using the ROT and network connection to hack voting and tabulating software and hardware.
https://www.reddit.com/r/netsec/comments/1lbs0a8/input_on_using_the_rot_and_network_connection_to/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Make Self-XSS Great Again
Posted by AlmondOffSec - 14 votes and 4 comments
Top Security News for Today
Danish government agency to ditch Microsoft software in push for digital independence
https://therecord.media/denmark-digital-agency-microsoft-digital-independence
GoClipC2 - Clipboard for C2 on Windows in Go
https://www.reddit.com/r/netsec/comments/1lbxw0l/goclipc2_clipboard_for_c2_on_windows_in_go/
Government offices in North Carolina, Georgia disrupted by cyberattacks
https://therecord.media/thomasville-nc-government-ogeechee-ga-district-cyberattacks
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
https://www.record.media/cisa-warns-of-simplehelp-ransomware-compromises
Hosting images inside DNS records using TXT
https://www.reddit.com/r/netsec/comments/1lca5o6/hosting_images_inside_dns_records_using_txt/
claws – GitHub Actions Workflow Linter for Secure CI/CD Pipelines
https://www.darknet.org.uk/2025/06/claws-github-actions-workflow-linter-for-secure-ci-cd-pipelines/
Brace Yourselves: The Game-Changing Impact of India's DPDP Act, 2023
https://www.tripwire.com/state-of-security/brace-yourselves-game-changing-impact-indias-dpdp-act
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Danish government agency to ditch Microsoft software in push for digital independence
https://therecord.media/denmark-digital-agency-microsoft-digital-independence
GoClipC2 - Clipboard for C2 on Windows in Go
https://www.reddit.com/r/netsec/comments/1lbxw0l/goclipc2_clipboard_for_c2_on_windows_in_go/
Government offices in North Carolina, Georgia disrupted by cyberattacks
https://therecord.media/thomasville-nc-government-ogeechee-ga-district-cyberattacks
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
https://www.record.media/cisa-warns-of-simplehelp-ransomware-compromises
Hosting images inside DNS records using TXT
https://www.reddit.com/r/netsec/comments/1lca5o6/hosting_images_inside_dns_records_using_txt/
claws – GitHub Actions Workflow Linter for Secure CI/CD Pipelines
https://www.darknet.org.uk/2025/06/claws-github-actions-workflow-linter-for-secure-ci-cd-pipelines/
Brace Yourselves: The Game-Changing Impact of India's DPDP Act, 2023
https://www.tripwire.com/state-of-security/brace-yourselves-game-changing-impact-indias-dpdp-act
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Danish government agency to ditch Microsoft software in push for digital independence
Denmark's digital affairs ministry says it plans to switch to the open source LibreOffice software and away from Microsoft products as part of an effort to make the government more digitally independent.
Top Security News for Today
How to run ADB and fastboot in Termux without root
https://www.reddit.com/r/netsec/comments/1lcnenw/how_to_run_adb_and_fastboot_in_termux_without_root/
Generative AI Is Moving Fast. Are Your Security Practices Keeping Up?
https://www.tripwire.com/state-of-security/generative-ai-moving-fast-are-your-security-practices-keeping
Hackers impersonating US government compromise email account of prominent Russia researcher
https://therecord.media/keir-giles-russia-researcher-email-hacked
Bipartisan bill aims to create CISA-HHS liaison for hospital cyberattacks
https://therecord.media/bill-proposes-cisa-hhs-liaison-hospital-cyberattacks
UK appoints first-ever female chief of foreign intelligence service MI6
https://therecord.media/blaise-metreweli-new-mi6-chief
Whole Foods supplier making progress on restoration after cyberattack left shelves empty
https://therecord.media/unfi-groceries-supplier-cyberattack-update
8.4 million people affected by data breach at Indian car share company Zoomcar
https://therecord.media/8-million-affected-zoomcar-data-breach
US offering $10 million for info on Iranian hackers behind IOControl malware
https://therecord.media/us-offers-reward-for-iran-hacker-iocontrol-malware
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How to run ADB and fastboot in Termux without root
https://www.reddit.com/r/netsec/comments/1lcnenw/how_to_run_adb_and_fastboot_in_termux_without_root/
Generative AI Is Moving Fast. Are Your Security Practices Keeping Up?
https://www.tripwire.com/state-of-security/generative-ai-moving-fast-are-your-security-practices-keeping
Hackers impersonating US government compromise email account of prominent Russia researcher
https://therecord.media/keir-giles-russia-researcher-email-hacked
Bipartisan bill aims to create CISA-HHS liaison for hospital cyberattacks
https://therecord.media/bill-proposes-cisa-hhs-liaison-hospital-cyberattacks
UK appoints first-ever female chief of foreign intelligence service MI6
https://therecord.media/blaise-metreweli-new-mi6-chief
Whole Foods supplier making progress on restoration after cyberattack left shelves empty
https://therecord.media/unfi-groceries-supplier-cyberattack-update
8.4 million people affected by data breach at Indian car share company Zoomcar
https://therecord.media/8-million-affected-zoomcar-data-breach
US offering $10 million for info on Iranian hackers behind IOControl malware
https://therecord.media/us-offers-reward-for-iran-hacker-iocontrol-malware
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: How to run ADB and fastboot in Termux without root
Explore this post and more from the netsec community
Top Security News for Today
How Human Behavior Can Strengthen Healthcare Cybersecurity
https://www.tripwire.com/state-of-security/how-human-behavior-can-strengthen-healthcare-cybersecurity
Are WAFs Obsolete? Pros, Cons, and What the Future Holds
https://www.tripwire.com/state-of-security/are-wafs-obsolete-pros-cons-and-what-future-holds
Where AI Provides Value
https://www.schneier.com/blog/archives/2025/06/where_ai_provides_value.html
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform
https://www.reddit.com/r/netsec/comments/1ldjdo8/is_b_for_backdoor_preauth_rce_chain_in_sitecore/
Security Analysis: MCP Protocol Vulnerabilities in AI Toolchains
https://www.reddit.com/r/netsec/comments/1ldiilv/security_analysis_mcp_protocol_vulnerabilities_in/
UK data privacy regulator fines 23andMe over cyber practices in wake of hack
https://therecord.media/uk-data-privacy-regulator-fines-23andme
Russia detects first SuperCard malware attacks skimming bank data via NFC
https://therecord.media/supercard-nfc-banking-malware-russia
Scattered Spider hackers targeting insurance industry following retail hits
https://therecord.media/scattered-spider-targeting-insurance-sector-following-retail-attacks
Wallet apps aren’t safe either — here’s how attackers exploit their flawed security models
https://www.reddit.com/r/netsec/comments/1le0n3j/wallet_apps_arent_safe_either_heres_how_attackers/
Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/17/qualys-tru-uncovers-chained-lpe-suse-15-pam-to-full-root-via-libblockdev-udisks
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How Human Behavior Can Strengthen Healthcare Cybersecurity
https://www.tripwire.com/state-of-security/how-human-behavior-can-strengthen-healthcare-cybersecurity
Are WAFs Obsolete? Pros, Cons, and What the Future Holds
https://www.tripwire.com/state-of-security/are-wafs-obsolete-pros-cons-and-what-future-holds
Where AI Provides Value
https://www.schneier.com/blog/archives/2025/06/where_ai_provides_value.html
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform
https://www.reddit.com/r/netsec/comments/1ldjdo8/is_b_for_backdoor_preauth_rce_chain_in_sitecore/
Security Analysis: MCP Protocol Vulnerabilities in AI Toolchains
https://www.reddit.com/r/netsec/comments/1ldiilv/security_analysis_mcp_protocol_vulnerabilities_in/
UK data privacy regulator fines 23andMe over cyber practices in wake of hack
https://therecord.media/uk-data-privacy-regulator-fines-23andme
Russia detects first SuperCard malware attacks skimming bank data via NFC
https://therecord.media/supercard-nfc-banking-malware-russia
Scattered Spider hackers targeting insurance industry following retail hits
https://therecord.media/scattered-spider-targeting-insurance-sector-following-retail-attacks
Wallet apps aren’t safe either — here’s how attackers exploit their flawed security models
https://www.reddit.com/r/netsec/comments/1le0n3j/wallet_apps_arent_safe_either_heres_how_attackers/
Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/17/qualys-tru-uncovers-chained-lpe-suse-15-pam-to-full-root-via-libblockdev-udisks
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
How Human Behavior Can Strengthen Healthcare Cybersecurity
Explore how empowering healthcare staff through culture and training can transform them into a powerful frontline defense against cyber threats.
Top Security News for Today
Fault Injection - Follow the White Rabbit
https://www.reddit.com/r/netsec/comments/1lebtyd/fault_injection_follow_the_white_rabbit/
Exploring Netstalking – Mapping the Hidden Corners of the Internet
https://www.darknet.org.uk/2025/06/exploring-netstalking-mapping-the-hidden-corners-of-the-internet/
Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data
https://research.checkpoint.com/2025/minecraft-mod-malware-stargazers/
She Won. They Didn't Just Change the Machines. They Rewired the Election.
https://www.reddit.com/r/netsec/comments/1legjch/she_won_they_didnt_just_change_the_machines_they/
Ghostwriting Scam
https://www.schneier.com/blog/archives/2025/06/ghostwriting-scam.html
Lessons from Qilin: What the Industry’s Most Efficient Ransomware Teaches Us
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/18/qilin-ransomware-explained-threats-risks-defenses
More than 5 million affected by data breach at healthcare tech firm Episource
https://therecord.media/5-million-affected-episource-data-breach
North Korea targeting Indian crypto job applicants with malware
https://therecord.media/north-korea-india-crypto-applicants
2025 Red Team Tools – Cloud & Identity Exploitation, Evasion & Developer Libraries
https://bishopfox.com/blog/2025-red-team-tools-cloud-identity-exploitation-evasion-developer-libraries
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Fault Injection - Follow the White Rabbit
https://www.reddit.com/r/netsec/comments/1lebtyd/fault_injection_follow_the_white_rabbit/
Exploring Netstalking – Mapping the Hidden Corners of the Internet
https://www.darknet.org.uk/2025/06/exploring-netstalking-mapping-the-hidden-corners-of-the-internet/
Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data
https://research.checkpoint.com/2025/minecraft-mod-malware-stargazers/
She Won. They Didn't Just Change the Machines. They Rewired the Election.
https://www.reddit.com/r/netsec/comments/1legjch/she_won_they_didnt_just_change_the_machines_they/
Ghostwriting Scam
https://www.schneier.com/blog/archives/2025/06/ghostwriting-scam.html
Lessons from Qilin: What the Industry’s Most Efficient Ransomware Teaches Us
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/18/qilin-ransomware-explained-threats-risks-defenses
More than 5 million affected by data breach at healthcare tech firm Episource
https://therecord.media/5-million-affected-episource-data-breach
North Korea targeting Indian crypto job applicants with malware
https://therecord.media/north-korea-india-crypto-applicants
2025 Red Team Tools – Cloud & Identity Exploitation, Evasion & Developer Libraries
https://bishopfox.com/blog/2025-red-team-tools-cloud-identity-exploitation-evasion-developer-libraries
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Fault Injection - Follow the White Rabbit
Explore this post and more from the netsec community
Top Security News for Today
Self-Driving Car Video Footage
https://www.schneier.com/blog/archives/2025/06/self-driving-car-video-footage.html
Sleepless Strings - Template Injection in Insomnia
https://www.reddit.com/r/netsec/comments/1lf40wc/sleepless_strings_template_injection_in_insomnia/
Finland could charge Russia-linked ship’s officers over cable breaks by ‘August at the latest’
https://therecord.media/finland-could-charge-eagle-s-ship-officers-cable-breaks
Argentina uncovers suspected Russian spy ring behind disinformation campaigns
https://therecord.media/argentina-russia-spies-disinformation-project-lakhta
Alleged Ryuk ransomware gang member arrested in Ukraine and extradited to US
https://therecord.media/alleged-ryuk-member-arrest-ukraine-extradited-us
DOJ moves to seize $225 million in crypto stolen by scammers
https://therecord.media/doj-moves-to-seize-225-million-in-stolen-crypto
AntiDot Android Malware Analysis
https://www.reddit.com/r/netsec/comments/1lfjatl/antidot_android_malware_analysis/
Frida 17.2.0 Released
https://www.reddit.com/r/netsec/comments/1lfnwgq/frida_1720_released/
GitPhish – OAuth Device Code Phishing for GitHub Repos, Secrets, and CI/CD
https://www.darknet.org.uk/2025/06/gitphish-oauth-device-code-phishing-for-github-repos-secrets-and-ci-cd/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Self-Driving Car Video Footage
https://www.schneier.com/blog/archives/2025/06/self-driving-car-video-footage.html
Sleepless Strings - Template Injection in Insomnia
https://www.reddit.com/r/netsec/comments/1lf40wc/sleepless_strings_template_injection_in_insomnia/
Finland could charge Russia-linked ship’s officers over cable breaks by ‘August at the latest’
https://therecord.media/finland-could-charge-eagle-s-ship-officers-cable-breaks
Argentina uncovers suspected Russian spy ring behind disinformation campaigns
https://therecord.media/argentina-russia-spies-disinformation-project-lakhta
Alleged Ryuk ransomware gang member arrested in Ukraine and extradited to US
https://therecord.media/alleged-ryuk-member-arrest-ukraine-extradited-us
DOJ moves to seize $225 million in crypto stolen by scammers
https://therecord.media/doj-moves-to-seize-225-million-in-stolen-crypto
AntiDot Android Malware Analysis
https://www.reddit.com/r/netsec/comments/1lfjatl/antidot_android_malware_analysis/
Frida 17.2.0 Released
https://www.reddit.com/r/netsec/comments/1lfnwgq/frida_1720_released/
GitPhish – OAuth Device Code Phishing for GitHub Repos, Secrets, and CI/CD
https://www.darknet.org.uk/2025/06/gitphish-oauth-device-code-phishing-for-github-repos-secrets-and-ci-cd/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Self-Driving Car Video Footage - Schneier on Security
Two articles crossed my path recently. First, a discussion of all the video Waymo has from outside its cars: in this case related to the LA protests. Second, a discussion of all the video Tesla has from inside its cars. Lots of things are collecting lots…
Top Security News for Today
Qilin Offers "Call a lawyer" Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay
https://www.tripwire.com/state-of-security/qilin-offers-call-lawyer-button-affiliates-attempting-extort-ransoms-victims
Surveillance in the US
https://www.schneier.com/blog/archives/2025/06/surveillance-in-the-us.html
Aflac says it stopped ransomware attack launched by ‘sophisticated cybercrime group’
https://therecord.media/aflac-cyberattack-potential-data-breach
Krispy Kreme: Over 160,000 people had data stolen during November 2024 cyberattack
https://therecord.media/krispy-kreme-reports-data-breach-from-2024-attack
Russian dairy supply disrupted by cyberattack on animal certification system
https://therecord.media/russia-dairy-supply-disrupted-cyberattack
Tonga Ministry of Health hit with cyberattack affecting website, IT systems
https://therecord.media/tonga-ministry-of-health-hit-with-cyberattack
Steam Phishing: popular as ever
https://bartblaze.blogspot.com/2025/06/steam-phishing-popular-as-ever.html
Judge overturns Biden-era HHS rule on HIPAA protections for those seeking reproductive care
https://therecord.media/judge-overtuns-biden-era-hhs-rule-hipaa-reproductive-care
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Qilin Offers "Call a lawyer" Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay
https://www.tripwire.com/state-of-security/qilin-offers-call-lawyer-button-affiliates-attempting-extort-ransoms-victims
Surveillance in the US
https://www.schneier.com/blog/archives/2025/06/surveillance-in-the-us.html
Aflac says it stopped ransomware attack launched by ‘sophisticated cybercrime group’
https://therecord.media/aflac-cyberattack-potential-data-breach
Krispy Kreme: Over 160,000 people had data stolen during November 2024 cyberattack
https://therecord.media/krispy-kreme-reports-data-breach-from-2024-attack
Russian dairy supply disrupted by cyberattack on animal certification system
https://therecord.media/russia-dairy-supply-disrupted-cyberattack
Tonga Ministry of Health hit with cyberattack affecting website, IT systems
https://therecord.media/tonga-ministry-of-health-hit-with-cyberattack
Steam Phishing: popular as ever
https://bartblaze.blogspot.com/2025/06/steam-phishing-popular-as-ever.html
Judge overturns Biden-era HHS rule on HIPAA protections for those seeking reproductive care
https://therecord.media/judge-overtuns-biden-era-hhs-rule-hipaa-reproductive-care
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
Qilin Offers "Call a lawyer" Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay
Qilin ransomware adds a “Call a Lawyer” button to aid affiliates in ransom negotiations, mimicking legit business tactics.
Top Security News for Today
CoinMarketCap Client-Side Attack: A Comprehensive Analysis by c/side
https://www.reddit.com/r/netsec/comments/1lgu3g6/coinmarketcap_clientside_attack_a_comprehensive/
Unexpected security footguns in Go's parsers
https://www.reddit.com/r/netsec/comments/1lgvxon/unexpected_security_footguns_in_gos_parsers/
Series 2: Implementing the WPA in RAWPA - Part 2
https://www.reddit.com/r/netsec/comments/1lh9lw5/series_2_implementing_the_wpa_in_rawpa_part_2/
🚨 Hack Our Smart Contract, Keep the ETH – $500K Open-Source Heist Challenge Is Live
https://www.reddit.com/r/netsec/comments/1lh2zmu/hack_our_smart_contract_keep_the_eth_500k/
Just casually broke bunq’s sandbox with 0day-level spoofing, and nobody seems to care 🇳🇱
https://www.reddit.com/r/netsec/comments/1lhdhmt/just_casually_broke_bunqs_sandbox_with_0daylevel/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
CoinMarketCap Client-Side Attack: A Comprehensive Analysis by c/side
https://www.reddit.com/r/netsec/comments/1lgu3g6/coinmarketcap_clientside_attack_a_comprehensive/
Unexpected security footguns in Go's parsers
https://www.reddit.com/r/netsec/comments/1lgvxon/unexpected_security_footguns_in_gos_parsers/
Series 2: Implementing the WPA in RAWPA - Part 2
https://www.reddit.com/r/netsec/comments/1lh9lw5/series_2_implementing_the_wpa_in_rawpa_part_2/
🚨 Hack Our Smart Contract, Keep the ETH – $500K Open-Source Heist Challenge Is Live
https://www.reddit.com/r/netsec/comments/1lh2zmu/hack_our_smart_contract_keep_the_eth_500k/
Just casually broke bunq’s sandbox with 0day-level spoofing, and nobody seems to care 🇳🇱
https://www.reddit.com/r/netsec/comments/1lhdhmt/just_casually_broke_bunqs_sandbox_with_0daylevel/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: CoinMarketCap Client-Side Attack: A Comprehensive Analysis by c/side
Explore this post and more from the netsec community