🕵️♂️ Criminals Sending QR Codes in Phishing, Malware Campaigns 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The AntiPhishing Working Group observed how attackers are increasingly abusing QR codes to conduct phishing attacks or to trick users into downloading malware.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Dark Reading
Criminals Sending QR Codes in Phishing, Malware Campaigns
The Anti-Phishing Working Group observed how attackers are increasingly abusing QR codes to conduct phishing attacks or to trick users into downloading malware.
🕵️♂️ IDE Extensions Pose Hidden Risks to Software Supply Chain 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Malicious extensions can be engineered to bypass verification checks for popular integrated development environments, according to research from OX Security.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Dark Reading
IDE Extensions Pose Hidden Risks to Software Supply Chain
Malicious extensions can be engineered to bypass verification checks for popular integrated development environments, according to research from OX Security.
🕵️♂️ Attackers Impersonate Top Brands in Callback Phishing 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Microsoft, PayPal, Docusign, and others are among the trusted brands threat actors use in socially engineered scams that try to get victims to call adversarycontrolled phone numbers.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Darkreading
Attackers Impersonate Top Brands in Callback Phishing
Microsoft, PayPal, Docusign, and others are among the trusted brands threat actors use in socially engineered scams that try to get victims to call adversary-controlled phone numbers.
🖋️ Your AI Agents Might Be Leaking Data — Watch this Webinar to Learn How to Stop It 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Generative AI is changing how businesses work, learn, and innovate. But beneath the surface, something dangerous is happening. AI agents and custom GenAI workflows are creating new, hidden ways for sensitive enterprise data to leakand most teams dont even realize it. If youre building, deploying, or managing AI systems, now is the time to ask Are your AI agents exposing confidential data.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have disclosed two security flaws in the Sudo commandline utility for Linux and Unixlike operating systems that could enable local attackers to escalate their privileges to root on susceptible machines. A brief description of the vulnerabilities is below CVE202532462 CVSS score 2.8 Sudo before 1.9.17p1, when used with a sudoers file that specifies a host.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Taiwan Flags Chinese Apps Over Data Security Violations 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Taiwan warned that popular Chineseowned apps, including TikTok and Weibo, are harvesting personal data and sending it back to servers in China.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Taiwan Flags Chinese Apps Over Data Security Violations
Taiwan warned that popular Chinese-owned apps, including TikTok and Weibo, are harvesting personal data and sending it back to servers in China
👍1
📔 EU Launches Plan to Implement Quantum-Secure Infrastructure 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The EUs Quantum Strategy includes plans to develop secure quantum communication infrastructure across the region.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
EU Launches Plan to Implement Quantum-Secure Infrastructure
The EU’s Quantum Strategy includes plans to develop secure quantum communication infrastructure across the region
📔 WordPress Plugin Flaw Exposes 600,000 Sites to File Deletion 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A severe flaw identified in the Forminator WordPress plugin allows arbitrary file deletion and potential site takeover.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
WordPress Plugin Flaw Exposes 600,000 Sites to File Deletion
A severe flaw identified in the Forminator WordPress plugin allows arbitrary file deletion and potential site takeover
📔 Privilege Escalation Flaw Found in Azure Machine Learning Service 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A critical Azure Machine Learning flaw allows privilege escalation, risking subscription compromise.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Privilege Escalation Flaw Found in Azure Machine Learning Service
A critical Azure Machine Learning flaw allows privilege escalation, risking subscription compromise
📔 CVE Program Launches Two New Forums to Enhance CVE Utilization 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The CVE Board has launched a Consumer Working Group and a Researcher Working Group, allowing new stakeholders to shape the future of the CVE Program.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
CVE Program Launches Two New Forums to Enhance CVE Utilization
The CVE Board has launched a Consumer Working Group and a Researcher Working Group, allowing new stakeholders to shape the future of the CVE Program
📔 Automation and Vulnerability Exploitation Drive Mass Ransomware Breaches 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
ReliaQuest warns that initial access vulnerability exploitation is driving successful ransomware attacks.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Automation and Vulnerability Exploitation Drive Mass Ransomware Breaches
ReliaQuest warns that initial access vulnerability exploitation is driving successful ransomware attacks
📔 North Korean Hackers Target Crypto Firms with Novel macOS Malware 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
SentinelLabs observed North Korean actors deploying novel TTPs to target crypto firms, including a mix of programming languages and signalbased persistence.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
North Korean Hackers Target Crypto Firms with Novel macOS Malware
SentinelLabs observed North Korean actors deploying novel TTPs to target crypto firms, including a mix of programming languages and signal-based persistence
📔 Ransomware: Hunters International Is Not Shutting Down, It's Rebranding 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Some admins of Hunters International are now part of the encryptionless cyber extortion group World Leaks.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Ransomware: Hunters International Is Not Shutting Down, It's Rebranding
Some admins of Hunters International are now part of the encryption-less cyber extortion group World Leaks
🦅 The Week in Vulnerabilities: High-Risk IT and ICS Flaws Flagged by Cyble 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
IT Vulnerabilities " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202507ITVulnerabilities2300x150.webp" datalargefile"httpscyble.comwpcontentuploads202507ITVulnerabilities2.webp" title"The Week in Vulnerabilities HighRisk IT and ICS Flaws Flagged by Cyble 1" Cyble vulnerability intelligence researchers investigated dozens of vulnerabilities this week to highlight the IT and industrial control system ICS vulnerabilities that security teams should prioritize. Cyble honeypot sensors also detected numerous vulnerabilities under active exploitation, and Cyble dark web researchers observed several threat actors discussing vulnerability exploits on underground and cybercrime forums, including a claimed Apple zeroday. What follows are some highlights from Cybles IT and...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
Cyble Reports New Critical ICS And IT Vulnerabilities
Cyble highlights high-risk IT vulnerabilities from June 2025, including zero-days in Chrome, Cisco, WinRAR, and threats to ICS and UPS systems.
🖋️ NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle aka APTQ95 that has been observed targeting Microsoft Exchange servers as a part of a zeroday exploit chain designed to target government, defense, and technology sectors in China. According to QiAnXin's RedDrip Team, the threat actor has been active since 2023 and has switched network.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Taiwan's National Security Bureau NSB has warned that Chinadeveloped applications like RedNote aka Xiaohongshu, Weibo, TikTok, WeChat, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China. The alert comes following an inspection of these apps carried out in coordination with the Ministry of Justice Investigation Bureau MJIB and the Criminal.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
❤1👏1
🖋️ Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Threat actors are weaponizing exposed Java Debug Wire Protocol JDWP interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts. "The attacker used a modified version of XMRig with a hard"coded configuration, allowing them to avoid suspicious commandline arguments that are often flagged by defenders," Wiz researchers Yaara Shriki and Gili.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
❤1
📢 Everything we know about the Ingram Micro cyber attack so far 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Everything we know about the Ingram Micro cyber attack so far
The ransomware attack on Ingram Micro has been claimed by the rapidly-expanding SafePay group
🕵️♂️ Bert Blitzes Linux & Windows Systems 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The new ransomware strain's aggressive multithreading and crossplatform capabilities make it a potent threat to enterprise environments.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Dark Reading
Bert Blitzes Linux & Windows Systems
The new ransomware strain's aggressive multithreading and cross-platform capabilities make it a potent threat to enterprise environments.
🕵️♂️ DPRK macOS 'NimDoor' Malware Targets Web3, Crypto Platforms 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Dark Reading
DPRK macOS 'NimDoor' Malware Targets Web3, Crypto Platforms
Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests.
🕵️♂️ Ransomware Attack Triggers Widespread Outage at Ingram Micro 🕵️♂️
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
The outage began shortly before the July 4 holiday weekend and caused disruptions for customer ordering and other services provided by the IT distributor.📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
Dark Reading
Ransomware Attack Triggers Widespread Outage at Ingram Micro
The outage began shortly before the July 4 holiday weekend and caused disruptions for customer ordering and other services provided by the IT distributor.