Today's Core Dump is brought to you by ThreatPerspective

Biz & IT Ars Technica

Drug cartel hacked FBI official’s phone to track and kill informants, report says

Official was connected to FBI probe of cartel kingpin Joaqu n “El Chapo” Guzm n. The Sinaloa drug cartel in Mexico hacked the phone of an FBI official investigating kingpin Jo

Published: 2025-06-30T19:57:49



Biz & IT Ars Technica

Actively exploited vulnerability gives extraordinary control over server fleets

AMI MegaRAC used in servers from AMD, ARM, Fujitsu, Gigabyte, Supermicro, and Qualcomm. Hackers are exploiting a maximum-severity vulnerability that has the potential to give

Published: 2025-06-26T22:52:42



Biz & IT Ars Technica

Ubuntu disables Intel GPU security mitigations, promises 20% performance boost

Overtime defenses for Spectre-based attacks have taken their toll. Ubuntu users could see up to a 20 percent boost in graphics performance on Intel-based systems under a chang

Published: 2025-06-25T19:39:19



Biz & IT Ars Technica

Canadian telecom hacked by suspected China state group

Maximum-security Cisco vulnerability was patched Oct. 2023 and exploited Feb. 2025. Hackers suspected of working on behalf of the Chinese government exploited a maximum-severi

Published: 2025-06-23T19:21:42



Biz & IT Ars Technica

Israel-tied Predatory Sparrow hackers are waging cyberwar on Iran’s financial system

The hacker group has destroyed more than $90 million held at an Iranian crypto exchange. The Israel-linked hacker group known as Predatory Sparrow has carried out some of the

Published: 2025-06-19T14:40:45



Biz & IT Ars Technica

Address bar shows hp.com. Browser displays scammers’ malicious text anyway.

Microsoft, Apple, Bank of America, and many more sites all targeted. Tech support scammers have devised a method to inject their fake phone numbers into webpages when a target

Published: 2025-06-18T21:10:45



Biz & IT Ars Technica

Cybersecurity takes a big hit in new Trump executive order

Provisions on secure software, quantum resistant crypto, and more are scrapped. Cybersecurity practitioners are voicing concerns over a recent executive order issued by the Wh

Published: 2025-06-17T21:33:01



The Register - Software

What if Microsoft just turned you off? Security pro counts the cost of dependency

Czech researcher lays out a business case for reducing reliance on Redmond Comment A sharply argued blog post warns that heavy reliance on Microsoft poses serious strategic risks for organizations a viewpoint unlikely to win favor with Redmond or

Published: 2025-06-26T18:34:14



Security | The Verge

Microsoft Authenticator is ending support for passwords

Microsoft will soon no longer let you use its Authenticator app to store or autofill passwords. Starting in July, you won t be able to autofill saved passwords using Authenticator, and you ll have to use Microsoft Edge or another password management solution instead. Microsoft also plans on deleting your saved payment information in Authenticator this July […] Microsoft will soon no longer let you use its Authenticator app to store or autofill passwords. Starting in July, you won’t be able to autofill saved passwords using Authenticator, and you’ll have to use Microsoft Edge or another password managemen...

Published: 2025-06-30T14:33:25



Security | The Verge

Hundreds of Brother printer models have an unpatchable security flaw

Serious security flaws have been found in hundreds of Brother printer models that could allow attackers to remotely access devices that are still using default passwords. Eight new vulnerabilities, one of which cannot be fixed by patching the firmware, were discovered in 689 kinds of Brother home and enterprise printers by security company Rapid7.  The […] Serious security flaws have been found in hundreds of Brother printer models that could allow attackers to remotely access devices that are still using default passwords. Eight new vulnerabilities, one of which cannot be fixed by patching the firmw...

Published: 2025-06-30T06:20:23



Security | The Verge

How vulnerable is critical infrastructure to cyberattack in the US?

Our water, health, and energy systems are increasingly vulnerable to cyberattack. Now, when tensions escalate - like when the US bombed nuclear facilities in Iran this month - the safety of these systems becomes of paramount concern. If conflict erup

Published: 2025-06-27T18:31:35



Security | The Verge

Windows is getting rid of the Blue Screen of Death after 40 years

The Blue Screen of Death (BSOD) has held strong in Windows for nearly 40 years, but that's about to change. Microsoft revealed earlier this year that it was overhauling its BSOD error message in Windows 11, and the company has now confirmed that it will soon be known as the Black Screen of Death. The […] The Blue Screen of Death (BSOD) has held strong in Windows for nearly 40 years, but that’s about to change. Microsoft revealed earlier this year that it was overhauling its BSOD error message in Windows 11, and the company has now confirmed that it...

Published: 2025-06-26T11:46:42



Security | The Verge

Russia frees REvil hackers after sentencing

Four members of the REvil ransomware group have been released from custody despite pleading guilty to fraud and malware distribution charges. The Dzerzhinsky Court of St. Petersburg allowed Roman Muromsky, Andrei Bessonov, Mikhail Golovachuk, and Dmitry Korotaev to walk free after sentencing them to five years in prison on Monday, ruling that the gang members […] Four members of the REvil ransomware group have been released from custody despite pleading guilty to fraud and malware distribution charges. The Dzerzhinsky Court of St. Petersburg allowed Roman Muromsky, Andrei Bessonov, Mikhail Golovachuk, and D...

Published: 2025-06-25T09:10:23



Security | The Verge

Microsoft is blocking Google Chrome through its family safety feature

Earlier this month, Microsoft's Family Safety feature, primarily used by parents and schools as a set of parental controls and filters, started randomly blocking Google's Chrome browser from opening on Windows. The first reports surfaced on June 3rd, with some Chrome users noticing the browser kept closing or wouldn t open. Microsoft has introduced a bug […] Earlier this month, Microsoft’s Family Safety feature, primarily used by parents and schools as a set of parental controls and filters, started randomly blocking Google’s Chrome browser from opening on Windows. The first reports surfaced on June 3r...

Published: 2025-06-20T10:00:04



Security | The Verge

Facebook rolls out passkey support to fight phishing attacks

Facebook is adding support for passkeys on its mobile app. That means you ll be able to log into the platform using your device's authentication method, like your fingerprint, face scan, or PIN, making it more difficult for bad actors to take control of your account. Passkeys offer a more secure alternative to typical passwords because […] Facebook is adding support for passkeys on its mobile app. That means you’ll be able to log into the platform using your device’s authentication method, like your fingerprint, face scan, or PIN, making it more difficult for bad actors to take contr...

Published: 2025-06-18T13:14:22



Security | The Verge

Eufy's new smart display keeps an eye on your security cams

Eufy is launching its first portable smart display, designed to allow multiple users to control and monitor security devices from a single hub. The Smart Display E10 is capable of displaying up to four live camera feeds simultaneously and can be paired with the company's AI-supported video doorbells, smart locks, or the Homebase S380 data […] The Eufy Smart Display E10 mounted on a wall. Eufy is launching its first portable smart display, designed to allow multiple users to control and monitor security devices from a single hub. The Smart Display E10 is capable of displaying up to four live camera feeds simultaneously and can be pa...

Published: 2025-06-18T09:58:00



Security | The Verge

Wyze tells us why its security cameras deserve your trust again

In an effort to restore trust in the security of its cameras, smart home brand Wyze has developed VerifiedView a new layer of protection that embeds your user ID into the metadata of every photo, video, and livestream. Wyze claims the system matche

Published: 2025-06-18T09:54:00



Security | The Verge

WhatsApp's rollout of ads will change the app forever

This week, WhatsApp did something its founders said it would never do: it's putting advertisements inside the app. It ends WhatsApp's decade-plus run of offering an ad-free messaging and calling experience. Meta, which acquired WhatsApp in 2014, attempted to justify the decision by saying ads will be sequestered to its "Updates" tab, where you'll see […] This week, WhatsApp did something its founders said it would never do: it's putting advertisements inside the app. It ends WhatsApp's decade-plus run of offering an ad-free messaging and calling experience. Meta, which acquired WhatsApp in 2014, at...

Published: 2025-06-17T18:06:35



BleepingComputer

U.S. warns of Iranian cyber threats on critical infrastructure

U.S. cyber agencies, the FBI, and NSA issued an urgent warning today about potential cyberattacks from Iranian-affiliated hackers targeting U.S. critical infrastructure. [...]

Published: 2025-06-30T18:24:46



BleepingComputer

Switzerland says government data stolen in ransomware attack

The government in Switzerland is informing that sensitive information from various federal offices has been impacted by a ransomware attack at the third-party organization Radix. [...]

Published: 2025-06-30T11:39:42



BleepingComputer

Hikvision Canada ordered to cease operations over security risks

The Canadian government has ordered Hikvision's subsidiary in the country to cease all operations following a review that determined them to pose a national security risk. [...]

Published: 2025-06-30T10:11:17



BleepingComputer

FBI: Cybercriminals steal health data posing as fraud investigators

The Federal Bureau of Investigation (FBI) has warned Americans of cybercriminals impersonating health fraud investigators to steal their sensitive information. [...]

Published: 2025-06-30T08:42:01



BleepingComputer

Over 1,200 Citrix servers unpatched against critical auth bypass flaw

Over 1,200 Citrix NetScaler ADC and NetScaler Gateway appliances exposed online are unpatched against a critical vulnerability believed to be actively exploited, allowing threat actors to bypass authentication by hijacking user sessions. [...]

Published: 2025-06-30T07:47:38



BleepingComputer

Bluetooth flaws could let hackers spy through your microphone

Vulnerabilities affecting a Bluetooth chipset present in more than two dozen audio devices from ten vendors can be exploited for eavesdropping or stealing sensitive information. [...]

Published: 2025-06-29T12:03:19



Threat Intelligence

What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia

Written by: Gabby Roncone, Wesley Shields In cooperation with external partners, Google Threat Intelligence Group (GTIG) observed a Russia state-sponsored cyber threat actor impersonating the U.S. Department of State. From at least April through ea

Published: 2025-06-18T14:00:00



Krebs on Security

Senator Chides FBI for Weak Advice on Mobile Security

Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was report...

Published: 2025-06-30T17:33:59



Gizmodo

Mexican Drug Cartel Hacker Used Surveillance Tech to Target FBI Informants for Execution

Surveillance against the state.... A large white surveillance camera in the foreground against apartment buildings far in the background.

Published: 2025-06-30T20:45:45



The Register - Security

US shuts down a string of North Korean IT worker scams

Resulting in two indictments, one arrest, and 137 laptops seized The US Department of Justice has announced a major disruption of multiple North Korean fake IT worker scams.

Published: 2025-06-30T22:17:39



The Register - Security

British IT worker sentenced to seven months after trashing company network

Don't leave the door open to disgruntled workers A judge has sentenced a disgruntled IT worker to more than seven months in prison after he wreaked havoc on his employer's network following his suspension, according to West Yorkshire Police.

Published: 2025-06-30T18:29:15



The Register - Security

Scattered Spider crime spree takes flight as focus turns to aviation sector

Time ticking for defenders as social engineering pros weave wider web Just a few weeks after warning about Scattered Spider's tactics shifting toward the insurance industry, the same experts now say the aviation industry is now on the ransomware crew's radar.

Published: 2025-06-30T17:31:15



The Register - Security

Sinaloa drug cartel hired a cybersnoop to identify and kill FBI informants

Device compromises and deep-seated access to critical infrastructure exposed surveillance vulnerabilities in agency's work A major Mexican drug cartel insider grassed on his fellow drug-peddlers back in 2018, telling the FBI that a cartel "hacker" was tracking a federal official and using their deep-rooted access to the country's critical infrastructure to kill informants.

Published: 2025-06-30T13:13:10



The Register - Security

Your browser has ad tech's fingerprints all over it, but there's a clean-up squad in town

Like being hard to spot? They d much rather you didn't Opinion There are few tech deceptions more successful than Chrome's Incognito Mode.

Published: 2025-06-30T08:33:12



The Register - Security

Canada orders Chinese CCTV biz Hikvision to quit the country ASAP

PLUS: Broadband blimps to fly in Japan; Starbucks China put ads before privacy; and more! Asia In Brief Canada's government has ordered Chinese CCTV systems vendor Hikvision to cease its local operations.

Published: 2025-06-30T03:26:11



The Register - Security

It's 2025 and almost half of you are still paying ransomware operators

PLUS: Crooks target hardware crypto wallets; Bad flaws in Brother printers; ,O365 allows takeover-free phishing; and more Infosec in Brief Despite warnings not to pay ransomware operators, almost half of those infected by the malware send cash to the crooks who planted it, according to infosec software slinger Sophos.

Published: 2025-06-30T00:34:56



The Register - Security

Ex-NATO hacker: 'In the cyber world, there's no such thing as a ceasefire'

Watch out for supply chain hacks especially interview The ceasefire between Iran and Israel may prevent the two countries from firing missiles at each other, but it won't carry any weight in cyberspace, according to former NATO hacker Candan Bolukbas.

Published: 2025-06-28T14:01:10



The Register - Security

Crims are posing as insurance companies to steal health records and payment info

Taking advantage of the ridiculously complex US healthcare billing system Criminals masquerading as insurers are tricking patients and healthcare providers into handing over medical records and bank account information via emails and text messages, according to the FBI.

Published: 2025-06-27T22:59:14



The Register - Security

Cisco punts network-security integration as key for agentic AI

Getting it in might mean re-racking the entire datacenter and rebuilding the network, though Cisco is talking up the integration of security into network infrastructure such as its latest Catalyst switches, claiming this is vital to AI applications, and in particular the current vogue for "agentic AI."

Published: 2025-06-27T17:29:13



The Register - Security

Aloha, you ve been pwned: Hawaiian Airlines discloses cybersecurity event

'No impact on safety,' FAA tells The Reg update Hawaiian Airlines said a "cybersecurity incident" affected some of its IT systems, but noted that flights are operating as scheduled. At least one researcher believes Scattered Spider, which previously targeted retailers and insurance companies, could be to blame.

Published: 2025-06-27T16:56:12



The Register - Security

So you CAN turn an entire car into a video game controller

Pen Test Partners hijack data from Renault Clio to steer, brake, and accelerate in SuperTuxKart Cybersecurity nerds figured out a way to make those at-home racing simulators even more realistic by turning an actual car into a game controller.

Published: 2025-06-27T15:27:12



The Register - Security

Data spill in aisle 5: Grocery giant Ahold Delhaize says 2.2M affected after cyberattack

Finance, health, and national identification details compromised Multinational grocery and retail megacorp Ahold Delhaize says upwards of 2.2 million people had their data compromised during its November cyberattack with personal, financial and health details among the trove.

Published: 2025-06-27T13:39:03



The Register - Security

FBI used bitcoin wallet records to peg notorious IntelBroker as UK national

Pro tip: Don't use your personal email account on BreachForums The notorious data thief known as IntelBroker allegedly broke into computer systems belonging to more than 40 victims worldwide and stole their data, costing them at least $25 million in damages, according to newly unsealed court documents that also name IntelBroker as 25-year-old British national Kai West.

Published: 2025-06-26T19:02:09



The Register - Security

What if Microsoft just turned you off? Security pro counts the cost of dependency

Czech researcher lays out a business case for reducing reliance on Redmond Comment A sharply argued blog post warns that heavy reliance on Microsoft poses serious strategic risks for organizations a viewpoint unlikely to win favor with Redmond or its millions of corporate customers.

Published: 2025-06-26T18:34:14



The Register - Security

Cisco fixes two critical make-me-root bugs on Identity Services Engine components

A 10.0 and a 9.8 these aren't patches to dwell on Cisco has dropped patches for a pair of critical vulnerabilities that could allow unauthenticated remote attackers to execute code on vulnerable systems.

Published: 2025-06-26T17:30:08



The Register - Security

Glasgow City Council online services crippled following cyberattack

Nothing confirmed but authority is operating under the assumption that data has been stolen A cyberattack on Glasgow City Council is causing massive disruption with a slew of its digital services unavailable.

Published: 2025-06-26T12:01:15



The Register - Security

Qilin ransomware attack on NHS supplier contributed to patient fatality

Pathology outage caused by Synnovis breach linked to harm across dozens of healthcare facilities The NHS says Qilin's ransomware attack on pathology services provider Synnovis last year led to the death of a patient.

Published: 2025-06-26T11:02:09



The Register - Security

UK to buy nuclear-capable F-35As that can't be refueled from RAF tankers

Aircraft meant to bolster NATO deterrent will rely on allied support to stay airborne The UK government is to buy 12 F-35A fighters capable of carrying nuclear weapons as part of the NATO deterrent, but there's a snag: the new jets are incompatible with the RAF's refueling tanker aircraft.

Published: 2025-06-26T09:14:09



The Register - Security

Frozen foods supermarket chain deploys facial recognition tech

Privacy campaigner brands Iceland's use of 'Orwellian' camera tech 'chilling,' CEO responds: 'It'll cut violent crime' Privacy campaigners are branding frozen food retailer Iceland's decision to trial facial recognition technology (FRT) at several stores "chilling" the UK supermarket chain says it's deploying the cameras to cut down on crime.

Published: 2025-06-26T08:30:06



The Register - Security

That WhatsApp from an Israeli infosec expert could be a Iranian phish

Charming Kitten unsheathes its claws and tries to catch credentials The cyber-ops arm of Iran's Islamic Revolutionary Guard Corps has started a spear-phishing campaign intent on stealing credentials from Israeli journalists, cybersecurity experts, and computer science professors from leading Israeli universities.

Published: 2025-06-26T06:28:14



The Register - Security

Citrix bleeds again: This time a zero-day exploited - patch now

Two emergency patches issued in two weeks Hot on the heels of patching a critical bug in Citrix-owned Netscaler ADC and NetScaler Gateway that one security researcher dubbed "CitrixBleed 2," the embattled networking device vendor today issued an emergency patch for yet another super-serious flaw in the same products but not before criminals found and exploited it as a zero-day.

Published: 2025-06-25T21:10:02



The Register - Security

Amazon's Ring can now use AI to 'learn the routines of your residence'

It's meant to cut down on false positives but could be a trove for mischief-makers Ring doorbells and cameras are using AI to "learn the routines of your residence," via a new feature called Video Descriptions.

Published: 2025-06-25T19:02:06



The Register - Security

Computer vision research feeds surveillance tech as patent links spike 5

A bottomless appetite for tracking people as 'objects' A new study shows academic computer vision papers feeding surveillance-enabling patents jumped more than fivefold from the 1990s to the 2010s.

Published: 2025-06-25T17:55:08



The Register - Security

Supply chain attacks surge with orgs 'flying blind' about dependencies

Who is the third party that does the thing in our thing? Yep. Attacks explode over past year The vast majority of global businesses are handling at least one material supply chain attack per year, but very few are doing enough to counter the growing threat.

Published: 2025-06-25T17:36:13



The Register - Security

French cybercrime police arrest five suspected BreachForums admins

Twentysomethings claimed to be linked to spate of high-profile cybercrimes The Paris police force's cybercrime brigade (BL2C) has arrested a further four men as part of a long-running investigation into the criminals behind BreachForums.

Published: 2025-06-25T15:34:56



The Register - Security

UK govt dept website that campaigns against encryption hijacked to advertise ... payday loans

Company at center of findings blamed SEO on outsourcer A website developed for the UK Home Office's 2022 "flop" anti-encryption campaign has seemingly been hijacked to push a payday loan scheme.

Published: 2025-06-25T09:26:17



The Register - Security

Don't panic, but it's only a matter of time before critical 'CitrixBleed 2' is under attack

Why are you even reading this story? Patch now! Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous CitrixBleed flaw exploited by ransomware gangs and other cyber scum, although there haven't been any reports of active exploitation. Yet.

Published: 2025-06-24T21:01:12



The Register - Security

Beware of fake SonicWall VPN app that steals users' credentials

A good reminder not to download apps from non-vendor sites Unknown miscreants are distributing a fake SonicWall app to steal users' VPN credentials.

Published: 2025-06-24T17:22:32



The Register - Security

The vulnerability management gap no one talks about

If an endpoint goes ping but isn't on the network, does anyone hear it? Partner content Recently, I've been diving deep into security control data across dozens of organizations, and what I've found has been both fascinating and alarming. Most security teams I work with can rattle off their vulnerability management statistics with confidence. They know their scan schedules, their remediation timelines, and their critical vulnerability counts. They point to clean dashboards and comprehensive reports as proof that their programs are working.

Published: 2025-06-24T15:01:42



The Register - Security

Four REvil ransomware crooks walk free, escape gulag fate, after admitting guilt

Russian judge lets off accused with time served but others who refused to plead guilty face years in penal colony Four convicted members of the once-supreme ransomware operation REvil are leaving captivity after completing most of their five-year sentences.

Published: 2025-06-24T11:46:09



The Register - Security

Psylo browser tries to obscure digital fingerprints by giving every tab its own IP address

Gotta keep 'em separated so the marketers and snoops can't come out and play Psylo, which bills itself as a new kind of private web browser, debuted last Tuesday in Apple's App Store, one day ahead of a report warning about the widespread use of browser fingerprinting for ad tracking and targeting.

Published: 2025-06-24T06:32:15



The Register - Security

Typhoon-like gang slinging TLS certificate 'signed' by the Los Angeles Police Department

Chinese crew built 1,000+ device network that runs on home devices then targets critical infrastructure A stealthy, ongoing campaign to gain long-term access to networks bears all the markings of intrusions conducted by China's Typhoon crews and has infected at least 1,000 devices, primarily in the US and South East, according to SecurityScorecard's Strike threat intel analysts. And it uses a phony certificate purportedly signed by the Los Angeles police department to try and gain access to critical infrastructure.

Published: 2025-06-23T23:45:14



The Register - Security

Iran cyberattacks against US biz more likely following air strikes

Plus 'low-level' hacktivist attempts The US Department of Homeland Security has warned American businesses to guard their networks against Iranian government-sponsored cyberattacks along with "low-level" digital intrusions by pro-Iran hacktivists.

Published: 2025-06-23T18:41:44



The Register - Security

Second attack on McLaren Health Care in a year affects 743k people

Criminals targeted the hospital and physician network's Detroit cancer clinic this time McLaren Health Care is in the process of writing to 743,131 individuals now that it fully understands the impact of its July 2024 cyberattack.

Published: 2025-06-23T15:48:37



The Register - Security

Experts count staggering costs incurred by UK retail amid cyberattack hell

Cyber Monitoring Centre issues first severity assessment since February launch Britain's Cyber Monitoring Centre (CMC) estimates the total cost of the cyberattacks that crippled major UK retail organizations recently could be in the region of 270-440 million ($362-591 million).

Published: 2025-06-23T11:29:33



The Register - Security

Former US Army Sergeant pleads guilty after amateurish attempt at selling secrets to China

PLUS: 5.4M healthcare records leak; AI makes Spam harder to spot; Many nasty Linux vulns; and more Infosec in brief A former US Army sergeant has admitted he attempted to sell classified data to China.

Published: 2025-06-23T00:33:46



The Register - Security

Netflix, Apple, BofA websites hijacked with fake help-desk numbers

Don't trust mystery digits popping up in your search bar Scammers are hijacking the search results of people needing 24/7 support from Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal in an attempt to trick victims into handing over personal or financial info, according to Malwarebytes senior director of research J r me Segura.

Published: 2025-06-20T21:10:13



The Register - Security

Looks like Aflac is the latest insurance giant snagged in Scattered Spider's web

If it looks like a duck and walks like a duck... Aflac is the latest insurance company to disclose a security breach following a string of others earlier this week, all of which appear to be part of Scattered Spider's most recent data theft campaign.

Published: 2025-06-20T17:55:13



The Register - Security

Qilin ransomware top dogs treat their minions to on-call lawyers for fierier negotiations

It's a marketing move to lure more affiliates, says infosec veteran The latest marketing ploy from the ransomware crooks behind the Qilin operation involves offering affiliates access to a crack team of lawyers to ramp up pressure in ransom negotiations.

Published: 2025-06-20T17:31:08



The Register - Security

Attack on Oxford City Council exposes 21 years of election worker data

Services coming back online after legacy systems compromised Oxford City Council says a cyberattack earlier this month resulted in 21 years of data being compromised.

Published: 2025-06-20T10:45:35



The Register - Security

Boffins devise voice-altering tech to jam 'vishing' schemes

To stop AI scam callers, break automatic speech recognition systems Researchers based in Israel and India have developed a defense against automated call scams.

Published: 2025-06-19T19:25:08



The Register - Security

Uncle Sam seeks time in tower dump data grab case after judge calls it 'unconstitutional'

Feds told they can't demand a haystack to find a needle The United States is requesting [PDF] a month-long extension to the deadline for its final decision regarding an appeal against a judge's ruling that obtaining tower dumps is unconstitutional.

Published: 2025-06-19T16:30:06



The Register - Security

Glazed and confused: Hole lotta highly sensitive data nicked from Krispy Kreme

Experts note 'major red flags' in donut giant's security as 161,676 staff and families informed of attack details Krispy Kreme finally revealed the number of people affected by its November cyberattack, and it's easy to see why analyzing the incident took the well-resourced company several months.

Published: 2025-06-19T13:29:11



The Register - Security

UK gov asks university boffins to pinpoint cyber growth areas where it should splash cash

Good to see government that values its academics (cough cough). Plus: New board criticized for lacking 'ops' people Cybersecurity experts have started a formal review into the UK cybersecurity market, at the government's request, to identify future growth opportunities as it looks to grow the industry that's core to the country's Industrial Strategy.

Published: 2025-06-19T11:57:07



The Register - Security

Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware

Phishing, Python and RATs, oh my A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.

Published: 2025-06-19T06:29:12



The Register - Security

Iran's internet goes offline for hours amid claims of enemy abuse

Bank and crypto outfits hit after Israeli commander mentioned attacks expanding to other areas The government of Iran appears to have shut down the internet within its borders, perhaps in response to Israel-linked cyberattacks.

Published: 2025-06-19T03:46:09



The Register - Security

Minecraft cheaters never win ... but they may get malware

Infostealers posing as popular cheat tools are cropping up on GitHub Trojanized Minecraft cheat tools hosted on GitHub have secretly installed stealers that siphon credentials, crypto wallets, and other sensitive data when executed by players.

Published: 2025-06-18T21:06:39



The Register - Security

Asana's cutting-edge AI feature ran into a little data leakage problem

New MCP server was shut down for nearly two weeks Asana has fixed a bug in its Model Context Protocol (MCP) server that could have allowed users to view other organizations' data, and the experimental feature is back up and running after nearly two weeks of downtime to fix the issue.

Published: 2025-06-18T19:32:14



The Register - Security

Veeam patches third critical RCE bug in Backup & Replication in space of a year

Version 13 can't come soon enough Veeam Backup & Replication users are urged to apply the latest patches that fix another critical bug leading to remote code execution (RCE) on backup servers.

Published: 2025-06-18T13:33:11



Security Latest

Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams

The US Justice Department revealed the identity theft number along with one arrest and a crackdown on “laptop farms” that allegedly facilitate North Korean tech worker impersonators across the US.

Published: 2025-06-30T20:00:39



Security Latest

ICE Rolls Facial Recognition Tools Out to Officers' Phones

Plus: US feds charge alleged masterminds behind infamous forum, Scattered Spider targets airlines, and hackers open a valve at a Norwegian dam.

Published: 2025-06-28T10:30:00



Security Latest

US Supreme Court Upholds Texas Porn ID Law

In a 6-3 decision, the Supreme Court held that age verification for explicit sites is constitutional. In a dissent, Justice Elena Kagan warned it burdens adults and ignores First Amendment precedent.

Published: 2025-06-27T15:36:57



Security Latest

‘They're Not Breathing’: Inside the Chaos of ICE Detention Center 911 Calls

Records of hundreds of emergency calls from ICE detention centers obtained by WIRED including audio recordings show a system inundated by life-threatening incidents, delayed treatment, and overcrowding.

Published: 2025-06-25T21:21:09



Security Latest

Telegram Purged Chinese Crypto Scam Markets Then Watched as They Rebuilt

Last month, Telegram banned black markets that sold tens of billions of dollars in crypto scam-related services. Now, as those markets rebrand and bounce back, it’s done nothing to stop them.

Published: 2025-06-23T16:48:39



Security Latest

Taiwan Is Rushing to Make Its Own Drones Before It's Too Late

Unmanned vehicles are increasingly becoming essential weapons of war. But with a potential conflict with China looming large, Taiwan is scrambling to build a domestic drone industry from scratch.

Published: 2025-06-23T10:00:00



Security Latest

What Satellite Images Reveal About the US Bombing of Iran's Nuclear Sites

The US concentrated its attack on Fordow, an enrichment plant built hundreds of feet underground. Aerial photos give important clues about what damage the “bunker-buster” bombs may have caused.

Published: 2025-06-22T21:41:46



Security Latest

Truth Social Crashes as Trump Live-Posts Iran Bombing

The social network started experiencing global outages within minutes of Donald Trump posting details of a US military strike on Iran.

Published: 2025-06-22T01:10:32



Security Latest

Israel Says Iran Is Hacking Security Cameras for Spying

Plus: Ukrainian hackers reportedly knock out a key Russian internet provider, China’s Salt Typhoon hackers claim another victim, and the UK hits 23andMe with a hefty fine over its 2023 data breach.

Published: 2025-06-21T10:00:00



Security Latest

Iran’s Internet Blackout Adds New Dangers for Civilians Amid Israeli Bombings

Iran is limiting internet connectivity for citizens amid Israeli airstrikes pushing people towards domestic apps, which may not be secure, and limiting their ability to access vital information.

Published: 2025-06-18T18:17:52



Security Latest

Israel-Tied Predatory Sparrow Hackers Are Waging Cyberwar on Iran’s Financial System

After an attack on Iran’s Sepah bank, the hyper-aggressive Israel-linked hacker group has now destroyed more than $90 million held at Iranian crypto exchange Nobitex.

Published: 2025-06-18T14:40:12



Security Latest

Minnesota Shooting Suspect Allegedly Used Data Broker Sites to Find Targets’ Addresses

The shooter allegedly researched several “people search” sites in an attempt to target his victims, highlighting the potential dangers of widely available personal data.

Published: 2025-06-17T02:24:10



Security Latest

How to Protect Yourself From Phone Searches at the US Border

Customs and Border Protection has broad authority to search travelers’ devices when they cross into the United States. Here’s what you can do to protect your digital life while at the US border.

Published: 2025-06-16T10:00:00



Security Latest

The WIRED Guide to Protecting Yourself From Government Surveillance

Donald Trump has vowed to deport millions and jail his enemies. To carry out that agenda, his administration will exploit America’s digital surveillance machine. Here are some steps you can take to evade it.

Published: 2025-06-16T10:00:00



Security Latest

6 Tools for Tracking the Trump Administration’s Attacks on Civil Liberties

The White House has undertaken initiatives to crack down on immigration, suppress speech, and curtail US public health efforts. These online tools are tracking the rapidly changing US landscape.

Published: 2025-06-16T10:00:00



Security Latest

Why We Made a Guide to Winning a Fight

Right now, everyone seems ready to throw down. More than ever, it’s important to fight smart and not give up until you land a decisive blow.

Published: 2025-06-16T10:00:00



The Hacker News

U.S. Agencies Warn of Rising Iranian Cyberattacks on Defense, OT Networks, and Critical Infrastructure

U.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber-attacks from Iranian state-sponsored or affiliated threat actors.  "Over the past several months, there has been increasing activity from hacktivists and Iranian government-affiliated actors, which is expected to escalate due to recent events," the agencies said. "These cyber actors often

Published: 2025-06-30T21:59:00



The Hacker News

Europol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five Suspects

Europol on Monday announced the takedown of a cryptocurrency investment fraud ring that laundered 460 million ($540 million) from more than 5,000 victims across the world. The operation, the agency said, was carried out by the Spanish Guardia Civil, along with support from law enforcement authorities from Estonia, France, and the United States. Europol said the investigation into the syndicate

Published: 2025-06-30T20:47:00



The Hacker News

Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks

The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66. Trustwave SpiderLabs, in a report published last week, said it was able to make this connection by pivoting from Proton66-linked digital assets, leading to the discovery of an active threat cluster that leverages Visual Basic Script (VBS) files as its

Published: 2025-06-30T19:00:00



The Hacker News

Leveraging Credentials As Unique Identifiers: A Pragmatic Approach To NHI Inventories

Identity-based attacks are on the rise. Attacks in which malicious actors assume the identity of an entity to easily gain access to resources and sensitive data have been increasing in number and frequency over the last few years. Some recent reports estimate that 83% of attacks involve compromised secrets. According to reports such as the Verizon DBIR, attackers are more commonly using stolen

Published: 2025-06-30T16:30:00



The Hacker News

Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more

Ever wonder what happens when attackers don’t break the rules they just follow them better than we do? When systems work exactly as they’re built to, but that “by design” behavior quietly opens the door to risk? This week brings stories that make you stop and rethink what’s truly under control. It’s not always about a broken firewall or missed patch it’s about the small choices, default settings

Published: 2025-06-30T15:46:00



The Hacker News

FBI Warns of Scattered Spider's Expanding Attacks on Airlines Using Social Engineering

The U.S. Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening its targeting footprint to strike the airline sector. To that end, the agency said it's actively working with aviation and industry partners to combat the activity and help victims. "These actors rely on social engineering techniques, often impersonating

Published: 2025-06-28T15:18:00



The Hacker News

GIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering Tool

The threat actor behind the GIFTEDCROOK malware has made significant updates to turn the malicious program from a basic browser data stealer to a potent intelligence-gathering tool. "Recent campaigns in June 2025 demonstrate GIFTEDCROOK's enhanced ability to exfiltrate a broad range of sensitive documents from the devices of targeted individuals, including potentially proprietary files and

Published: 2025-06-28T13:28:00



The Hacker News

Facebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns

Facebook, the social network platform owned by Meta, is asking for users to upload pictures from their phones to suggest collages, recaps, and other ideas using artificial intelligence (AI), including those that have not been directly uploaded to the service. According to TechCrunch, which first reported the feature, users are being served a new pop-up message asking for permission to "allow

Published: 2025-06-28T12:49:00



The Hacker News

Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups. The Operational Relay Box (ORB) network has been codenamed LapDogs by SecurityScorecard's STRIKE team. "The LapDogs network has a high concentration of victims

Published: 2025-06-27T21:28:00



The Hacker News

PUBLOAD and Pubshell Malware Used in Mustang Panda's Tibet-Specific Attack

A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. The spear-phishing attacks leveraged topics related to Tibet, such as the 9th World Parliamentarians' Convention on Tibet (WPCT), China's education policy in the Tibet Autonomous Region (TAR), and a recently published book by the 14th Dalai Lama,

Published: 2025-06-27T18:55:00



The Hacker News

Business Case for Agentic AI SOC Analysts

Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected to reduce risk and deliver results without relying on larger teams or increased spending. At the same time, SOC inefficiencies are draining resources. Studies show that up to half of all

Published: 2025-06-27T16:30:00



The Hacker News

Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The activity has been attributed with medium confidence to a Chinese hacking group called Silver Fox (aka Void Arachne), citing similarities in tradecraft with previous campaigns attributed to the threat actor.

Published: 2025-06-27T15:55:00



The Hacker News

MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025 suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems.MOVEit Transfer is a popular managed file transfer solution used by businesses and government agencies to share sensitive data

Published: 2025-06-27T13:13:00



The Hacker News

OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors. "The campaign exhibits characteristics aligned with Chinese-affiliated threat actors, though attribution remains cautious," Trellix researchers Nico Paulo

Published: 2025-06-27T12:01:00



The Hacker News

Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks

Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry ("open-vsx[.]org") that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk. "This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control

Published: 2025-06-26T22:16:00



The Hacker News

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user. The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of the defects is

Published: 2025-06-26T18:54:00



The Hacker News

New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

The ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of 2024 and the first half of this year, according to data from ESET. "The list of threats that ClickFix attacks lead to is growing by the day, including infostealers, ransomware, remote access trojans, cryptominers, post-exploitation tools, and even

Published: 2025-06-26T18:33:00



The Hacker News

The Hidden Risks of SaaS: Why Built-In Protections Aren't Enough for Modern Data Resilience

SaaS Adoption is Skyrocketing, Resilience Hasn’t Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn’t. These platforms weren’t built with full-scale data

Published: 2025-06-26T16:30:00



The Hacker News

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel. "In some of those campaigns, Israeli technology and cyber security professionals were approached by attackers who posed as fictitious assistants to

Published: 2025-06-26T14:15:00



The Hacker News

Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa

Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain access. Palo Alto Networks Unit 42 is tracking the activity under the moniker CL-CRI-1014, where "CL" refers to "cluster" and "CRI" stands for "criminal motivation." It's suspected

Published: 2025-06-26T12:49:00



The Hacker News

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-54085 (CVSS score: 10.0) - An authentication bypass by spoofing

Published: 2025-06-26T11:32:00



The Hacker News

WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews

Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature, called Message Summaries, is currently rolling out in the English language to users in the United States, with plans to bring it to other regions and languages later this year. It "uses Meta AI to

Published: 2025-06-26T10:06:00



The Hacker News

nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery

New research has uncovered continued risk from a known security weakness in Microsoft's Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications. Identity security company Semperis, in an analysis of 104 SaaS applications, found nine of them to be vulnerable to Entra ID cross-tenant nOAuth abuse. First disclosed by

Published: 2025-06-25T22:26:00



The Hacker News

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9.2 out of a maximum of 10.0. It has been described as a case of memory overflow that could result in unintended control flow and denial-of-service. However, successful exploitation requires the

Published: 2025-06-25T20:21:00



The Hacker News

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions. The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January

Published: 2025-06-25T19:07:00



The Hacker News

Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games

Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah. Cybersecurity company Resecurity said the breach was announced on Telegram on June 22, 2025, in the form of SQL database dumps, characterizing it as an information operation "carried out by Iran and its proxies." "The actors

Published: 2025-06-25T16:30:00



The Hacker News

Beware the Hidden Risk in Your Entra Environment

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk.  A gap in access control in Microsoft Entra’s subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them.  All the guest user needs are the permissions to create subscriptions in

Published: 2025-06-25T16:00:00



The Hacker News

SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks

Unknown threat actors have been distributing a trojanized version of SonicWall's SSL VPN NetExtender application to steal credentials from unsuspecting users who may have installed it. "NetExtender enables remote users to securely connect and run applications on the company network," SonicWall researcher Sravan Ganachari said. "Users can upload and download files, access network drives, and use

Published: 2025-06-25T14:15:00



The Hacker News

North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages

Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation originating from North Korea. According to Socket, the ongoing supply chain attack involves 35 malicious packages that were uploaded from 24 npm accounts. These packages have been collectively downloaded over 4,000 times. The complete list of the JavaScript

Published: 2025-06-25T13:42:00



The Hacker News

Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options

Microsoft on Tuesday announced that it's extending Windows 10 Extended Security Updates (ESU) for an extra year by letting users either pay a small fee of $30 or by sync their PC settings to the cloud. The development comes ahead of the tech giant's upcoming October 14, 2025, deadline, when it plans to officially end support and stop providing security updates for devices running Windows 10. The

Published: 2025-06-25T10:40:00



The Hacker News

New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public

The United States Embassy in India has announced that applicants for F, M, and J nonimmigrant visas should make their social media accounts public. The new guideline seeks to help officials verify the identity and eligibility of applicants under U.S. law. The U.S. Embassy said every visa application review is a "national security decision." "Effective immediately, all individuals applying for an

Published: 2025-06-25T00:17:00



The Hacker News

Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue

Cybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets. The methods take advantage of the design of various common mining topologies in order to shut down the mining process, Akamai said in a new report published today. "We developed two techniques by leveraging the mining topologies and pool policies that enable us to reduce a

Published: 2025-06-24T19:47:00



The Hacker News

Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers

Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials. Positive Technologies, in a new analysis published last week, said it identified two different kinds of keylogger code written in JavaScript on the Outlook login page - Those that save collected data to a local file

Published: 2025-06-24T18:56:00



The Hacker News

Between Buzz and Reality: The CTEM Conversation We All Need

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn’t have asked for a better kickoff panel: three cybersecurity leaders who don’t just talk security, they live it. Let me introduce them. Alex Delay, CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead, Director of Cybersecurity at Avidity

Published: 2025-06-24T16:30:00



The Hacker News

Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network

Misconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine cryptocurrency in susceptible environments. "Attackers are exploiting misconfigured Docker APIs to gain access to containerized environments, then using Tor to mask their activities while deploying crypto miners," Trend Micro researchers Sunil Bharti and Shubham Singh said in an

Published: 2025-06-24T15:27:00



The Hacker News

U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues

The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns. The development was first reported by Axios. The decision, according to the House Chief Administrative Officer (CAO), was motivated by worries about the app's security. "The Office of Cybersecurity has deemed WhatsApp a high-risk to users

Published: 2025-06-24T14:46:00



The Hacker News

APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the Russia-linked APT28 (aka UAC-0001) threat actors using Signal chat messages to deliver two previously undocumented malware families dubbedd BEARDSHELL and COVENANT. BEARDSHELL, per CERT-UA, is written in C++ and offers the ability to download and execute PowerShell scripts, as well as

Published: 2025-06-24T14:36:00



The Hacker News

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major global telecommunications providers as part of a cyber espionage campaign. The attackers exploited a critical Cisco IOS XE software (CVE-2023-20198, CVSS score: 10.0) to access configuration

Published: 2025-06-24T08:30:00



The Hacker News

Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content

Cybersecurity researchers are calling attention to a new jailbreaking method called Echo Chamber that could be leveraged to trick popular large language models (LLMs) into generating undesirable responses, irrespective of the safeguards put in place. "Unlike traditional jailbreaks that rely on adversarial phrasing or character obfuscation, Echo Chamber weaponizes indirect references, semantic

Published: 2025-06-23T21:28:00



The Hacker News

DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes

The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the Iran Israel war that commenced on June 13, 2025. Stating that the ongoing conflict has created a "heightened threat environment" in the country, the Department of Homeland Security (DHS) said in a bulletin that cyber actors are likely to

Published: 2025-06-23T20:44:00



The Hacker News

XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks

Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025. The attack chains are said to have leveraged a collection of Windows shortcut (LNK) files as part of a multi-stage procedure to deploy the malware, French cybersecurity company HarfangLab said. XDSpy is the name assigned to a cyber

Published: 2025-06-23T18:42:00



The Hacker News

How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout

It sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half the data and twice the pressure. Analysts are overwhelmed not just by threats, but by the systems and processes in place that are meant to help them respond. Tooling is fragmented. Workflows are heavy. Context lives in five places, and alerts never slow down. What started as a

Published: 2025-06-23T16:55:00



The Hacker News

Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks

Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems. "Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections

Published: 2025-06-23T16:16:00



The Hacker News

Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More

Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent until they are. What if your environment is already being tested, just not in ways you expected? Some of the most dangerous moves are hidden in plain sight. It’s worth asking: what patterns are we missing, and what signals are we ignoring because they don’t match old

Published: 2025-06-23T15:00:00



The Hacker News

Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages

The April 2025 cyber attacks targeting U.K. retailers Marks & Spencer and Co-op have been classified as a "single combined cyber event." That's according to an assessment from the Cyber Monitoring Centre (CMC), a U.K.-based independent, non-profit body set up by the insurance industry to categorize major cyber events. "Given that one threat actor claimed responsibility for both M&S and

Published: 2025-06-21T15:14:00



The Hacker News

Qilin Ransomware Adds "Call Lawyer" Feature to Pressure Victims for Larger Ransoms

The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme are now offering legal counsel for affiliates to put more pressure on victims to pay up, as the cybercrime group intensifies its activity and tries to fill the void left by its rivals. The new feature takes the form of a "Call Lawyer" feature on the affiliate panel, per Israeli cybersecurity company Cybereason. The

Published: 2025-06-20T22:05:00



The Hacker News

Iran's State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist

Iran's state-owned TV broadcaster was hacked Wednesday night to interrupt regular programming and air videos calling for street protests against the Iranian government, according to multiple reports. It's currently not known who is behind the attack, although Iran pointed fingers at Israel, per Iran International. "If you experience disruptions or irrelevant messages while watching various TV

Published: 2025-06-20T17:24:00



The Hacker News

6 Steps to 24/7 In-House SOC Success

Hackers never sleep, so why should enterprise defenses? Threat actors prefer to target businesses during off-hours. That’s when they can count on fewer security personnel monitoring systems, delaying response and remediation. When retail giant Marks & Spencer experienced a security event over Easter weekend, they were forced to shut down their online operations, which account for

Published: 2025-06-20T15:30:00



The Hacker News

Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider

Cloudflare on Thursday said it autonomously blocked the largest distributed denial-of-service (DDoS) attack ever recorded, which hit a peak of 7.3 terabits per second (Tbps). The attack, which was detected in mid-May 2025, targeted an unnamed hosting provider. "Hosting providers and critical Internet infrastructure have increasingly become targets of DDoS attacks," Cloudflare's Omer Yoachimik

Published: 2025-06-20T15:06:00



The Hacker News

200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers

Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver trojanized payloads instead. The activity, codenamed Banana Squad by ReversingLabs, is assessed to be a continuation of a rogue Python campaign that was identified in 2023 as targeting the Python Package

Published: 2025-06-20T13:11:00



Security Affairs

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler vulnerability, tracked as CVE-2025-6543, to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-6543 (CVSS score of 9.2) is a memory overflow vulnerability in NetScaler ADC and NetScaler Gateway when configured […]

Published: 2025-06-30T18:49:23



Security Affairs

Canada bans Hikvision over national security concerns

Canada bans Hikvision over national security concerns, ordering the company to stop operations and barring its tech from government use. Canada ordered Chinese surveillance firm Hikvision to cease all operations in the country, citing national security concerns. Minister M lanie Joly announced the decision after a security review found vendor’s activities could pose a threat. Canada […]

Published: 2025-06-30T12:59:02



Security Affairs

Denmark moves to protect personal identity from deepfakes with new copyright law

Denmark plans to let citizens copyright their face, body, and voice to combat deepfakes under a new law strengthening personal digital rights. Denmark plans to amend its copyright law to give individuals rights over their body, face, and voice, to combat AI-generated deepfakes. Believed to be the first law of its kind in Europe, the […]

Published: 2025-06-30T11:14:14



Security Affairs

Ahold Delhaize data breach affected over 2.2 Million individuals

A ransomware attack on grocery giant Ahold Delhaize led to a data breach that affected more than 2.2 million people. A ransomware attack on Dutch grocery giant Ahold Delhaize has led to a data breach affecting over 2.2 million people. Ahold Delhaize is a Dutch-Belgian multinational retail and wholesale holding company. Its name comes from the […]

Published: 2025-06-30T09:01:37



Security Affairs

Facebook wants access to your camera roll for AI photo edits

Facebook asks users to allow “cloud processing” to access phone photos for AI-generated collages and recaps, even if not uploaded. Meta-owned Facebook is prompting users to enable “cloud processing” to access photos from their phones, even those not uploaded. If users opt into “cloud processing,” Facebook will continuously upload media to its servers and use […]

Published: 2025-06-29T23:52:03



Security Affairs

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 51

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Ransomware Gangs Collapse as Qilin Seizes Control  Dissecting a Python Ransomware distributed through GitHub repositories  SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play   Uncovering a Tor-Enabled Docker Exploit  […]

Published: 2025-06-29T16:41:38



Security Affairs

Security Affairs newsletter Round 530 by Pierluigi Paganini INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. The FBI warns that Scattered Spider is now targeting the airline sector LapDogs: China-nexus hackers Hijack […]

Published: 2025-06-29T16:29:40



Security Affairs

The FBI warns that Scattered Spider is now targeting the airline sector

The FBI warns that Scattered Spider is now targeting the airline sector. Feds are working with aviation partners to combat the threat and assist affected victims. The FBI reports that the cybercrime group Scattered Spider is now targeting the airline sector. The cybercriminals are using social engineering techniques to gain access to target organizations by […]

Published: 2025-06-28T19:44:21



Security Affairs

LapDogs: China-nexus hackers Hijack 1,000+ SOHO devices for espionage

Over 1,000 SOHO devices were hacked in a China-linked spying campaign called LapDogs, forming a covert network to support cyber espionage. Security researchers at SecurityScorecard’s STRIKE team have uncovered a cyber espionage campaign, dubbed LapDogs, involving over 1,000 hacked SOHO (small office/home office) devices. These compromised devices formed a hidden network, called an Operational Relay […]

Published: 2025-06-28T13:29:27



Security Affairs

Taking over millions of developers exploiting an Open VSX Registry flaw

A critical flaw in Open VSX Registry could let attackers hijack the VS Code extension hub, exposing millions of developers to supply chain attacks. Cybersecurity researchers at Koi Security discovered a critical vulnerability in the Open VSX Registry (open-vsx.org) that could have let attackers take over the Visual Studio Code extensions marketplace, endangering millions of […]

Published: 2025-06-27T19:37:50








© Segmentation Fault . All rights reserved.

Privacy | Terms of Use | Contact Us