CYBERSEC BULLETIN – ONE PLACE FOR YOUR NEWS
New Variants of DCHSpy Spyware Used by Iranian APT to Target Android Users
Security Week • 2025-07-21
Other⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More
The Hacker News • 2025-07-21
VulnerabilitiesVeeam Recovery Orchestrator users locked out after MFA rollout
BleepingComputer • 2025-07-21
OtherLearn 14 Languages from Babbel with this exclusive StackSocial deal
BleepingComputer • 2025-07-21
OtherPoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse
The Hacker News • 2025-07-21
OtherExploited CrushFTP Zero-Day Provides Admin Access to Servers
Security Week • 2025-07-21
VulnerabilitiesMicrosoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers
Security Week • 2025-07-21
VulnerabilitiesMarketing, Law Firms Say Data Breaches Impact Over 200,000 People
Security Week • 2025-07-21
BreachesCritical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations
The Hacker News • 2025-07-20
OtherMalware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack
The Hacker News • 2025-07-20
BreachesNew Phobos ransomware decryptor lets victims recover files for free
BleepingComputer • 2025-07-18
Ransomware1.4 Million Affected by Data Breach at Virginia Radiology Practice
Security Week • 2025-07-18
New CrushFTP zero-day exploited in attacks to hijack servers
BleepingComputer • 2025-07-18
OtherCitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable
Security Week • 2025-07-18
Russian alcohol retailer WineLab closes stores after ransomware attack
BleepingComputer • 2025-07-18
RansomwareSettlement Reached in Investors’ Lawsuit Against Meta CEO Mark Zuckerberg and Other Company Leaders
Security Week • 2025-07-18
Empirical Security Raises $12 Million for AI-Driven Vulnerability Management
Security Week • 2025-07-17
LameHug malware uses AI LLM to craft Windows data-theft commands in real-time
BleepingComputer • 2025-07-17
BreachesMicrosoft Teams voice calls abused to push Matanbuchus malware
BleepingComputer • 2025-07-17
BreachesVMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin
BleepingComputer • 2025-07-17
OtherSonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware
BleepingComputer • 2025-07-16
VulnerabilitiesU.S. Army soldier pleads guilty to extorting 10 tech, telecom firms
BleepingComputer • 2025-07-16
OtherCo-op confirms data of 6.5 million members stolen in cyberattack
BleepingComputer • 2025-07-16
BreachesUnited Natural Foods Projects Up to $400M Sales Hit from June Cyberattack
Security Week • 2025-07-16
Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act
The Hacker News • 2025-07-16
VulnerabilitiesSesame Workshop Regains Control of Elmo’s Hacked X Account After Racist Posts
Security Week • 2025-07-15
State-Backed HazyBeacon Malware Uses AWS Lambda to Steal Data from SE Asian Governments
The Hacker News • 2025-07-15
BreachesHyper-Volumetric DDoS Attacks Reach Record 7.3 Tbps, Targeting Key Global Sectors
The Hacker News • 2025-07-15
OtherMITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats
Security Week • 2025-07-15
New PHP-Based Interlock RAT Variant Uses FileFix Delivery Mechanism to Target Multiple Industries
The Hacker News • 2025-07-14
OtherWindows 10 KB5062554 update breaks emoji panel search feature
BleepingComputer • 2025-07-13
OtherNVIDIA shares guidance to defend GDDR6 GPUs against Rowhammer attacks
BleepingComputer • 2025-07-11
OtherCyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent
Security Week • 2025-07-11
In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware, DoNot APT
Security Week • 2025-07-11
Bitcoin Depot breach exposes data of nearly 27,000 crypto users
BleepingComputer • 2025-07-09
BreachesHow To Automate Ticket Creation, Device Identification and Threat Triage With Tines
The Hacker News • 2025-07-09
OtherUnpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking
Security Week • 2025-07-09
Ruckus Networks leaves severe flaws unpatched in management devices
BleepingComputer • 2025-07-09
OtherOvercoming Technical Barriers in Desktop and Application Virtualization
BleepingComputer • 2025-07-08
OtherRondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks
The Hacker News • 2025-07-08
OtherMalicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
The Hacker News • 2025-07-08
OtherWindows 10 KB5062554 cumulative update released with 13 changes, fixes
BleepingComputer • 2025-07-08
OtherMalicious Chrome extensions with 1.7M installs found on Web Store
BleepingComputer • 2025-07-08
OtherExploits, Technical Details Released for CitrixBleed2 Vulnerability
Security Week • 2025-07-08
Android malware Anatsa infiltrates Google Play to target US banks
BleepingComputer • 2025-07-08
BreachesCISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation
The Hacker News • 2025-07-08
OtherResearchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms
The Hacker News • 2025-07-08
OtherSEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools
The Hacker News • 2025-07-07
BreachesTAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors
The Hacker News • 2025-07-07
OtherIngram Micro outage caused by SafePay ransomware attack
BleepingComputer • 2025-07-05
RansomwareTaiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties
The Hacker News • 2025-07-05
OtherGoogle's AI video maker Veo 3 is now available via $20 Gemini
BleepingComputer • 2025-07-04
OtherHunters International ransomware shuts down after World Leaks rebrand
BleepingComputer • 2025-07-03
RansomwareOver 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets
The Hacker News • 2025-07-03
OtherMassive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams
The Hacker News • 2025-07-03
BreachesIdeaLab confirms data stolen in ransomware attack last year
BleepingComputer • 2025-07-03
RansomwareForminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover
Security Week • 2025-07-02
Kelly Benefits says 2024 data breach impacts 550,000 customers
BleepingComputer • 2025-07-01
BreachesGoogle Patches Critical Zero-Day Flaw in Chrome’s V8 Engine After Active Exploitation
The Hacker News • 2025-07-01
OtherMicrosoft Removes Password Management from Authenticator App Starting August 2025
The Hacker News • 2025-07-01
OtherMicrosoft warns of Windows update delays due to wrong timestamp
BleepingComputer • 2025-06-30
OtherSwitzerland says government data stolen in ransomware attack
BleepingComputer • 2025-06-30
Ransomware⚡ Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more
The Hacker News • 2025-06-30
BreachesMicrosoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage
Security Week • 2025-06-27
In Other News: Norway Dam Hacked, $177M Data Breach Settlement, UNFI Attack Update
Security Week • 2025-06-27
Russia’s throttling of Cloudflare makes sites inaccessible
BleepingComputer • 2025-06-27
OtherCyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa
The Hacker News • 2025-06-26
VulnerabilitiesEx-student charged over hacking university for cheap parking, data breaches
BleepingComputer • 2025-06-26
OtherFTC approves $126 million in Fortnite refunds over ‘dark patterns’
BleepingComputer • 2025-06-26
OtherCISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet
The Hacker News • 2025-06-26
OtherBipartisan Bill Aims to Block Chinese AI From Federal Agencies
Security Week • 2025-06-26
Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games
The Hacker News • 2025-06-25
OtherCode Execution Vulnerability Patched in GitHub Enterprise Server
Security Week • 2025-06-25
Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
The Hacker News • 2025-06-25
OtherFileFix attack weaponizes Windows File Explorer for stealthy commands
BleepingComputer • 2025-06-24
OtherIdentity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives
Security Week • 2025-06-24
APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine
The Hacker News • 2025-06-24
BreachesUS House bans WhatsApp on staff devices over security concerns
BleepingComputer • 2025-06-24
OtherRevil ransomware members released after time served on carding charges
BleepingComputer • 2025-06-23
RansomwareHow AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout
The Hacker News • 2025-06-23
OtherUS Homeland Security warns of escalating Iranian cyberattack risks
BleepingComputer • 2025-06-23
BreachesWordPress Motors theme flaw mass-exploited to hijack admin accounts
BleepingComputer • 2025-06-21
OtherMicrosoft 365 to block file access via legacy auth protocols by default
BleepingComputer • 2025-06-18
Other