Microsoft Patch Tuesday, July 2025 Edition Krebs on SecurityBrianKrebs
July 8, 2025

Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be …


AI Trust Score Ranks LLM Security darkreadingJeffrey Schwartz
July 8, 2025

Startup Tumeryk’s State of AI Trust finds Google Gemini Pro 2.5 as the most trustworthy with ChatGPT-4 Mini a close second, while DeepSeek and Alibaba Qwen scoring lowest. Startup Tumeryk’s State …


Microsoft Patches 137 CVEs in July, But No Zero-Days darkreadingJai Vijayan, Contributing Writer
July 8, 2025

Some 17 of the bugs are at high risk for exploits, including multiple remote code execution bugs in Office and SharePoint. Some 17 of the bugs are at high risk for …


Malicious Open Source Packages Spike 188% YoY darkreadingAlexander Culafi
July 8, 2025

Data exfiltration was the most common malware in Sonatype report, with more than 4,400 packages designed to steal secrets, personally identifiable information, credentials, and API tokens. Data exfiltration was the most …


Suspected Hacker Linked to Silk Typhoon Arrested in Milan darkreadingKristina Beek
July 8, 2025

The alleged Chinese state-sponsored hacker faces multiple charges, including wire fraud, aggravated identity theft, and unauthorized access to protected computers. The alleged Chinese state-sponsored hacker faces multiple charges, including wire fraud, …


Microsoft Patch Tuesday, July 2025, (Tue, Jul 8th) SANS Internet Storm Center, InfoCON: green
July 8, 2025

Today, Microsoft released patches for 130 Microsoft vulnerabilities and 9&#;x26;#;xc2;&#;x26;#;xa0;additional&#;x26;#;xc2;&#;x26;#;xa0;vulnerabilities not part of Microsoft&#;x26;#;39;s portfolio but distributed by Microsoft. 14 of these are rated critical. Only one of the vulnerabilities …


Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware The Hacker [email protected] (The Hacker News)
July 8, 2025

In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute …


Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play The Hacker [email protected] (The Hacker News)
July 8, 2025

Cybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target users in North America using malicious apps published on Google's official app …


Hackers ‘Shellter’ Various Stealers in Red Team Tool to Evade Detection darkreadingElizabeth Montalbano, Contributing Writer
July 8, 2025

Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework. Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware …


4 Critical Steps in Advance of 47-Day SSL/TLS Certificates darkreadingTim Callan
July 8, 2025

With certificate lifespans set to shrink by 2029, IT teams need to spend the next 100 days planning in order to avoid operational disruptions. With certificate lifespans set to shrink by …