DPRK macOS ‘NimDoor’ Malware Targets Web3, Crypto Platforms darkreadingAlexander Culafi
July 7, 2025

Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests. Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram …


Ransomware Attack Triggers Widespread Outage at Ingram Micro darkreadingRob Wright
July 7, 2025

The outage began shortly before the July 4 holiday weekend and caused disruptions for customer ordering and other services provided by the IT distributor. The outage began shortly before the July …


‘Hunters International’ RaaS Group Closes Its Doors darkreadingKristina Beek
July 7, 2025

The announcement comes just months after security researchers observed that the group was making the transition to rebrand to World Leaks, a data theft outfit. The announcement comes just months after …


SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools The Hacker [email protected] (The Hacker News)
July 7, 2025

Cybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization (SEO) poisoning techniques to deliver a known malware loader called Oyster (aka Broomstick or CleanUpLoader). The malvertising activity, per …


Chrome Store Features Extension Poisoned With Sophisticated Spyware darkreadingElizabeth Montalbano, Contributing Writer
July 7, 2025

A color picker for Google's browser with more than 100,000 downloads hijacks sessions every time a user navigates to a new webpage and also redirects them to malicious sites. A color …


Chrome Store Features Extension Poisoned With Sophisticated Spyware darkreadingElizabeth Montalbano, Contributing Writer
July 7, 2025

A color picker for Google's browser with more than 100,000 downloads hijacks sessions every time a user navigates to a new webpage and also redirects them to malicious sites. A color …


CISA Adds Four Known Exploited Vulnerabilities to Catalog AlertsCISA
July 7, 2025

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2014-3931 Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability CVE-2016-10033 PHPMailer Command Injection Vulnerability CVE-2019-5418 Rails …


⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More The Hacker [email protected] (The Hacker News)
July 7, 2025

Everything feels secure—until one small thing slips through. Even strong systems can break if a simple check is missed or a trusted tool is misused. Most threats don’t start with …


Manufacturing Security: Why Default Passwords Must Go The Hacker [email protected] (The Hacker News)
July 7, 2025

If you didn't hear about Iranian hackers breaching US water facilities, it's because they only managed to control a single pressure station serving 7,000 people. What made this attack noteworthy wasn't …


What’s My (File)Name?, (Mon, Jul 7th) SANS Internet Storm Center, InfoCON: green
July 7, 2025

Modern malware implements a lot of anti-debugging and anti-analysis features. Today, when a malware is spread in the wild, there are chances that it will be automatically sent into a …