TAG-140 Targets Indian Government Via ‘ClickFix-Style’ Lure darkreadingKristina Beek
July 7, 2025

The threat actors trick victims into opening a malicious script, leading to the execution of the BroaderAspect .NET loader. The threat actors trick victims into opening a malicious script, leading to …


ISC Stormcast For Tuesday, July 8th, 2025 https://isc.sans.edu/podcastdetail/9516, (Tue, Jul 8th) SANS Internet Storm Center, InfoCON: green
July 7, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Bert Blitzes Linux & Windows Systems darkreadingJai Vijayan, Contributing Writer
July 7, 2025

The new ransomware strain's aggressive multithreading and cross-platform capabilities make it a potent threat to enterprise environments. The new ransomware strain's aggressive multithreading and cross-platform capabilities make it a potent threat …


DPRK macOS ‘NimDoor’ Malware Targets Web3, Crypto Platforms darkreadingAlexander Culafi
July 7, 2025

Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests. Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram …


Ransomware Attack Triggers Widespread Outage at Ingram Micro darkreadingRob Wright
July 7, 2025

The outage began shortly before the July 4 holiday weekend and caused disruptions for customer ordering and other services provided by the IT distributor. The outage began shortly before the July …


‘Hunters International’ RaaS Group Closes Its Doors darkreadingKristina Beek
July 7, 2025

The announcement comes just months after security researchers observed that the group was making the transition to rebrand to World Leaks, a data theft outfit. The announcement comes just months after …


SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools The Hacker [email protected] (The Hacker News)
July 7, 2025

Cybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization (SEO) poisoning techniques to deliver a known malware loader called Oyster (aka Broomstick or CleanUpLoader). The malvertising activity, per …


Chrome Store Features Extension Poisoned With Sophisticated Spyware darkreadingElizabeth Montalbano, Contributing Writer
July 7, 2025

A color picker for Google's browser with more than 100,000 downloads hijacks sessions every time a user navigates to a new webpage and also redirects them to malicious sites. A color …


Chrome Store Features Extension Poisoned With Sophisticated Spyware darkreadingElizabeth Montalbano, Contributing Writer
July 7, 2025

A color picker for Google's browser with more than 100,000 downloads hijacks sessions every time a user navigates to a new webpage and also redirects them to malicious sites. A color …


CISA Adds Four Known Exploited Vulnerabilities to Catalog AlertsCISA
July 7, 2025

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2014-3931 Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability CVE-2016-10033 PHPMailer Command Injection Vulnerability CVE-2019-5418 Rails …