⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More The Hacker [email protected] (The Hacker News)
July 14, 2025

In cybersecurity, precision matters—and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week …


CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
July 14, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-47812 Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability These …


CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center The Hacker [email protected] (The Hacker News)
July 14, 2025

India's Central Bureau of Investigation (CBI) has announced that it has taken steps to dismantle what it said was a transnational cybercrime syndicate that carried out "sophisticated" tech support scams …


eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks The Hacker [email protected] (The Hacker News)
July 13, 2025

Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks. The issues impact the Kigen eUICC card. …


ISC Stormcast For Monday, July 14th, 2025 https://isc.sans.edu/podcastdetail/9524, (Mon, Jul 14th) SANS Internet Storm Center, InfoCON: green
July 13, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Experimental Suspicious Domain Feed, (Sun, Jul 13th) SANS Internet Storm Center, InfoCON: green
July 13, 2025

We have had a "newly registered domain" feed for a few years. This feed pulls data from ICANN&#;x26;#;39;s centralized zone data service (https://czds.icann.org) and TLS certificate transparency logs.  We have had …


GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs The Hacker [email protected] (The Hacker News)
July 12, 2025

NVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units (GPUs). "Risk of successful …


Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub The Hacker [email protected] (The Hacker News)
July 12, 2025

Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of applications. "Laravel's APP_KEY, essential for encrypting …


Pay2Key Ransomware Gang Resurfaces With Incentives to Attack US, Israel darkreadingRob Wright
July 11, 2025

The ransomware-as-a-service (RaaS) operation, which has been tied to an Iranian advanced persistent threat (APT) group, recently boosted its affiliate profit share to 80% for attacks on Western targets. The ransomware-as-a-service …


350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE darkreadingNate Nelson, Contributing Writer
July 11, 2025

Mercedes, Skoda, and Volkswagen vehicles, as well as untold industrial, medical, mobile, and consumer devices, may be exposed to a vulnerable Bluetooth implementation called "PerfektBlue." Mercedes, Skoda, and Volkswagen vehicles, as …