SIM Swap Fraud Is Surging — and That’s a Good Thing darkreadingShaun Cooney
July 10, 2025

Now it's time to build systems that attackers can't reroute with a phone call. Now it's time to build systems that attackers can't reroute with a phone call.  ​Read More


Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods The Hacker [email protected] (The Hacker News)
July 10, 2025

The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested …


CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
July 10, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-5777 Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability These types of vulnerabilities are …


CISA Releases Thirteen Industrial Control Systems Advisories AlertsCISA
July 10, 2025

CISA released thirteen Industrial Control Systems (ICS) advisories on July 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-191-01 Siemens SINEC NMS ICSA-25-191-02 Siemens …


What Security Leaders Need to Know About AI Governance for SaaS The Hacker [email protected] (The Hacker News)
July 10, 2025

Generative AI is not arriving with a bang, it’s slowly creeping into the software that companies already use on a daily basis. Whether it is video conferencing or CRM, vendors …


New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App The Hacker [email protected] (The Hacker News)
July 10, 2025

Cybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called ZuRu, which is known to propagate via trojanized versions of legitimate software. SentinelOne, in a new report shared …


AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs The Hacker [email protected] (The Hacker News)
July 10, 2025

Semiconductor company AMD is warning of a new set of vulnerabilities affecting a broad range of chipsets that could lead to information disclosure. The attacks, called Transient Scheduler Attacks (TSA), manifests …


ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs The Hacker [email protected] (The Hacker News)
July 10, 2025

A high-severity security flaw has been disclosed in ServiceNow's platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been …


ISC Stormcast For Thursday, July 10th, 2025 https://isc.sans.edu/podcastdetail/9520, (Thu, Jul 10th) SANS Internet Storm Center, InfoCON: green
July 9, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


North American APT Uses Exchange Zero-Day to Attack China darkreadingNate Nelson, Contributing Writer
July 9, 2025

Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to …