Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension The Hacker [email protected] (The Hacker News)
July 8, 2025

Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times. The compromise, per …


Checking for Fraud: Texas Community Bank Nips Check Fraud in the Bud darkreadingKaren D. Schwartz, Contributing Writer
July 8, 2025

Within months of implementing anti-fraud measures and automation, Texas National Bank prevented more than $300,000 in check fraud. Within months of implementing anti-fraud measures and automation, Texas National Bank prevented more …


CISA Releases One Industrial Control Systems Advisory AlertsCISA
July 8, 2025

CISA released one Industrial Control Systems (ICS) advisory on July 8, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-189-01 Emerson ValveLink Products CISA encourages …


5 Ways Identity-based Attacks Are Breaching Retail The Hacker [email protected] (The Hacker News)
July 8, 2025

From overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and access. Here’s how five retail breaches unfolded, and what they reveal about... In …


RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks The Hacker [email protected] (The Hacker News)
July 8, 2025

Cybersecurity researchers are calling attention to a malware campaign that's targeting security flaws in TBK digital video recorders (DVRs) and Four-Faith routers to rope the devices into a new botnet …


BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally The Hacker [email protected] (The Hacker News)
July 8, 2025

A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 …


Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms The Hacker [email protected] (The Hacker News)
July 8, 2025

Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia. The activity, per cybersecurity vendor Kaspersky, has been active since July …


CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation The Hacker [email protected] (The Hacker News)
July 7, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list …


TAG-140 Targets Indian Government Via ‘ClickFix-Style’ Lure darkreadingKristina Beek
July 7, 2025

The threat actors trick victims into opening a malicious script, leading to the execution of the BroaderAspect .NET loader. The threat actors trick victims into opening a malicious script, leading to …


ISC Stormcast For Tuesday, July 8th, 2025 https://isc.sans.edu/podcastdetail/9516, (Tue, Jul 8th) SANS Internet Storm Center, InfoCON: green
July 7, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More