Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms The Hacker [email protected] (The Hacker News)
July 3, 2025

The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken …


Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials The Hacker [email protected] (The Hacker News)
July 2, 2025

Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) that could permit …


ISC Stormcast For Thursday, July 3rd, 2025 https://isc.sans.edu/podcastdetail/9512, (Thu, Jul 3rd) SANS Internet Storm Center, InfoCON: green
July 2, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Qantas Airlines Breached, Impacting 6M Customers darkreadingNate Nelson, Contributing Writer
July 2, 2025

Passengers' personal information was likely accessed via a third-party platform used at a call center, but didn't include passport or credit card info. Passengers' personal information was likely accessed via a …


Browser Extensions Pose Heightened, but Manageable, Security Risks darkreadingArielle Waldman
July 2, 2025

Attackers can abuse malicious extensions to access critical data, including credentials, but organizations can reduce the risks by raising awareness and enforcing strict policy controls. Attackers can abuse malicious extensions to …


Initial Access Broker Self-Patches Zero Days as Turf Control darkreadingJai Vijayan, Contributing Writer
July 2, 2025

A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to …


US Treasury Sanctions BPH Provider Aeza Group darkreadingKristina Beek
July 2, 2025

In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer. In the past, the bulletproof group has been affiliated …


Russian APT ‘Gamaredon’ Hits Ukraine With Fierce Phishing darkreadingAlexander Culafi
July 2, 2025

A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine. A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive …


ClickFix Spin-off Attack Bypasses Key Browser Safeguards darkreadingElizabeth Montalbano, Contributing Writer
July 2, 2025

A new threat vector exploits how modern browsers save HTML files, bypassing Mark of the Web and giving attackers another social-engineering attack for delivering malware. A new threat vector exploits how …


North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign The Hacker [email protected] (The Hacker News)
July 2, 2025

Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics. "Unusually …