‘CitrixBleed 2’ Shows Signs of Active Exploitation darkreadingKristina Beek, Associate Editor, Dark Reading
June 27, 2025

If exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while remaining undetected. If exploited, the critical vulnerability allows attackers …


Scattered Spider Taps CFO Credentials in ‘Scorched Earth’ Attack darkreadingRob Wright
June 27, 2025

In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and Snowflake environments, and for the first known time, actively fought …


Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign The Hacker [email protected] (The Hacker News)
June 27, 2025

Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign …


Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover darkreadingNate Nelson, Contributing Writer
June 27, 2025

Hackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket steering system. Hackers can spy …


Vulnerability Debt: How Do You Put a Price on What to Fix? darkreadingMatt Middleton-Leal
June 27, 2025

Putting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture. Putting a vulnerability debt figure together involves work, …


PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack The Hacker [email protected] (The Hacker News)
June 27, 2025

A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. The spear-phishing attacks leveraged topics related to Tibet, such …


US Falling Behind China in Exploit Production darkreadingRobert Lemos, Contributing Writer
June 27, 2025

Cyber operations have become critical to national security, but the United States has fallen behind in one significant area — exploit production — while China has built up a significant lead. Cyber …


Business Case for Agentic AI SOC Analysts The Hacker [email protected] (The Hacker News)
June 27, 2025

Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected …


Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit The Hacker [email protected] (The Hacker News)
June 27, 2025

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The activity has …


MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted The Hacker [email protected] (The Hacker News)
June 27, 2025

Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass …