Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets The Hacker [email protected] (The Hacker News)
July 3, 2025

Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users' digital assets at risk. "These extensions impersonate legitimate wallet …


The Hidden Weaknesses in AI SOC Tools that No One Talks About The Hacker [email protected] (The Hacker News)
July 3, 2025

If you’re evaluating AI-powered SOC platforms, you’ve likely seen bold claims: faster triage, smarter remediation, and less noise. But under the hood, not all AI is created equal. Many solutions …


Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms The Hacker [email protected] (The Hacker News)
July 3, 2025

The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken …


Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials The Hacker [email protected] (The Hacker News)
July 2, 2025

Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) that could permit …


ISC Stormcast For Thursday, July 3rd, 2025 https://isc.sans.edu/podcastdetail/9512, (Thu, Jul 3rd) SANS Internet Storm Center, InfoCON: green
July 2, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Qantas Airlines Breached, Impacting 6M Customers darkreadingNate Nelson, Contributing Writer
July 2, 2025

Passengers' personal information was likely accessed via a third-party platform used at a call center, but didn't include passport or credit card info. Passengers' personal information was likely accessed via a …


Browser Extensions Pose Heightened, but Manageable, Security Risks darkreadingArielle Waldman
July 2, 2025

Attackers can abuse malicious extensions to access critical data, including credentials, but organizations can reduce the risks by raising awareness and enforcing strict policy controls. Attackers can abuse malicious extensions to …


Initial Access Broker Self-Patches Zero Days as Turf Control darkreadingJai Vijayan, Contributing Writer
July 2, 2025

A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to …


US Treasury Sanctions BPH Provider Aeza Group darkreadingKristina Beek
July 2, 2025

In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer. In the past, the bulletproof group has been affiliated …


Russian APT ‘Gamaredon’ Hits Ukraine With Fierce Phishing darkreadingAlexander Culafi
July 2, 2025

A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine. A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive …