Qantas Airlines Breached, Impacting 6M Customers darkreadingNate Nelson, Contributing Writer
July 2, 2025

Passengers' personal information was likely accessed via a third-party platform used at a call center, but didn't include passport or credit card info. Passengers' personal information was likely accessed via a …


Browser Extensions Pose Heightened, but Manageable, Security Risks darkreadingArielle Waldman
July 2, 2025

Attackers can abuse malicious extensions to access critical data, including credentials, but organizations can reduce the risks by raising awareness and enforcing strict policy controls. Attackers can abuse malicious extensions to …


Initial Access Broker Self-Patches Zero Days as Turf Control darkreadingJai Vijayan, Contributing Writer
July 2, 2025

A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to …


US Treasury Sanctions BPH Provider Aeza Group darkreadingKristina Beek
July 2, 2025

In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer. In the past, the bulletproof group has been affiliated …


Russian APT ‘Gamaredon’ Hits Ukraine With Fierce Phishing darkreadingAlexander Culafi
July 2, 2025

A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine. A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive …


ClickFix Spin-off Attack Bypasses Key Browser Safeguards darkreadingElizabeth Montalbano, Contributing Writer
July 2, 2025

A new threat vector exploits how modern browsers save HTML files, bypassing Mark of the Web and giving attackers another social-engineering attack for delivering malware. A new threat vector exploits how …


North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign The Hacker [email protected] (The Hacker News)
July 2, 2025

Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics. "Unusually …


1 Year Later: Lessons Learned From the CrowdStrike Outage darkreadingNadir Izrael
July 2, 2025

The ever-growing volume of vulnerabilities and threats requires organizations to remain resilient and anti-fragile — that is, to be able to proactively respond to issues and continuously improve. The ever-growing volume …


FileFix Attack Chain Enables Malicious Script Execution darkreadingKristina Beek
July 2, 2025

By using social engineering tactics, threat actors are able to manipulate their victims into saving and renaming files that will backfire against them. By using social engineering tactics, threat actors are …


CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
July 2, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-6554 Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack …