Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access The Hacker [email protected] (The Hacker News)
July 22, 2025

Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) to acknowledge active exploitation. "In July …


Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate The Hacker [email protected] (The Hacker News)
July 22, 2025

Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign.  The activity has been attributed by …


Marine Transportation Final Cyber Rule Goes Into Effect darkreadingKristina Beek
July 22, 2025

The cybersecurity rule has several requirements that must be met and will follow an extended timeline over the next two years. The cybersecurity rule has several requirements that must be met …


CISA Adds Four Known Exploited Vulnerabilities to Catalog AlertsCISA
July 22, 2025

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-54309 CrushFTP Unprotected Alternate Channel Vulnerability CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input …


CISA Adds Two Known Exploited Vulnerabilities to Catalog AlertsCISA
July 22, 2025

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-49704 Microsoft SharePoint Code Injection Vulnerability CVE-2025-49706 Microsoft SharePoint Improper Authentication Vulnerability These types of …


CISA Releases Nine Industrial Control Systems Advisories AlertsCISA
July 22, 2025

CISA released nine Industrial Control Systems (ICS) advisories on July 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-203-01 DuraComm DP-10iN-100-MU ICSA-25-203-02 Lantronix Provisioning …


Joint Advisory Issued on Protecting Against Interlock Ransomware AlertsCISA
July 22, 2025

CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services, and the Multi-State Information Sharing and Analysis Center issued a joint Cybersecurity Advisory …


How to Advance from SOC Manager to CISO? The Hacker [email protected] (The Hacker News)
July 22, 2025

Making the move from managing a security operations center (SOC) to being a chief information security officer (CISO) is a significant career leap. Not only do you need a solid …


China-Backed APT41 Cyberattack Surfaces in Africa darkreadingJai Vijayan, Contributing Writer
July 22, 2025

Up to now, the prolific China-sponsored cyber-espionage group has been mostly absent from the region, but a sophisticated and highly targeted attack on an African IT company shows Beijing is …


Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access The Hacker [email protected] (The Hacker News)
July 22, 2025

The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The cybersecurity company said it observed first …