CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
July 18, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-25257 Fortinet FortiWeb SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors …


CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign The Hacker [email protected] (The Hacker News)
July 18, 2025

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that's designed to deliver a malware codenamed LAMEHUG. "An obvious feature of LAMEHUG is the use …


Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices The Hacker [email protected] (The Hacker News)
July 18, 2025

Google on Thursday revealed it's pursuing legal action in New York federal court against 25 unnamed individuals or entities in China for allegedly operating BADBOX 2.0 botnet and residential proxy …


Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services The Hacker [email protected] (The Hacker News)
July 18, 2025

Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services. The vulnerability, tracked as CVE-2025-23266, carries …


From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware The Hacker [email protected] (The Hacker News)
July 18, 2025

With IT outages and disruptions escalating, IT teams are shifting their focus beyond simply backing up data to maintaining operations during an incident. One of the key drivers behind this …


Veeam Phishing via Wav File, (Fri, Jul 18th) SANS Internet Storm Center, InfoCON: green
July 18, 2025

A interesting phishing attempt was reported by a contact. It started with a simple email that looked like a voice mail notification like many VoIP systems deliver when the call …


ISC Stormcast For Friday, July 18th, 2025 https://isc.sans.edu/podcastdetail/9532, (Fri, Jul 18th) SANS Internet Storm Center, InfoCON: green
July 17, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai Krebs on SecurityBrianKrebs
July 17, 2025

Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald's was exposed after they guessed the password ("123456") for the fast food …


4 Chinese APTs Attack Taiwan’s Semiconductor Industry darkreadingNate Nelson, Contributing Writer
July 17, 2025

Chinese threat actors have turned to cyberattacks as a way to undermine and destabilize Taiwan's most important industrial sector. Chinese threat actors have turned to cyberattacks as a way to undermine …


Cisco Discloses ’10’ Flaw in ISE, ISE-PIC — Patch Now darkreadingAlexander Culafi
July 17, 2025

Cisco just disclosed a critical severity flaw in its ISE and ISE-PIC products, joining two similar bugs disclosed last month. Cisco just disclosed a critical severity flaw in its ISE and …