Hackers ‘Shellter’ Various Stealers in Red Team Tool to Evade Detection darkreadingElizabeth Montalbano, Contributing Writer
July 8, 2025

Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework. Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware …


4 Critical Steps in Advance of 47-Day SSL/TLS Certificates darkreadingTim Callan
July 8, 2025

With certificate lifespans set to shrink by 2029, IT teams need to spend the next 100 days planning in order to avoid operational disruptions. With certificate lifespans set to shrink by …


Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension The Hacker [email protected] (The Hacker News)
July 8, 2025

Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times. The compromise, per …


Checking for Fraud: Texas Community Bank Nips Check Fraud in the Bud darkreadingKaren D. Schwartz, Contributing Writer
July 8, 2025

Within months of implementing anti-fraud measures and automation, Texas National Bank prevented more than $300,000 in check fraud. Within months of implementing anti-fraud measures and automation, Texas National Bank prevented more …


CISA Releases One Industrial Control Systems Advisory AlertsCISA
July 8, 2025

CISA released one Industrial Control Systems (ICS) advisory on July 8, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-189-01 Emerson ValveLink Products CISA encourages …


5 Ways Identity-based Attacks Are Breaching Retail The Hacker [email protected] (The Hacker News)
July 8, 2025

From overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and access. Here’s how five retail breaches unfolded, and what they reveal about... In …


RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks The Hacker [email protected] (The Hacker News)
July 8, 2025

Cybersecurity researchers are calling attention to a malware campaign that's targeting security flaws in TBK digital video recorders (DVRs) and Four-Faith routers to rope the devices into a new botnet …


BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally The Hacker [email protected] (The Hacker News)
July 8, 2025

A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 …


Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms The Hacker [email protected] (The Hacker News)
July 8, 2025

Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia. The activity, per cybersecurity vendor Kaspersky, has been active since July …


CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation The Hacker [email protected] (The Hacker News)
July 7, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list …