Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack The Hacker [email protected] (The Hacker News)
July 20, 2025

Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers' npm tokens. The captured tokens were …


Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers The Hacker [email protected] (The Hacker News)
July 20, 2025

A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifier CVE-2025-54309, the vulnerability carries a CVSS score of 9.0. "CrushFTP 10 …


‘PoisonSeed’ Attacker Skates Around FIDO Keys darkreadingAlexander Culafi
July 18, 2025

Researchers discovered a novel phishing attack that serves the victim a QR code as part of supposed multifactor authentication (MFA), in order to get around FIDO-based protections. Researchers discovered a novel …


China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones The Hacker [email protected] (The Hacker News)
July 18, 2025

Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that's used by law enforcement authorities in China to gather information from seized mobile devices. The hacking tool, believed …


UNG0002 Group Hits China, Hong Kong, Pakistan Using LNK Files and RATs in Twin Campaigns The Hacker [email protected] (The Hacker News)
July 18, 2025

Multiple sectors in China, Hong Kong, and Pakistan have become the target of a threat activity cluster tracked as UNG0002 (aka Unknown Group 0002) as part of a broader cyber …


Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks The Hacker [email protected] (The Hacker News)
July 18, 2025

Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure (ICS) appliances. According to …


Nearly 2,000 MCP Servers Possess No Security Whatsoever darkreadingNate Nelson, Contributing Writer
July 18, 2025

Authentication in MCP — the backbone of agentic AI — is optional, and nobody's implementing it. Instead, they're allowing any passing attackers full control of their servers. Authentication in MCP — …


3 Ways Security Teams Can Minimize Agentic AI Chaos darkreadingJosh Lemos
July 18, 2025

Security often lags behind innovation. The path forward requires striking a balance. Security often lags behind innovation. The path forward requires striking a balance.  ​Read More


Firmware Vulnerabilities Continue to Plague Supply Chain darkreadingRobert Lemos, Contributing Writer
July 18, 2025

Four flaws in the basic software for Gigabyte motherboards could allow persistent implants, underscoring problems in the ways firmware is developed and updated. Four flaws in the basic software for Gigabyte …


CISA Adds One Known Exploited Vulnerability to Catalog AlertsCISA
July 18, 2025

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-25257 Fortinet FortiWeb SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors …