Attackers Can Use Browser Extensions to Inject AI Prompts darkreadingAlexander Culafi
July 30, 2025

A proof-of-concept attack shows how threat actors can use a poisoned browser extension to inject malicious prompts into a generative AI tool. A proof-of-concept attack shows how threat actors can use …


Eviction Strategies Tool Released AlertsCISA
July 30, 2025

Today, CISA released the Eviction Strategies Tool to provide cyber defenders with critical support and assistance during the containment and eviction phases of incident response. This tool includes: Cyber Eviction Strategies …


Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools The Hacker [email protected] (The Hacker News)
July 30, 2025

Chinese companies linked to the state-sponsored hacking group known as Silk Typhoon (aka Hafnium) have been identified as behind over a dozen technology patents, shedding light on the shadowy cyber …


Product Walkthrough: A Look Inside Pillar’s AI Security Platform The Hacker [email protected] (The Hacker News)
July 30, 2025

In this article, we will provide a brief overview of Pillar Security's platform to better understand how they are tackling AI security challenges. Pillar Security is building a platform to cover …


Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome The Hacker [email protected] (The Hacker News)
July 30, 2025

Apple on Tuesday released security updates for its entire software portfolio, including a fix for a vulnerability that Google said was exploited as a zero-day in the Chrome web browser …


Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero The Hacker [email protected] (The Hacker News)
July 30, 2025

Google has announced that it's making a security feature called Device Bound Session Credentials (DBSC) in open beta to ensure that users are safeguarded against session cookie theft attacks. DBSC, first …


African Orgs Fall to Mass Microsoft SharePoint Exploits darkreadingRobert Lemos, Contributing Writer
July 30, 2025

The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise of on-premises Microsoft SharePoint servers. The …


Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware The Hacker [email protected] (The Hacker News)
July 30, 2025

Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025. "Over the course …


Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure The Hacker [email protected] (The Hacker News)
July 29, 2025

Google Cloud's Mandiant Consulting has revealed that it has witnessed a drop in activity from the notorious Scattered Spider group, but emphasized the need for organizations to take advantage of …


ISC Stormcast For Wednesday, July 30th, 2025 https://isc.sans.edu/podcastdetail/9548, (Wed, Jul 30th) SANS Internet Storm Center, InfoCON: green
July 29, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More