Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware The Hacker [email protected] (The Hacker News)
July 30, 2025

Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025. "Over the course …


Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure The Hacker [email protected] (The Hacker News)
July 29, 2025

Google Cloud's Mandiant Consulting has revealed that it has witnessed a drop in activity from the notorious Scattered Spider group, but emphasized the need for organizations to take advantage of …


ISC Stormcast For Wednesday, July 30th, 2025 https://isc.sans.edu/podcastdetail/9548, (Wed, Jul 30th) SANS Internet Storm Center, InfoCON: green
July 29, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Apple Updates Everything: July 2025, (Tue, Jul 29th) SANS Internet Storm Center, InfoCON: green
July 29, 2025

Apple today released updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. This is a feature release, but it includes significant security updates. Apple patches a total of 29 different …


Nimble ‘Gunra’ Ransomware Evolves With Linux Variant darkreadingElizabeth Montalbano, Contributing Writer
July 29, 2025

The emerging cybercriminal gang, which initially targeted Microsoft Windows systems, is looking to go cross-platform using sophisticated, multithread encryption. The emerging cybercriminal gang, which initially targeted Microsoft Windows systems, is looking …


Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44 The Hacker [email protected] (The Hacker News)
July 29, 2025

Cybersecurity researchers have disclosed a now-patched critical security flaw in a popular vibe coding platform called Base44 that could allow unauthorized access to private applications built by its users. "The vulnerability …


PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain The Hacker [email protected] (The Hacker News)
July 29, 2025

The maintainers of the Python Package Index (PyPI) repository have issued a warning about an ongoing phishing attack that's targeting users in an attempt to redirect them to fake PyPI …


The Hidden Threat of Rogue Access darkreadingDurgaprasad Balakrishnan
July 29, 2025

With the right IGA tools, governance policies, and risk thresholds, enterprises can continuously detect and act on rogue access before attackers do. With the right IGA tools, governance policies, and risk …


Critical Flaw in Vibe-Coding Platform Base44 Exposed Apps darkreadingJai Vijayan, Contributing Writer
July 29, 2025

A now-patched authentication issue on the popular vibe-coding platform gave unauthorized users open access to any private application on Base44. A now-patched authentication issue on the popular vibe-coding platform gave unauthorized …


Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims The Hacker [email protected] (The Hacker News)
July 29, 2025

A newly emerged ransomware-as-a-service (RaaS) gang called Chaos is likely made up of former members of the BlackSuit crew, as the latter's dark web infrastructure has been the subject of …