ICYMI: 2025-06-18
Latest Headlines
New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains
1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub
Water Curse Employs 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability
Ex-CIA Analyst Sentenced to 37 Months for Leaking Top Secret National Defense Documents
Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication
Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict
Iran’s Internet Blackout Adds New Dangers for Civilians Amid Israeli Bombings
Israel-Tied Predatory Sparrow Hackers Are Waging Cyberwar on Iran’s Financial System
Russian Hackers Bypass Gmail MFA with App Specific Password Ruse
Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection
Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation
Mitigating AI Threats: Bridging the Gap Between AI and Legacy Security
OpenAI to Help DoD With Cyber Defense Under New $200 Million Contract
Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products
Data Breach at Healthcare Services Firm Episource Impacts 5.4 Million People
Halo Security Honored with 2025 MSP Today Product of the Year Award
Famous Chollima Hackers Attacking Windows and MacOS Users With GolangGhost RAT
Insecure GitHub Actions in Open Source Projects MITRE and Splunk Exposes Critical Vulnerabilities
5 New Trends In Phishing Attacks On Businesses – Must Aware Threats
PLA Rapidly Deploys AI Technology Across Military Intelligence Operations
Microsoft Defender for Office 365 to Block Email Bombing Attacks
RapperBot Botnet Attack Peaks 50,000+ Attacks Targeting Network Edge Devices
System Admins Beware! Weaponized Putty Ads in Bing Installs Remote Access Tools
Pro-Israel hackers hit Iran’s Nobitex exchange, burn $90M in crypto
North Korean hackers deepfake execs in Zoom call to spread Mac malware
Microsoft 365 to block file access via legacy auth protocols by default
‘Stargazers’ use fake Minecraft mods to steal player passwords
ChainLink Phishing: How Trusted Domains Become Threat Vectors
CISA warns of attackers exploiting Linux flaw with PoC exploit
Healthcare SaaS firm says data breach impacts 5.4 million patients
BeyondTrust warns of pre-auth RCE in Remote Support software
New Linux udisks flaw lets attackers get root on major Linux distros
Asana warns MCP AI feature exposed customer data to other orgs
– MTZ