ICYMI: 2025-06-26
Latest Headlines
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access
New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks
The Hidden Risks of SaaS: Why Built-In Protections Aren’t Enough for Modern Data Resilience
Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks
Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa
CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet
WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews
Bipartisan Bill Aims to Block Chinese AI From Federal Agencies
Man Who Hacked Organizations to Advertise Security Services Pleads Guilty
Bonfy.AI Raises $9.5 Million for Adaptive Content Security Platform
Critical Cisco ISE Vulnerabilities Allow Remote Code Execution
British Man Suspected of Being the Hacker IntelBroker Arrested, Charged
WhatsApp to Add AI-Powered Message Summaries to Quickly Catch Your Messages
HPE OneView for VMware vCenter Allows Escalation of Privileges
Microsoft 365’s Direct Send Exploited to Send Phishing Emails as Internal Users
Iranian APT35 Hackers Attacking High-Profile Cyber Security Experts & Professors from Israel
Microsoft Teams New Feature Enables Admins to Manage Certified M365 Apps for Enhanced Security
nOAuth Abuse Leads to Full Account Takeover of Entra Cross-Tenant SaaS Applications
CISA Warns of D-Link Path Traversal Vulnerability Exploited in Attacks
Researchers Obfuscated & Weaponized .NET Assemblies Using MacroPack
Iranian Spear-Phishing Attack Mimic Google, Outlook, and Yahoo Domains
25-Year-Old British National Believed To Be IntelBroker Charged
FTC approves $126 million in Fortnite refunds over ‘dark patterns’
Brother printer bug in 689 models exposes default admin passwords
Ex-student charged over hacking university for cheap parking, data breaches
Cisco warns of max severity RCE flaws in Identity Services Engine
Man pleads guilty to hacking networks to pitch security services
3 key takeaways from the Scattered Spider attacks on insurance firms
Microsoft 365 ‘Direct Send’ abused to send phishing as internal users
Microsoft fixes Outlook bug causing crashes when opening emails
Microsoft confirms Family Safety blocks Google Chrome from launching
CISA: AMI MegaRAC bug enabling server hijacks exploited in attacks
– MTZ