ICYMI: 2025-07-08
Latest Headlines
Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware
Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play
Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
RondoDox Botnet Exploits Flaws in TBK DVRs and Four-Faith Routers to Launch DDoS Attacks
BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally
Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms
CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation
Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday
Impostor Uses AI to Impersonate Rubio and Contact Foreign and US Officials
Legitimate Shellter Pen-Testing Tool Used in Malware Attacks
The Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore
SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover
Exploits, Technical Details Released for CitrixBleed2 Vulnerability
KB5062554 – Microsoft Releases Cumulative Update for Windows 10 With July 2025 Patch Tuesday
Nippon Steel Solutions 0-Day Network Vulnerability Exposes Users Personal Information
Zoom Clients for Windows Vulnerability Exposes Users to DoS Attacks
Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Fixed Including 41 RCE
MediaTek July 2025 Security Update Patches Vulnerabilities Affecting a Wide Range of Their Chipsets
Ivanti Endpoint Manager Mobile Vulnerabilities Allow Attackers to Decrypt Other Users’ Passwords
Tycoon2FA, EvilProxy, Sneaky2FA: How To Defend Against These Phishing Kit Attacks
DNN Vulnerability Let Attackers Steal NTLM Credentials via Unicode Normalization Bypass
Anatsa Android Banking Malware from Google Play Targeting Users in the U.S. and Canada
CISA Warns of Rails Ruby on Rails Path Traversal Vulnerability Exploited in Attacks
Samsung announces major security enhancements coming to One UI 8
M&S confirms social engineering led to massive ransomware attack
New Android TapTrap attack fools users with invisible UI trick
Windows 10 KB5062554 cumulative update released with 13 changes, fixes
Windows 11 KB5062553 & KB5062552 cumulative updates released
Microsoft July 2025 Patch Tuesday fixes one zero-day, 137 flaws
Android malware Anatsa infiltrates Google Play to target US banks
Overcoming Technical Barriers in Desktop and Application Virtualization
Malicious Chrome extensions with 1.7M installs found on Web Store
Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage
– MTZ