ICYMI: 2025-07-09
Latest Headlines
Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets
DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
How To Automate Ticket Creation, Device Identification and Threat Triage With Tines
Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data to Hackers Using the Password ‘123456’
Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack
Samsung Announces Security Improvements for Galaxy Smartphones
ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact
Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking
Canadian Electric Utility Says Power Meters Disrupted by Cyberattack
Top 5 Remote-Access And RMM Tools Most Abused By Threat Actors
Microsoft Patches Wormable RCE Vulnerability in Windows Client and Server
VS Code Extension Weaponized With Two Lines of Code Leads to Supply Chain Attack
Splunk Address Third-Party Packages Vulnerabilities in SOAR Versions – Update Now
Microsoft 365 PDF Export LFI Vulnerability Allows Access to Sensitive Server Data
Chinese Hackers Exploit Microsoft Exchange Servers to Steal COVID-19 Research Data
Windows BitLocker Bypass Vulnerability Let Attackers Bypass Security Feature
Splunk Address Third Party Packages Vulnerabilities in Enterprise Versions – Update Now
SparkKitty Malware Attacking iOS and Android Device Users to Steal Photos From Gallery
Microsoft Authenticator on iOS moves backups fully to iCloud
Microsoft confirms Windows Server Update Services (WSUS) sync is broken
Google reveals details on Android’s Advanced Protection for Chrome
Bitcoin Depot breach exposes data of nearly 27,000 crypto users
Ruckus Networks leaves severe flaws unpatched in management devices
Ingram Micro starts restoring systems after ransomware attack
Treasury sanctions North Korean over IT worker malware scheme
The MFA You Trust Is Lying to You – and Here’s How Attackers Exploit It
New ServiceNow flaw lets attackers enumerate restricted data
– MTZ