ICYMI: 2025-07-29
Latest Headlines
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims
Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks
Why React Didn’t Kill XSS: The New JavaScript Injection Playbook
CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation
Age Verification Laws Send VPN Use Soaring—and Threaten the Open Internet
Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment
Seal Security Raises $13 Million to Secure Software Supply Chain
Order out of Chaos – Using Chaos Theory Encryption to Protect OT and IoT
Sploitlight: macOS Vulnerability Leaks Sensitive Information
Fable Security Raises $31 Million for Human Risk Management Platform
ArmouryLoader Bypassing System Security Protections and Inject Malicious Codes
Want To Detect Incidents Before It’s Too Late? You Need Threat Intelligence
Orange Hit by Cyberattack – A French Telecom Giant’s Internal Systems Hacked
Chinese Hackers Weaponizes Software Vulnerabilities to Compromise Their Targets
Microsoft Teams New Meeting Join Bar Reminds You to Join Meeting On-time
Critical CodeIgniter Vulnerability Exposes Million of Webapps to File Upload Attacks
SonicWall SMA100 Series N-day Vulnerabilities Technical Details Revealed
UNC3886 Actors Know for Exploiting 0-Days Attacking Singapore’s Critical Infrastructure
PyPI Warns of New Phishing Attack Targeting Developers With Fake PyPI Site
Gemini CLI Vulnerability Allows Hackers to Execute Malicious Commands on Developer Systems
Minnesota activates National Guard after St. Paul cyberattack
Russian airline Aeroflot grounds dozens of flights after cyberattack
Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware
Microsoft Edge now an ‘AI-powered browser’ with Copilot Mode
FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation
How attackers are still phishing “phishing-resistant” authentication
– MTZ