Victoria’s Secret Delays Earnings Call Due to Cyber Incident – Dark Reading
But that didn’t stop the clothing retailer from issuing preliminary results for the first quarter of 2025. – Read More
June 2025
Google patches third zero-day flaw in Chrome this year – CSO Online
The Google Chrome team issued an update to fix a high-severity vulnerability that is being actively exploited in the wild. The issue was also mitigated by a configuration change pushed…
Chrome Drops Trust for Chunghwa, Netlock Certificates – Dark Reading
Digital certificates authorized by the authorities will no longer have trust by default in the browser starting in August, over what Google said is a loss of integrity in actions…
Chrome Drops Trust for Chunghwa, Netlock Certificates – Dark Reading
Digital certificates authorized by the authorities will no longer have trust by default in the browser starting in August, over what Google said is a loss of integrity in actions…
LummaC2 Fractures as Acreed Malware Becomes Top Dog – Dark Reading
LummaC2 formerly accounted for almost 92% of Russian Market’s credential theft log alerts. Now, the Acreed infostealer has replaced its market share. – Read More
Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack – The Hacker News
Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on their machines and infect them with the NetSupport…
Is Your CISO Navigating Your Flight Path? – Dark Reading
If your CISO isn’t wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed. – Read More
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code – The Hacker News
Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube webmail software that has gone unnoticed for a decade and could be exploited to take over susceptible…
One hacker, many names: Industry collaboration aims to fix cyber threat label chaos – CSO Online
When the same Russian hacking group goes by Midnight Blizzard, Cozy Bear, APT29, or UNC2452, depending on which security vendor is tracking them, you know there’s a problem. Microsoft and…
Creating the right organisational culture for cyber security – NCSC Blog
Calling cyber security professionals, culture specialists and leaders to drive uptake of new Cyber security culture principles. – Read More
Cisco Wireless LAN Controllers under threat again after critical exploit details go public – CSO Online
The heat is back on Wireless LAN Controllers (WLCs) running Cisco IOS XE after technical details of a recently disclosed max-severity exploit were made public. A patch diffing performed by…
Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization – The Hacker News
In the wake of high-profile attacks on UK retailers Marks & Spencer and Co-op, Scattered Spider has been all over the media, with coverage spilling over into the mainstream news…
The high cost of misconfigured DevOps tools: Global cryptojacking hits enterprises – CSO Online
A massive ongoing cryptojacking operation is actively exploiting misconfigured DevOps tools, including Nomad, Consul, Docker, and Gitea, to hijack computing power for cryptocurrency mining, Wiz Threat Research revealed. Dubbed Jinx-0132…
Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets – The Hacker News
A growing number of malicious campaigns have leveraged a recently discovered Android banking trojan called Crocodilus to target users in Europe and South America. The malware, according to a new…
53% of cyber department leaders eyeing the exit – CSO Online
Security department heads — those directly reporting to the CISO — are decidedly looking to leave their posts. But various factors, including a weak economy, are delaying their exoduses, which…