Lady Chief Justice urges more protection for judges – Legal Futures
The Lady Chief Justice last night called for more action to protect judges from “threats and intimidation” both online and in real life. The post Lady Chief Justice urges more…
July 2025
Qantas Airlines Breached, Impacting 6M Customers – Dark Reading
Passengers’ personal information was likely accessed via a third-party platform used at a call center, but didn’t include passport or credit card info. – Read More
Browser Extensions Pose Heightened, but Manageable, Security Risks – Dark Reading
Attackers can abuse malicious extensions to access critical data, including credentials, but organizations can reduce the risks by raising awareness and enforcing strict policy controls. – Read More
North Korean crypto thieves deploy custom Mac backdoor – CSO Online
North Korean threat actors are targeting companies from the Web3 and crypto industries with a backdoor designed for macOS written in niche programming language Nim. The attackers are also using…
Initial Access Broker Self-Patches Zero Days as Turf Control – Dark Reading
A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to…
US Treasury Sanctions BPH Provider Aeza Group – Dark Reading
In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer. – Read More
AI Tackles Binary Code Challenges to Fortify Supply Chain Security – Dark Reading
Analyzing binary code helps vendors and organizations detect security threats and zero-day vulnerabilities in the software supply chain, but it doesn’t come without challenges. It looks like AI has come…
Russian APT ‘Gamaredon’ Hits Ukraine With Fierce Phishing – Dark Reading
A Russian APT known as “Gamaredon” is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine. – Read More
ClickFix Spin-off Attack Bypasses Key Browser Safeguards – Dark Reading
A new threat vector exploits how modern browsers save HTML files, bypassing Mark of the Web and giving attackers another social-engineering attack for delivering malware. – Read More
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign – The Hacker News
Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics.…
Sixfold surge of ClickFix attacks threatens corporate defenses – CSO Online
Incidents of ClickFix — the social engineering attack technique that tricks users into executing malicious code — are skyrocketing. ClickFix attacks typically involve displaying a fake error or counterfeit CAPTCHA…
1 Year Later: Lessons Learned From the CrowdStrike Outage – Dark Reading
The ever-growing volume of vulnerabilities and threats requires organizations to remain resilient and anti-fragile — that is, to be able to proactively respond to issues and continuously improve. – Read…
Auf der Suche nach Alternativen zum CVE-Programm – CSO Online
Sollte das CVE-Programm eingestellt werden, wäre die Bewertung und Behebung von Sicherheitslücken schwieriger. Dave Hoeek – shutterstock.com Der jüngste kurze Panikausbruch wegen der möglichen Einstellung des Common Vulnerabilities and Exposures…
FileFix Attack Chain Enables Malicious Script Execution – Dark Reading
By using social engineering tactics, threat actors are able to manipulate their victims into saving and renaming files that will backfire against them. – Read More
Second espionage-linked cyberattack hits ICC, exposing persistent threats to global justice systems – CSO Online
The International Criminal Court (ICC) has fallen victim to another sophisticated cyberattack, the second major cyber espionage attempt targeting the war crimes tribunal in just two years. The latest incident…