Russian APT ‘Gamaredon’ Hits Ukraine With Fierce Phishing – Dark Reading
A Russian APT known as “Gamaredon” is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine. – Read More
July 2025
ClickFix Spin-off Attack Bypasses Key Browser Safeguards – Dark Reading
A new threat vector exploits how modern browsers save HTML files, bypassing Mark of the Web and giving attackers another social-engineering attack for delivering malware. – Read More
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign – The Hacker News
Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics.…
Sixfold surge of ClickFix attacks threatens corporate defenses – CSO Online
Incidents of ClickFix — the social engineering attack technique that tricks users into executing malicious code — are skyrocketing. ClickFix attacks typically involve displaying a fake error or counterfeit CAPTCHA…
1 Year Later: Lessons Learned From the CrowdStrike Outage – Dark Reading
The ever-growing volume of vulnerabilities and threats requires organizations to remain resilient and anti-fragile — that is, to be able to proactively respond to issues and continuously improve. – Read…
Auf der Suche nach Alternativen zum CVE-Programm – CSO Online
Sollte das CVE-Programm eingestellt werden, wäre die Bewertung und Behebung von Sicherheitslücken schwieriger. Dave Hoeek – shutterstock.com Der jüngste kurze Panikausbruch wegen der möglichen Einstellung des Common Vulnerabilities and Exposures…
FileFix Attack Chain Enables Malicious Script Execution – Dark Reading
By using social engineering tactics, threat actors are able to manipulate their victims into saving and renaming files that will backfire against them. – Read More
Second espionage-linked cyberattack hits ICC, exposing persistent threats to global justice systems – CSO Online
The International Criminal Court (ICC) has fallen victim to another sophisticated cyberattack, the second major cyber espionage attempt targeting the war crimes tribunal in just two years. The latest incident…
Critical RCE flaw in Anthropic’s MCP inspector exposes developer machines to remote attacks – CSO Online
A critical remote code execution (RCE) bug in Anthropic’s Model Context Protocol (MCP) inspector tool could allow attackers to run arbitrary commands on developer machines when they visit a malicious…
Securing the next wave of workload identities in the cloud – CSO Online
It was a moment of realization for our mid-size law team. As we were constructing a new cloud-native analytics pipeline that spanned our private data center and public clouds, we…
Part 2: Legal Sector Embraces AI – But Slowly and Unevenly – Law Gazette – Features
Next steps and critical considerations for the road ahead (sponsored content). – Read More
That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat – The Hacker News
With nearly 80% of cyber threats now mimicking legitimate user behavior, how are top SOCs determining what’s legitimate traffic and what is potentially dangerous? Where do you turn when firewalls…
Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns – The Hacker News
Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone numbers operated by threat actors. “A significant portion of email threats with…
PE-backed serious injury law firm unveils major acquisition – Legal Futures
Private-equity backed Fletchers Group has acquired the 80-strong serious injury practice of national firm Shoosmiths, adding three new offices in the process. The post PE-backed serious injury law firm unveils…
Scattered Spider shifts focus to airlines as strikes hit Hawaiian, WestJet — and now Qantas – CSO Online
A data breach at Qantas via a third-party service is typical of the Scattered Spider attack group, experts say. “Qantas’ cyber breach bears the hallmarks of Scattered Spider, the same…