Ransomware Actors Pile on ‘ToolShell’ SharePoint Bugs – Dark Reading
Storm-2603, a China-based threat actor, is targeting SharePoint customers in an ongoing ransomware campaign. – Read More
2025
Phishers Target Aviation Execs to Scam Customers – Krebs on Security
KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. An…
Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems – The Hacker News
Mitel has released security updates to address a critical security flaw in MiVoice MX-ONE that could allow an attacker to bypass authentication protections. “An authentication bypass vulnerability has been identified…
Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments – The Hacker News
Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign. The activity, observed this year, is primarily designed…
CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing – The Hacker News
Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans (RATs).…
Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices – The Hacker News
Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote code execution.…
HSF sees revenue and profit rise in final year before Kramer merger – Legal Cheek
PEP climbs to £1.4 million Herbert Smith Freehills (HSF) has reported solid financial results for the year prior to its summer merger with US outfit Kramer Levin. The firm, which…
Translating Cyber-Risk for the Boardroom – Dark Reading
When security leaders embrace this truth and learn to speak in the language of leadership, they don’t just protect the enterprise, they help lead it forward. – Read More
Joint advisory highlights Microsoft Exchange and Fortinet vulnerabilities – NCSC News
A joint advisory with international partners highlights an Iranian APT exploiting Microsoft Exchange and Fortinet vulnerabilities – Read More
Watch This Webinar to Uncover Hidden Flaws in Login, AI, and Digital Trust — and Fix Them – The Hacker News
Is Managing Customer Logins and Data Giving You Headaches? You’re Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let’s be honest, we’re also more careful…
Microsoft’s incomplete SharePoint patch led to global exploits by China-linked hackers – CSO Online
A July 8 patch for the SharePoint Server zero-day flaw, which resulted in a global attack on nearly 100 organizations over the weekend starting July 18, had failed to fully…
Pentests once a year? Nope. It’s time to build an offensive SOC – The Hacker News
You wouldn’t run your blue team once a year, so why accept this substandard schedule for your offensive side? Your cybersecurity teams are under intense pressure to be proactive and…
China-Based APTs Deploy Fake Dalai Lama Apps to Spy on Tibetan Community – The Hacker News
The Tibetan community has been targeted by a China-nexus cyber espionage group as part of two campaigns conducted last month ahead of the Dalai Lama’s 90th birthday on July 6,…
Hacker inserts destructive code in Amazon Q tool as update goes live – CSO Online
A hacker managed to insert destructive system commands into Amazon’s Visual Studio Code extension used for accessing its AI-powered coding assistant, Q, which was later distributed to users through an…
Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems – The Hacker News
Microsoft has revealed that one of the threat actors behind the active exploitation of SharePoint flaws is deploying Warlock ransomware on targeted systems. The tech giant, in an update shared…