Thu.Jul 03, 2025

article thumbnail

China-linked group Houken hit French organizations using zero-days

Security Affairs

China-linked group Houken hit French govt, telecom, media, finance and transport sectors using Ivanti CSA zero-days, says France’s ANSSI. France’s cyber agency ANSSI revealed that a Chinese hacking group used Ivanti CSA zero-days to target government, telecom, media, finance, and transport sectors. The campaign, active since September 2024, is linked to the Houken intrusion set, which overlaps with UNC5174 (aka Uteus), tracked by Mandiant.

article thumbnail

Critical HIKVISION applyCT Flaw (CVE-2025-34067, CVSS 10.0): Unauthenticated RCE Via Fastjson

Penetration Testing

A critical flaw (CVE-2025-34067, CVSS 10.0) in HIKVISION applyCT allows unauthenticated RCE via Fastjson deserialization, risking surveillance systems. Patch immediately!

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms

The Hacker News

The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices.

article thumbnail

Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited

Penetration Testing

The post Microsoft Edge Alert: Two High-Severity Flaws (CVE-2025-6554, CVE-2025-49713) Allow Remote Code Execution, One Actively Exploited appeared first on Daily CyberSecurity.

article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Surveillance Used by a Drug Cartel

Schneier on Security

Once you build a surveillance system, you can’t control who will use it: A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone records and use Mexico City’s surveillance cameras to help track and kill the agency’s informants in 2018, according to a new US justice department report. The incident was disclosed in a justice department inspector general’s audit of the FBI’s efforts to mitigate the effects of “ubiquitous technical surveillance,” a t

article thumbnail

Apache Under Attack: Critical RCE Flaws in Tomcat & Camel Spark Thousands of Exploit Attempts

Penetration Testing

Palo Alto Networks reveals thousands of exploit attempts targeting RCE flaws in Apache Tomcat (CVE-2025-24813) and Apache Camel (CVE-2025-27636, CVE-2025-29891).

LifeWorks

More Trending

article thumbnail

The Promise and Peril of Digital Security in the Age of Dictatorship

WIRED Threat Level

LGBTIQ+ organizations in El Salvador are using technology to protect themselves and create a record of the country’s ongoing authoritarian escalations against their community. It’s not without risks.

article thumbnail

Critical Lucee Flaw (CVE-2025-34074, CVSS 9.4): Authenticated RCE Via Scheduled Task Abuse, Metasploit Module Out

Penetration Testing

The post Critical Lucee Flaw (CVE-2025-34074, CVSS 9.4): Authenticated RCE Via Scheduled Task Abuse, Metasploit Module Out appeared first on Daily CyberSecurity.

article thumbnail

Drug cartel hacked cameras and phones to spy on FBI and identify witnesses

Malwarebytes

The “El Chapo” Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to identify and kill potential witnesses, the US Department of Justice has said. And seven years on, the Bureau’s defenses against this kind of surveillance are still inadequate. The findings came to light in a June 2025 report from the DoJ’s Inspector General.

Hacking 106
article thumbnail

SCATTERED SPIDER Infiltrates Airlines: Ransomware, vCenter Hijacks, and Voice Phishing Unleashed

Penetration Testing

SCATTERED SPIDER targets U.S. airlines with ransomware, vishing, and VMware exploits—CrowdStrike warns of a rising threat across cloud identities.

article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Catwatchful “child monitoring” app exposes victims’ data

Malwarebytes

If an app markets itself as being for “child monitoring”, a customer might expect that their data and those of the person you’re monitoring is handled with the utmost care and respect. However, as we’ve seen many times before, stalkerware (which is what monitoring software is known as) apps have a tendency to be low quality and lack security. Stalkerware refers to apps and other monitoring software that enable someone to secretly spy on another person’s private life via their mobile device

Mobile 88
article thumbnail

Next.js Flaw (CVE-2025-49826, CVSS 7.5): Cache Poisoning Leads to Denial-of-Service

Penetration Testing

A critical flaw (CVE-2025-49826, CVSS 7.5) in Next.js causes cache poisoning, leading to DoS by serving cached HTTP 204 responses for static pages.

article thumbnail

Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets

The Hacker News

Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users' digital assets at risk.

article thumbnail

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

Penetration Testing

Wiz Research Team uncovers rapid exploitation of exposed JDWP interfaces, deploying XMRig cryptominers in TeamCity and other Java environments within hours of exposure.

Malware 70
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Scattered Spider Attacks US Airlines – The MSP Cyber News Snapshot – July 3rd

Heimadal Security

From courtroom breaches to cockpit infiltration, here’s this week’s Cyber Snapshot. Five critical stories you need on your radar, with safety advice included. We’ve got insider revenge, MFA manipulation, rogue browser extensions, and state-sponsored email theft, all in one rapid-fire rundown. Whether you’re in IT, cybersecurity compliance, or just trying to keep your team one […] The post Scattered Spider Attacks US Airlines – The MSP Cyber News Snapshot – July 3rd appear

article thumbnail

Secure Your Business With Cisco Hybrid Mesh Firewall Solutions

Cisco Security

Skip to content Cisco Blogs / Security / Secure Your Business With Cisco Hybrid Mesh Firewall Solutions July 3, 2025 Leave a Comment Security Secure Your Business With Cisco Hybrid Mesh Firewall Solutions 3 min read Renato Morais Technology is advancing faster than ever, and with it comes new challenges for businesses trying to stay secure. From hybrid cloud setups to remote work and the rise of AI tools, keeping your organization safe isn’t as simple as it used to be.

Firewall 101
article thumbnail

Microsoft, PayPal, DocuSign, and Geek Squad faked in callback phishing scams

Malwarebytes

Microsoft, DocuSign, Adobe, McAfee, NortonLifeLock, PayPal, and Best Buy’s Geek Squad are being impersonated online through malicious emails that contain fake telephone support numbers and dangerous QR codes that can ensnare victims into phishing scams. The brands and their products are frequently relied upon for everyday administration, like sending emails, obtaining signatures, viewing documents, receiving payments, and even getting tech help, emphasizing the threat these phishing campaigns ha

Scams 100
article thumbnail

Apache APISIX Flaw (CVE-2025-46647): Token Issuer Bypass in OpenID Connect Allows Cross-Issuer Access

Penetration Testing

A flaw (CVE-2025-46647) in Apache APISIX's OpenID Connect plugin allows authenticated attackers to bypass token issuer validation and gain unauthorized cross-issuer access.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

The Salesforce Security Wake-Up Call

Centraleyes

Salesforce is facing renewed scrutiny over the security of its Industry Cloud platform after cybersecurity researchers uncovered more than 20 configuration-related weaknesses and five critical vulnerabilities that could expose sensitive business and personal data. The flaws, identified by security firm AppOmni, affect multiple components within Salesforce Industry Cloud, including FlexCards, Data Mappers, Integration Procedures (IProcs), and other low-code development tools widely used across he

article thumbnail

Anthropic MCP Server Flaws: Path Traversal & Symlink Attacks Allow RCE

Penetration Testing

Cymulate reveals two flaws (CVE-2025-53110, CVE-2025-53109) in Anthropic's Filesystem MCP Server, allowing path traversal, symlink attacks, and RCE, exposing AI developer machines.

article thumbnail

How government cyber cuts will affect you and your business

We Live Security

Deep cuts in federal cybersecurity spending risk creating ripple effects that will put many organizations at a higher risk of falling victim to a cyberattack.

article thumbnail

Your Brother printer might have a critical security flaw - how to check and what to do next

Zero Day

X Trending Amazon Prime Day is July 8 - 11: Here's what you need to know Best Prime Day deals overall 2025 Best Sam's Club tech deals 2025 Best Buy Black Friday in July deals 2025 Best Walmart tech deals 2025 Best Prime Day tablet deals 2025 Best Prime Day headphone deals 2025 Best Prime Day laptop deals 2025 Best Prime Day TV deals 2025 Best Prime Day PS5 deals 2025 Best Prime Day gaming deals 2025 Best July 4th tech deals 2025 Best July 4th TV deals 2025 Best remote access software o

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Analysis Surfaces Increased Usage of LLMs to Craft BEC Attacks

Security Boulevard

A Barracuda Networks analysis of unsolicited and malicious emails sent between February 2022 to April 2025 indicates 14% of the business email compromise (BEC) attacks identified were similarly created using a large language model (LLM). The post Analysis Surfaces Increased Usage of LLMs to Craft BEC Attacks appeared first on Security Boulevard.

article thumbnail

Europol shuts down Archetyp Market, longest-running dark web drug marketplace

Security Affairs

Europol shuts down Archetyp Market, longest-running dark web drug site, the police arrested the admin in Spain, top vendors hit in Sweden. An international law enforcement operation led by German authorities has shut down Archetyp Market, the longest-running dark web drug marketplace, in a coordinated operation across six countries with support from Europol and Eurojust.

article thumbnail

AI-Generated Phishing Sites Mimic Okta, Microsoft 365 in New Threat Campaign

Tech Republic Security

Threat actors are exploiting Vercel's AI tool to generate convincing phishing pages. Read Vercel’s response and Okta’s tips for keeping your organization secure.

Phishing 112
article thumbnail

We Are Losing the Scan/Patch Battle

Security Boulevard

There is no question that vulnerability scanning and patch management remain necessary, but they are clearly no longer sufficient The post We Are Losing the Scan/Patch Battle appeared first on Security Boulevard.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

PHP Flaws: CVE-2025-1735 (SQLi/Crash) & CVE-2025-6491 (SOAP DoS) Threaten PHP Apps

Penetration Testing

PHP patches two flaws: CVE-2025-1735 allows SQL injection/crashes in pgsql, and CVE-2025-6491 enables DoS in SOAP via oversized XML. Update immediately!

article thumbnail

Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach

Security Affairs

Resecurity found a breach in Brazil’s CIEE One platform, exposing PII and documents, later sold by data broker “888” on the dark web. Resecurity identified a data breach of one of the major platforms in Brazil connecting businesses and trainees called CIEE One – leading to the compromise of sensitive PII, including ID records, contact information, medical reports, scans of documents, and other related data.

article thumbnail

Stealthy WordPress Malware Uncovered: SEO Spam Plugin Mimics Your Domain to Evade Detection

Penetration Testing

Sucuri uncovers a stealthy WordPress malware plugin that mimics your domain to inject SEO spam for bots while remaining invisible to users, evading detection.

Malware 83
article thumbnail

CBP Wants New Tech to Search for Hidden Data on Seized Phones

WIRED Threat Level

Skip to main content Menu SECURITY POLITICS THE BIG STORY BUSINESS SCIENCE CULTURE REVIEWS Menu Account Account Newsletters Security Politics The Big Story Business Science Culture Reviews Chevron More Expand The Big Interview Magazine Steven Levy’s Plaintext Column Events WIRED Insider WIRED Consulting Newsletters Podcasts Video Merch Search Search Sign In Sign In By Caroline Haskins Security Jul 3, 2025 1:19 PM CBP Wants New Tech to Search for Hidden Data on Seized Phones Customs and Border Pr

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!