Lohrman on Security
JUNE 15, 2025
From vibe hacking to malware development to deepfakes, bad actors are discovering more vulnerabilities to attack generative AI tools while also using AI to launch cyber attacks.
The Hacker News
JUNE 15, 2025
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that's capable of harvesting sensitive developer-related information, such as credentials, configuration data, and environment variables, among others.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Adam Shostack
JUNE 16, 2025
We think you should publish your threat model, and we’re publishing our arguments. At ThreatModCon, I gave a talk titled “Publish Your Threat Model!” In it, I discussed work that Loren Kohnfelder and I have been doing to explore the idea, and today I want to share the slides and an essay form of the idea. We invite comments on the essay form, which is the most fleshed out.
Anton on Security
JUNE 16, 2025
Output-driven SIEM — 13 years later Output-driven SIEM! Apart from EDR and SOC visibility triad , this is probably my most known “invention” even though I was very clear that I stole this from the Vigilant crew back in 2011. Anyhow, I asked this question on X the other day: So, what year is this? Let me see … 2025! Anyhow, get a time machine, we are flying to 2012…. whooosh…. … we landed … no dinosaurs in sight so we didn’t screw the time settings.
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Schneier on Security
JUNE 17, 2025
If you’ve worried that AI might take your job, deprive you of your livelihood, or maybe even replace your role in society, it probably feels good to see the latest AI tools fail spectacularly. If AI recommends glue as a pizza topping , then you’re safe for another day. But the fact remains that AI already has definite advantages over even the most skilled humans, and knowing where these advantages arise—and where they don’t—will be key to adapting to the AI-infused
Security Affairs
JUNE 14, 2025
Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions. Palo Alto Networks fixed seven privilege escalation vulnerabilities and integrated the latest Chrome security patches into its products. Palo Alto applied 11 Chrome fixes and patched CVE-2025-4233, a cache vulnerability impacting the Prisma Access Browser.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Security Boulevard
JUNE 15, 2025
From vibe hacking to malware development to deepfakes, bad actors are discovering more vulnerabilities to attack generative AI tools while also using AI to launch cyber attacks. The post Guardrails Breached: The New Reality of GenAI-Driven Attacks appeared first on Security Boulevard.
Trend Micro
JUNE 16, 2025
This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data.
Security Affairs
JUNE 15, 2025
Canada’s airline WestJet has suffered a cyberattack that impactd access to some internal systems and the company app. WestJet is a Canadian airline that operates both domestic and international flights. Founded in 1996, it started as a low-cost carrier and has grown to become Canada’s second-largest airline, after Air Canada. WestJet is investigating a cybersecurity incident impacting some of its internal systems and mobile app, which has blocked access for several users.
Penetration Testing
JUNE 16, 2025
A critical flaw (CVE-2025-49596, CVSS 9.4) in MCP Inspector allows unauthenticated remote code execution, threatening AI application development environments.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Zero Day
JUNE 14, 2025
X Trending Miss out on Nintendo Switch 2 preorders? Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best website builder
The Hacker News
JUNE 17, 2025
The notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. and U.S. retailers has begun to target major insurance companies, according to Google Threat Intelligence Group (GTIG). "Google Threat Intelligence Group is now aware of multiple intrusions in the U.S.
Security Boulevard
JUNE 17, 2025
Vulnerabilities, on their own, don’t mean much. You could be staring at thousands of scanner alerts every week, but unless you know which ones truly matter, you’re just reacting to. The post What Is Vulnerability Prioritization? A No-Fluff Playbook appeared first on Strobes Security. The post What Is Vulnerability Prioritization? A No-Fluff Playbook appeared first on Security Boulevard.
Penetration Testing
JUNE 16, 2025
Zyxel firewalls are under a coordinated attack exploiting critical RCE flaw CVE-2023-28771 (CVSS 9.8) via UDP port 500, likely by Mirai botnets.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Schneier on Security
JUNE 14, 2025
This is a current list of where and when I am scheduled to speak: I’m speaking at the International Conference on Digital Trust, AI and the Future in Edinburgh, Scotland on Tuesday, June 24 at 4:00 PM. The list is maintained on this page.
The Hacker News
JUNE 16, 2025
The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million in cryptocurrency, non-fungible tokens (NFTs), and other digital assets allegedly linked to a global IT worker scheme orchestrated by North Korea. "For years, North Korea has exploited global remote IT contracting and cryptocurrency ecosystems to evade U.S.
WIRED Threat Level
JUNE 16, 2025
The shooter allegedly researched several “people search” sites in an attempt to target his victims, highlighting the potential dangers of widely available personal data.
Penetration Testing
JUNE 16, 2025
Microsoft disabled Windows Hello facial recognition in dark environments on Windows 10/11 due to a security flaw that could allow local spoofing attacks.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Trend Micro
JUNE 15, 2025
The Trend Micro™ Managed Detection and Response team uncovered a threat campaign orchestrated by an active group, Water Curse. The threat actor exploits GitHub, one of the most trusted platforms for open-source software, as a delivery channel for weaponized repositories.
The Hacker News
JUNE 16, 2025
An emerging ransomware strain has been discovered incorporating capabilities to encrypt files as well as permanently erase them, a development that has been described as a "rare dual-threat.
Security Affairs
JUNE 17, 2025
GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP port 500. “Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks.
Penetration Testing
JUNE 16, 2025
Team46 (TaxOff) is exploiting a Google Chrome sandbox escape zero-day (CVE-2025-2783) to deploy the multi-layered Trinper malware via phishing campaigns
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Security Boulevard
JUNE 17, 2025
Researchers with HiddenLayers uncovered a new vulnerability in LLMs called TokenBreak, which could enable an attacker to get around content moderation features in many models simply by adding a few characters to words in a prompt. The post Novel TokenBreak Attack Method Can Bypass LLM Security Features appeared first on Security Boulevard.
The Hacker News
JUNE 17, 2025
Ransomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Today’s ransomware attacks initially target your last line of defense — your backup infrastructure. Before locking up your production environment, cybercriminals go after your backups to cripple your ability to recover, increasing the odds of a ransom payout.
Security Affairs
JUNE 15, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Supply chain attack hits Gluestack NPM packages with 960K weekly downloads Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 Destructive npm Packages Disguised as Utilities Enable Remote System Wipe AMOS Variant Distributed Via Clickfix In Spectrum-Themed Dynamic Delivery Campaign By Russian Speaking Hackers Demystifying Myth Stealer:
Penetration Testing
JUNE 16, 2025
Water Curse is using GitHub to distribute malicious open-source projects, weaponizing 76 accounts with multi-stage malware targeting developers, red teamers, and gamers.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Boulevard
JUNE 15, 2025
An origin server DDoS attack (sometimes referred to as direct-to-origin attack) is a technique used to bypass cloud-based DDoS protections – such as CDNs and WAFs – by targeting the origin server environment directly. Because the malicious traffic avoids the protective proxy layer, it hits the origin server unfiltered, potentially overwhelming systems that are not […] The post Protecting Against Origin Server DDoS Attacks appeared first on Security Boulevard.
The Hacker News
JUNE 17, 2025
Cybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution. Sitecore Experience Platform is an enterprise-oriented software that provides users with tools for content management, digital marketing, and analytics and reports.
Security Affairs
JUNE 17, 2025
Zoomcar disclosed a data breach impacting 8.4M users after attackers compromised its systems and contacted the company staff. Zoomcar is an India-based car-sharing and self-drive car rental company. Zoomcar discovered a data breach impacting 8.4M users after threat actors contacted the internal personnel claiming the compromise of internal systems. The company is investigating the security breach and has determined that the exposed information included names, contacts, and addresses.
Penetration Testing
JUNE 16, 2025
SUSE disclosed flaws in sslh (CVE-2025-46807, CVE-2025-46806) allowing remote DoS attacks via file descriptor exhaustion and unsafe memory access.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
155 
Let's personalize your content