Latest Cybersecurity News and Articles
New PHP-Based Interlock RAT Variant Uses FileFix Delivery Mechanism to Target Multiple Industries
14 July 2025
Threat actors behind the Interlock ransomware group have unleashed a new PHP variant of its bespoke remote access trojan (RAT) as part of a widespread campaign using a variant of ClickFix called FileFix.
"Since May 2025, activity related to the Interlock RAT has been observed in connection with the LandUpdate808 (aka KongTuke) web-inject threat clusters," The DFIR Report said in a technical
Nearly 250,000 Records From Tax Credit Consulting Agency Exposed
14 July 2025
Research has uncovered an unencrypted, non-password-protected database containing 245,949 records.
Train Hack Gets Proper Attention After 20 Years: Researcher
14 July 2025
A vulnerability affecting systems named End-of-Train and Head-of-Train can be exploited by hackers to cause trains to brake.
The post Train Hack Gets Proper Attention After 20 Years: Researcher appeared first on SecurityWeek.
CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA
14 July 2025
CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog.
The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek.
Google Gemini Tricked Into Showing Phishing Message Hidden in Email
14 July 2025
Google Gemini for Workspace can be tricked into displaying a phishing message when asked to summarize an email.
The post Google Gemini Tricked Into Showing Phishing Message Hidden in Email appeared first on SecurityWeek.
4 Critical, Known Exploited Vulnerabilities Added to KEV Catalog
14 July 2025
CISA added 4 new vulnerabilities to the Known Exploited Vulnerabilities (KEV) Catalogue, citing evidence of active exploitation.
⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
14 July 2025
In cybersecurity, precision matters—and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gap between compliance and real security.
For anyone responsible
New Interlock RAT Variant Distributed via FileFix Attacks
14 July 2025
The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks.
The post New Interlock RAT Variant Distributed via FileFix Attacks appeared first on SecurityWeek.
Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment
14 July 2025
Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase.
The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on SecurityWeek.
Louis Vuitton Data Breach Hits Customers in Several Countries
14 July 2025
Louis Vuitton customers in the UK, South Korea, Turkey and possibly other countries are being notified of a data breach.
The post Louis Vuitton Data Breach Hits Customers in Several Countries appeared first on SecurityWeek.
Hackers Inject Malware Into Gravity Forms WordPress Plugin
14 July 2025
Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack.
The post Hackers Inject Malware Into Gravity Forms WordPress Plugin appeared first on SecurityWeek.
CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center
14 July 2025
India's Central Bureau of Investigation (CBI) has announced that it has taken steps to dismantle what it said was a transnational cybercrime syndicate that carried out "sophisticated" tech support scams targeting citizens of Australia and the United Kingdom.
The fraudulent scheme is estimated to have led to losses worth more than £390,000 ($525,000) in the United Kingdom alone.
The law
eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
14 July 2025
Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks.
The issues impact the Kigen eUICC card. According to the Irish company's website, more than two billion SIMs in IoT devices have been enabled as of December 2020.
The findings come from Security Explorations, a research lab
Thirteen Romanians Arrested for Phishing the UK’s Tax Service
13 July 2025
Investigators from HMRC joined more than 100 Romanian police officers to arrest the 13 Romanian suspects in the counties of Ilfov, Giurgiu and Calarasi.
The post Thirteen Romanians Arrested for Phishing the UK’s Tax Service appeared first on SecurityWeek.
GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs
12 July 2025
NVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units (GPUs).
"Risk of successful exploitation from RowHammer attacks varies based on DRAM device, platform, design specification, and system settings," the GPU maker said in an advisory released this week.
Dubbed
Grok-4 Falls to a Jailbreak Two days After Its Release
12 July 2025
The latest release of the xAI LLM, Grok-4, has already fallen to a sophisticated jailbreak.
The post Grok-4 Falls to a Jailbreak Two days After Its Release appeared first on SecurityWeek.
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
12 July 2025
Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of applications.
"Laravel's APP_KEY, essential for encrypting sensitive data, is often leaked publicly (e.g., on GitHub)," GitGuardian said. "If attackers get access to this key, they can exploit a deserialization flaw to
Sudo Vulnerability Discovered, May Exposes Linux Systems
11 July 2025
Sudo, the privileged command-line tool often installed on Linux systems, has two local privilege vulnerabilities.
‘Hacking is assumed now’: experts raise the alarm about added risk of surveillance cameras in childcare centres
11 July 2025
As governments consider mandatory CCTV in early education, one big provider with cameras already installed is yet to formalise guidelines for how the footage will be stored and usedGet our breaking news email, free app or daily news podcastIn the wake of horrifying reports last week alleging that eight children had been sexually abused by a worker in a Melbourne childcare centre, politicians and providers have scrambled to offer a response.One option emerged from the fray as something concrete and immediate: the installation of CCTV cameras in childcare centres.Sign up for Guardian Australia’s breaking news email Continue reading...
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
11 July 2025
Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances.
Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0.
"An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in