Latest Cybersecurity News and Articles
27 June 2025
Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups.
The Operational Relay Box (ORB) network has been codenamed LapDogs by SecurityScorecard's STRIKE team.
"The LapDogs network has a high concentration of victims
27 June 2025
Noteworthy stories that might have slipped under the radar: Norwegian dam hacked, AT&T agrees to $177 million data breach settlement, Whole Foods distributor restores systems after attack.
The post In Other News: Norway Dam Hacked, $177M Data Breach Settlement, UNFI Attack Update appeared first on SecurityWeek.
27 June 2025
A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community.
The spear-phishing attacks leveraged topics related to Tibet, such as the 9th World Parliamentarians' Convention on Tibet (WPCT), China's education policy in the Tibet Autonomous Region (TAR), and a recently published book by the 14th Dalai Lama,
27 June 2025
The Trump Administration is moving to collect data retained by the states, leading some privacy experts to express concern.
27 June 2025
Microsoft is preparing a private preview of new Windows endpoint security platform capabilities to help antimalware vendors create solutions that run outside the kernel.
The post Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage appeared first on SecurityWeek.
27 June 2025
Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected to reduce risk and deliver results without relying on larger teams or increased spending.
At the same time, SOC inefficiencies are draining resources. Studies show that up to half of all
27 June 2025
A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit.
The activity has been attributed with medium confidence to a Chinese hacking group called Silver Fox (aka Void Arachne), citing similarities in tradecraft with previous campaigns attributed to the threat actor.
27 June 2025
RevEng.ai has raised $4.15 million in seed funding for an AI platform that automatically detects malicious code and vulnerabilities in software.
The post RevEng.ai Raises $4.15 Million to Secure Software Supply Chain appeared first on SecurityWeek.
27 June 2025
China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit.
The post Chinese Hackers Target Chinese Users With RAT, Rootkit appeared first on SecurityWeek.
27 June 2025
The Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild for initial access.
The post Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability appeared first on SecurityWeek.
27 June 2025
A vulnerability in the extension publishing mechanism of Open VSX could have allowed attackers to tamper with any repository.
The post Vulnerability Exposed All Open VSX Repositories to Takeover appeared first on SecurityWeek.
27 June 2025
Hackers are abusing the Microsoft 365 Direct Send feature to deliver phishing emails that bypass email security controls.
The post Microsoft 365 Direct Send Abused for Phishing appeared first on SecurityWeek.
27 June 2025
Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems.MOVEit Transfer is a popular managed file transfer solution used by businesses and government agencies to share sensitive data
27 June 2025
Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors.
"The campaign exhibits characteristics aligned with Chinese-affiliated threat actors, though attribution remains cautious," Trellix researchers Nico Paulo
26 June 2025
Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry ("open-vsx[.]org") that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk.
"This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control
26 June 2025
The proposal seeks to ban all use of the technology in the U.S. government, with exceptions for use in research and counterterrorism efforts.
The post Bipartisan Bill Aims to Block Chinese AI From Federal Agencies appeared first on SecurityWeek.
26 June 2025
WhatsApp is banned from U.S. House of Representatives devices.
26 June 2025
Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker to execute arbitrary commands as the root user.
The vulnerabilities, assigned the CVE identifiers CVE-2025-20281 and CVE-2025-20282, carry a CVSS score of 10.0 each. A description of the defects is
26 June 2025
The ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of 2024 and the first half of this year, according to data from ESET.
"The list of threats that ClickFix attacks lead to is growing by the day, including infostealers, ransomware, remote access trojans, cryptominers, post-exploitation tools, and even
26 June 2025
Nicholas Michael Kloster has pleaded guilty to computer hacking after targeting at least two organizations.
The post Man Who Hacked Organizations to Advertise Security Services Pleads Guilty appeared first on SecurityWeek.