Trending Threats
Real-time analysis of emerging cybersecurity threats and attack patterns
CVE-2025-48795: Apache CXF: Denial of Service and sensitive data exposure in logs
OSS Security
oss-secmailing list archives CVE-2025-48795: Apache CXF: Denial of Service and sensitive data exposure in logs Current thread: CVE-2025-48795: Apache CXF: Denial of Service and sensitive data exposure in logsColm O hEigeartaigh (Jul 15)
Ex-US soldier who Googled 'can hacking be treason' pleads guilty to extortion
The Register Security
Cyber-crime Ex-US soldier who Googled 'can hacking be treason' pleads guilty to extortion File this one under what not to if you've committed a crime A former US Army soldier, who reportedly hacked AT&T, bragged accessing President Donald Trump's call logs, and then Googled "can hacking be treason," and "US military personnel defecting to Russia," pleaded guilty to conspiring to break into telecom firms' databases and extort at least $1 million. Cameron John Wagenius, 21, who used the nickname "
DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total Developing +1
Cluster: DDoS - Ransomware - DDoS Attack
Cloudflare on Tuesday published its DDoS threat report for the second quarter of 2025, and the company says the number of attacks it blocked in the first half of the year already exceeds all the attacks mitigated in 2024.In 2024, Cloudflare blocked a total of 21.3 million HTTP and Layer 3/4 DDoS attacks. In the first half of 2025, it has already mitigated 27.8 million attacks. More than 20 million of them were seen in Q1, when an 18-day campaign pummelled the company’s own infrastructure as...
Trump Lifts Nvidia Chip Restrictions to China, Raising Concerns
Data Breach Today UK
Artificial Intelligence & Machine Learning,Government,Industry Specific Trump Lifts Nvidia Chip Restrictions to China, Raising Concerns Credit Eligible Get Permission President Donald Trump's reported move to lift federal restrictions on selling some of Nvidia's advanced artificial intelligence semiconductor chips to China could undercut the United States' lead in the global AI race, analysts warned Tuesday. See Also:Compliance Team Guide for Evasion Prevention & Sanction Exposure Detection The
Trump Announces Pennsylvania Will Receive $90B+ in AI and Energy Investments
TechRepublic Security
Tech companies and investors will devote more than $90 billion to AI and energy infrastructure investments in Pennsylvania, President Donald Trump and Sen. Dave McCormick (R-Pa.) announced today at the Pennsylvania Energy and Innovation Summit held in Pittsburgh. “Remaining the world’s leader in AI will require an enormous increase in energy production, and that’s taking place,” Trump said. The recurring theme at the panels was that American dominance in AI – in particular in opposition to China
North Korean XORIndex malware hidden in 67 malicious npm packages
BleepingComputer
North Korean XORIndex malware hidden in 67 malicious npm packages Bill Toulas July 15, 2025 01:47 PM 0 North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. The packages collectively count more than 17,000 downloads and were discovered by researchers at package security platform Socket, who assess them to be part of the continued Contagious Interview operation. Socket rese
North Korean XORIndex malware hidden in 67 malicious npm packages Developing +1
Cluster: APT41 - WageMole - DDoS
North Korean XORIndex malware hidden in 67 malicious npm packages Bill Toulas July 15, 2025 01:47 PM 0 North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. The packages collectively count more than 17,000 downloads and were discovered by researchers at package security platform Socket, who assess them to be part of the continued Contagious Interview operation. Socket...
Risk management, legacy tech pose major threats to healthcare firms, report finds Developing +1
Cluster: Ransomware - Microsoft - Google
Risk management, legacy tech pose major threats to healthcare firms, report finds Companies have improved their recovery processes and user controls but still lag in risk preparedness, according to the report. Dive Brief: More than nine in 10 healthcare organizations experienced a cyberattack last year, and those attacks disrupted patient care at seven in 10 organizations, according toa reportreleased Tuesday by managed security services provider Fortified Health Security. Fortified’s report...
Ransomware Gangs Actively Expanding to Attack VMware and Linux Systems
Cluster: DoS - DDoS - Ransomware
The cybersecurity landscape has experienced a dramatic shift as ransomware operators increasingly target Linux and VMware environments, abandoning their traditional focus on Windows systems. Recent threat intelligence indicates that criminal groups are developing sophisticated, Linux-native ransomware specifically engineered to exploit the unique vulnerabilities of enterprise virtualization platforms and cloud infrastructures. This strategic pivot represents a fundamental evolution in...
Windows KB5064489 emergency update fixes Azure VM launch issues
BleepingComputer
Windows KB5064489 emergency update fixes Azure VM launch issues Lawrence Abrams July 15, 2025 02:47 PM 1 Microsoft has released an emergency update to fix a bug that prevents Azure virtual machines from launching when the Trusted Launch setting is disabled and Virtualization-Based Security (VBS) is enabled. The bug impacted Windows Server 2025 and Windows 11 24H2 and was introduced during theJuly Patch Tuesday security updates. "This update addresses an issue that prevented some virtual machines
Police disrupt “Diskstation” ransomware gang attacking NAS devices
BleepingComputer
Police disrupt “Diskstation” ransomware gang attacking NAS devices Bill Toulas July 15, 2025 12:53 PM 0 An international law enforcement action dismantled a Romanian ransomware gang known as 'Diskstation,' which encrypted the systems of several companies in the Lombardy region, paralyzing their businesses. The law enforcement operation codenamed 'Operation Elicius' was coordinated by Europol and also involved police forces in France and Romania. Diskstation is a ransomware operation that targets
Virtual Event Preview: Cloud & Data Security Summit 2025 – Tackling Exposed Attack Surfaces in the Cloud
SecurityWeek
Virtual Event | Wednesday, June 16, 2025–RegisterAs organizations double down on digital transformation and cloud-first strategies, securing dynamic and complex cloud environments has become one of the foremost challenges in modern cybersecurity. SecurityWeek’sCloud & Data Summitreturns this year with renewed urgency and a deliberate focus on one of today’s most critical concerns: exposed attack surfaces and weaknesses in public cloud infrastructure.This free, online event brings together leadin
GLOBAL GROUP RaaS Operators Enable AI-powered Negotiation Functionality
Cluster: DDoS - DoS - Ransomware
A sophisticated new ransomware-as-a-service operation has emerged with advanced AI-powered negotiation capabilities and mobile management features, targeting organizations across healthcare, automotive, and industrial sectors. GLOBAL GROUP, operated by threat actor “$$$”, has claimed 17 victims across multiple countries since its June 2025 launch, demonstrating rapid operational scaling through automated systems and strategic partnerships with Initial Access Brokers. AI-Powered Negotiation...
Ransomware Gangs Actively Expanding to Attack VMware and Linux Systems
Cybersecurity News
The cybersecurity landscape has experienced a dramatic shift as ransomware operators increasingly target Linux and VMware environments, abandoning their traditional focus on Windows systems. Recent threat intelligence indicates that criminal groups are developing sophisticated, Linux-native ransomware specifically engineered to exploit the unique vulnerabilities of enterprise virtualization platforms and cloud infrastructures. This strategic pivot represents a fundamental evolution in ransomware
NCSC Urges Organizations to Upgrade Microsoft Windows 11 to Defend Cyberattacks Developing +1
Cluster: Sea Turtle - RCE - Zero-Day
The National Cyber Security Centre (NCSC) has issued a critical advisory urging organizations to prioritize upgrading to Windows 11 before the October 14, 2025 end-of-life deadline for Windows 10. This recommendation comes amid growing concerns the cybersecurity implications of maintaining legacy operating systems, particularly as cyber criminals increasingly target outdated infrastructure for exploitation. The urgency of this migration stems from the fundamentalsecurity risksassociated with...
Virtual Event Preview: Cloud & Data Security Summit 2025 – Tackling Exposed Attack Surfaces in the Cloud Developing +5
Cluster: APT41 - Phishing - Intel
Virtual Event | Wednesday, June 16, 2025–RegisterAs organizations double down on digital transformation and cloud-first strategies, securing dynamic and complex cloud environments has become one of the foremost challenges in modern cybersecurity. SecurityWeek’sCloud & Data Summitreturns this year with renewed urgency and a deliberate focus on one of today’s most critical concerns: exposed attack surfaces and weaknesses in public cloud infrastructure.This free, online event brings together...
AsyncRAT seeds family of more than 30 remote access trojans Developing +1
Cluster: DDoS - DoS - Ransomware
AsyncRAT, the most prevalent remote access trojan observed in the wild, hasspawned more than 30 forks and variantsthat increase the impact of the open-source malware, making it a popular and sometimes disguised tool of choice for cybercriminals, ESET researchers said in a report released Tuesday. The open source remote access tool, which was first released on GitHub in 2019, shows up consistently in cyberattacks, most commonly distributed through spam campaigns, phishing and malicious ads,...
Oracle July 2025 Critical Patch Update Addresses 165 CVEs
Tenable Cyber Exposure Alerts
Oracle July 2025 Critical Patch Update Addresses 165 CVEs Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates. Background On July 15, Oracle released itsCritical Patch Update (CPU) for July 2025, the third quarterly update of the year. This CPU contains fixes for 165 unique CVEs in 309 security updates across 28 Oracle product families. Out of the 309 security updates published this quarter, 2.9% of patches were assigned a critical se
DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total
SecurityWeek
Cloudflare on Tuesday published its DDoS threat report for the second quarter of 2025, and the company says the number of attacks it blocked in the first half of the year already exceeds all the attacks mitigated in 2024.In 2024, Cloudflare blocked a total of 21.3 million HTTP and Layer 3/4 DDoS attacks. In the first half of 2025, it has already mitigated 27.8 million attacks. More than 20 million of them were seen in Q1, when an 18-day campaign pummelled the company’s own infrastructure as well
CISA Releases Six Industrial Control Systems Advisories Developing +1
Cluster: Siemens - ICS - Industrial Control Systems
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on July 15, 2025. These advisories provide timely information current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-196-01Hitachi Energy Asset Suite ICSA-25-196-02ABB RMC-100 ICSA-25-196-03LITEON IC48A and IC80A EV Chargers ICSA-25-037-02Schneider Electric EcoStruxure (Update B) ICSA-25-140-08Schneider Electric Modicon Controllers (Update...
MITRE Launches AADAPT Framework to Counter Real-World Attacks on Digital Asset Systems
Cluster: QuantumLocker - Privilege Escalation - RCE
MITRE Launches AADAPT Framework to Counter Real-World Attacks on Digital Asset Systems The MITRE Corporation has unveiled its comprehensive AADAPT™ framework (Adversarial Actions in Digital Asset Payment Technologies), a specialized knowledge base designed to catalog and counter sophisticated attacks targeting digital asset management systems, cryptocurrency exchanges, and blockchain infrastructure. The framework represents a significant advancement in cybersecurity defense for the rapidly...
North Korean Hackers Using Fake Zoom Invites to Attack Crypto Startups
Cybersecurity News
North Korean threat actors have escalated their sophisticated cyber operations against cryptocurrency startups, deploying an evolved malware campaign that leverages fraudulent Zoom meeting invitations to infiltrate target organizations. The campaign, which has been active for over a year, specifically targets individuals and businesses operating within the Web3, cryptocurrency, and blockchain sectors through carefully orchestrated social engineering attacks. The attack methodology remains consis
Ransomware Attack on Albemarle County Exposes Residents’ Personal Information
GB Hackers
Ransomware Attack on Albemarle County Exposes Residents’ Personal Information Albemarle County, Virginia, discovered irregularities in its IT infrastructure under a sophisticated ransomware attack. The breach was quickly recognized by cybersecurity experts as a ransomware deployment, a type of malware that encrypts data and demands payment to decrypt it. This type of malware is frequently used in conjunction with data exfiltration for extortion. Despite robust defenses including endpoint detecti
Risk management, legacy tech pose major threats to healthcare firms, report finds
Cybersecurity Dive
Risk management, legacy tech pose major threats to healthcare firms, report finds Companies have improved their recovery processes and user controls but still lag in risk preparedness, according to the report. Dive Brief: More than nine in 10 healthcare organizations experienced a cyberattack last year, and those attacks disrupted patient care at seven in 10 organizations, according toa reportreleased Tuesday by managed security services provider Fortified Health Security. Fortified’s report lis
Data Breach at Debt Settlement Firm Impacts 160,000 People
SecurityWeek
Pennsylvania-based debt settlement company Level Finance Partners (dba Century Support Services) has disclosed a data breach impacting a significant number of individuals.The company has started sending out data security incident notifications informing impacted individuals that its systems were hacked in November 2024.An investigation launched in response to the cyberattack revealed in late May that the files potentially accessed or taken by the hackers stored personal information.The exposed i
CISA Releases Six Industrial Control Systems Advisories
US-CERT Current Activity
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on July 15, 2025. These advisories provide timely information current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-196-01Hitachi Energy Asset Suite ICSA-25-196-02ABB RMC-100 ICSA-25-196-03LITEON IC48A and IC80A EV Chargers ICSA-25-037-02Schneider Electric EcoStruxure (Update B) ICSA-25-140-08Schneider Electric Modicon Controllers (Update A) ICSA-25-070-
'Ghost in the Machine' Exploits Spotted in Gigabyte Firmware
Data Breach Today UK
Endpoint Security,Governance & Risk Management,Hardware / Chip-level Security 'Ghost in the Machine' Exploits Spotted in Gigabyte Firmware Credit Eligible Get Permission Multiple high-severity vulnerabilities in Gigabyte's UEFI firmware could enable attackers to execute arbitrary code within System Management Mode, granting persistent and nearly undetectable control over affected systems. See Also:OnDemand | 2023 OT Cybersecurity Year in Review: Lessons Learned from the Frontlines The flaws, tra
Seychelles Commercial Bank Confirms Customer Data Breach
Data Breach Today UK
Data Breach Notification,Data Security,Fraud Management & Cybercrime Seychelles Commercial Bank Confirms Customer Data Breach Credit Eligible Get Permission A hacker claims to have stolen and sold the personal data of clients of Seychelles Commercial Bank. The bank, which provides personal and corporate services on Seychelles, one of the world's smallest countries, notified customers of a hack, but said only personal information - not money - was stolen. See Also:Flip the Security Model for Regu
Waltz brushes off SignalGate questions, points finger at CISA
CyberScoop
Former White House national security adviser Mike Waltz brushed aside criticisms Tuesday that he put sensitive military operations at risk by holding discussions military strikes in a Signal group chat, claiming the app’s use was authorized by the federal government’s top civilian cyber agency. In a Senate Foreign Relations Committee hearing, Waltz — who has been nominated to represent the U.S. at the United Nations — was pressed his short tenure as President Donald Trump’s top national security
Unified Cyber Standards Are Vital for 5G Resilience
Data Breach Today UK
Unified Cyber Standards Are Vital for 5G Resilience Credit Eligible Get Permission At a time when ASEAN nations are accelerating 5G deployments, cybersecurity leaders at the 5G and OT Security Summit in Malaysia issued a sobering warning: Fragmented regulations and uneven OT readiness threaten to undermine the region’s digital ambitions. See Also:Protect your Converging IT/OT Landscape with NTT DATA and Fortinet While Malaysia and Singapore are updating national telecom security requirements, ot