Port 22

~ 18 Jun 2025 ~

1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub

Asana's cutting-edge AI feature ran into a little data leakage problem

Irans Internet Blackout Adds New Dangers for Civilians Amid Israeli Bombings

Same Sea, New Phish: Russian Government-Linked Social Engineering Targets App-Specific Passwords

FedRAMP at Startup Speed: Lessons Learned

Water Curse Hijacks 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign

Israel-Tied Predatory Sparrow Hackers Are Waging Cyberwar on Irans Financial System

Ghostwriting Scam

Veeam patches third critical RCE bug in Backup & Replication in space of a year

Ex-CIA Analyst Sentenced to 37 Months for Leaking Top Secret National Defense Documents

CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication

Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict

How to bridge the MFA gap

Amazon CISO: Iranian hacking crews on high alert since Israel attack

Trump administration set to waive TikTok sell-or-die deadline for a third time

Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor

~ 17 Jun 2025 ~

LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents

AWS locks down cloud security, hits 100% MFA enforcement for root users

Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware

Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms

Sitecore CMS flaw let attackers brute-force 'b' for backdoor

Are Forgotten AD Service Accounts Leaving You at Risk?

Hard-Coded 'b' Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments

Backups Are Under Attack: How to Protect Your Backups

New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks

Redefining identity security in the age of agentic AI

23andMe hit with 2.3M fine after exposing genetic data of millions

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

Siemens Mendix Studio Pro

LS Electric GMWin 4

Fuji Electric Smart Editor

Dover Fueling Solutions ProGauge MagLink LX Consoles

Where AI Provides Value

Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement

Minnesota Shooting Suspect Allegedly Used Data Broker Sites to Find Targets' Addresses

~ 16 Jun 2025 ~

U.S. Seizes $7.74M in Crypto Tied to North Koreas Global Fake IT Worker Network

Scattered Spider has moved from retail to insurance

Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment

Remorseless extortionists claim to have stolen thousands of files from Freedman HealthCare

Unspoken Implications: A Preliminary Analysis of Bill C-2 and Canadas Potential Data-Sharing Obligations Towards the United States and Other Countries

Weekly Recap: iPhone Spyware, Microsoft 0-Day, TokenBreak Hack, AI Data Leaks and More

Playbook: Transforming Your Cybersecurity Practice Into An MRR Machine

Canada's WestJet says 'expect interruptions' online as it navigates cybersecurity turbulence

Eurocops arrest suspected Archetyp admin, shut down mega dark web drug shop

Salesforce study finds LLM agents flunk CRM and confidentiality tests

Microsoft adds export option to Windows Recall in Europe

Malicious PyPI Package Masquerades as Chimera Module to Steal AWS, CI/CD, and macOS Data

Spy school dropout: GCHQ intern jailed for swiping classified data

Why We Made a Guide to Winning a Fight

6 Tools for Tracking the Trump Administrations Attacks on Civil Liberties

How collaborative security can build you a better business

Armored cash transport trucks allegedly hauled money for $190 million crypto-laundering scheme

claws GitHub Actions Workflow Linter for Secure CI/CD Pipelines

~ 15 Jun 2025 ~

Dems demand audit of CVE program as Federal funding remains uncertain

Upcoming Speaking Engagements

~ 14 Jun 2025 ~

RFK Jr. Orders HHS to Give Undocumented Migrants Medicaid Data to DHS

Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets

~ 13 Jun 2025 ~

Cyber weapons in the Israel-Iran conflict may hit the US

Friday Squid Blogging: Stubby Squid

'No Kings' Protests, Citizen-Run ICE Trackers Trigger Intelligence Warnings

Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month

Do you trust Xi with your 'private' browsing data? Apple, Google stores still offer China-based VPNs, report says

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk

CBP's Predator Drone Flights Over LA Are a Dangerous Escalation

Apple fixes zero-click exploit underpinning Paragon spyware attacks

Heres What Marines and the National Guard Can (and Cant) Do at LA Protests

Wanted: Junior cybersecurity staff with 10 years' experience and a PhD

Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware

Paragon Spyware used to Spy on European Journalists

Slapped wrists for Financial Conduct Authority staff who emailed work data home

Envilder Secure AWS SSM CLI for Environment Variable Management

~ 12 Jun 2025 ~

Ransomware scum disrupted utility services with SimpleHelp attacks

WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network

Inside a Dark Adtech Empire Fed by Fake CAPTCHAs

How to Protest Safely in the Age of Surveillance

New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes

AI Agents Run on Secret Accounts Learn How to Secure Them in This Webinar

Social Media Is Now a DIY Alert System for ICE Raids

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

Non-Human Identities: How to Address the Expanding Security Risk

Cyber resilience begins before the crisis

Airlines Secretly Selling Passenger Data to the Government

ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Siemens Tecnomatix Plant Simulation

Siemens SIMATIC S7-1500 CPU Family

Siemens SCALANCE and RUGGEDCOM

Siemens SCALANCE and RUGGEDCOM

Siemens RUGGEDCOM APE1808

Siemens Energy Services

PTZOptics and Other Pan-Tilt-Zoom Cameras

AVEVA PI Web API

AVEVA PI Data Archive

AVEVA PI Connector for CygNet

Graphite Caught: First Forensic Confirmation of Paragons iOS Mercenary Spyware Finds Journalists Targeted

Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool

'Major compromise' at NHS temping arm exposed gaping security holes

~ 11 Jun 2025 ~

DeepSeek installer or just malware in disguise? Click around and find out

Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks