Port 22

~ 8 Jul 2025 ~

Suspected Scattered Spider domains target everyone from manufacturers to Chipotle

~ 7 Jul 2025 ~

SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools

CitrixBleed 2 exploits are on the loose as security researchers yell and wave their hands

Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More

Manufacturing Security: Why Default Passwords Must Go

Learn how to build an AI-powered, unified SOC in new Microsoft e-book

A Match Made in the Heavens: The Surveillance State and the New Space Economy

Phishing platforms, infostealers blamed as identity attacks soar

Hiding Prompt Injections in Academic Papers

TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors

Batavia spyware steals data from Russian organizations

Caracal Rust eBPF Rootkit for Stealthy Post-Exploitation

~ 6 Jul 2025 ~

Stalkerware firm gets scooped by SQL-slinging security snoop

Ingram Micro confirms ransomware behind multi-day outage

~ 5 Jul 2025 ~

Massive spike in use of .es domains for phishing abuse

Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties

Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS

Android May Soon Warn You About Fake Cell Towers

~ 4 Jul 2025 ~

Friday Squid Blogging: How Squid Skin Distorts Light

NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors

The G7 condemned transnational repression, but will Canada meet its own commitments?

Your AI Agents Might Be Leaking Data Watch this Webinar to Learn How to Stop It

Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros

Google Ordered to Pay $314M for Misusing Android Users' Cellular Data Without Permission

How to get into cybersecurity | Unlocked 403 cybersecurity podcast (S2E3)

Task scams: Why you should never pay to get paid

Windows_EndPoint_Audit Endpoint Security Auditing Toolkit

~ 3 Jul 2025 ~

Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams

The Person in Charge of Testing Tech for US Spies Has Resigned

Trump Officials Want to Prosecute Over the ICEBlock App. Lawyers Say Thats Unconstitutional

CBP Wants New Tech to Search for Hidden Data on Seized Phones

Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets

Big Techs Mixed Response to U.S. Treasury Sanctions

Microsoft Windows Firewall complains about Microsoft code

The Hidden Weaknesses in AI SOC Tools that No One Talks About

Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms

Young Consulting finds even more folks affected in breach mess now over 1 million

Meta calls 200M EU fine over pay-or-consent ad model 'unlawful'

Mitsubishi Electric MELSOFT Update Manager

Mitsubishi Electric MELSEC iQ-F Series

Hitachi Energy Relion 670/650 and SAM600-IO Series

Hitachi Energy MicroSCADA X SYS600

Ransomware crew Hunters International shuts down, hands out keys to victims

Surveillance Used by a Drug Cartel

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

The Promise and Peril of Digital Security in the Age of Dictatorship

How government cyber cuts will affect you and your business

Let's Encrypt rolls out free security certs for IP addresses

ChatGPT creates phishers paradise by recommending the wrong URLs for major companies

~ 2 Jul 2025 ~

North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign

Cisco scores a perfect 10 - sadly for a critical flaw in its comms platform

CISA warns the Signal clone used by natsec staffers is being attacked, so patch now

A Group of Young Cybercriminals Poses the Most Imminent Threat of Cyberattacks Right Now

23andMe's new owner says your DNA is safe this time

That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat

Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

US drops sanctions on second Russian bulletproof hosting vehicle this year

Vercel's v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale

Ubuntu Disables Spectre/Meltdown Protections

Cl0p cybercrime gang's data exfiltration tool found vulnerable to RCE attacks

Gamaredon in 2024: Cranking out spearphishing campaigns against Ukraine with an evolved toolset

UK eyes new laws as cable sabotage blurs line between war and peace

Australian airline Qantas reveals data theft impacting six million customers

Malvertising and TDS Cloaking Tactics Uncovered

~ 1 Jul 2025 ~

Critical Vulnerability in Anthropic's MCP Exposes Developer Machines to Remote Exploits

TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns

New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status

Microsoft admits to Intune forgetfulness

Planning your move to Microsoft Defender portal for all Microsoft Sentinel customers

International Criminal Court swats away 'sophisticated and targeted' cyberattack

A New Maturity Model for Browser Security: Closing the Last-Mile Risk

Google Patches Critical Zero-Day Flaw in Chromes V8 Engine After Active Exploitation

U.S. Arrests Key Facilitator in North Korean IT Worker Scheme, Seizes $7.74 Million

Voltronic Power and PowerShield UPS Monitoring Software

Hitachi Energy Relion 670/650 and SAM600-IO Series

Hitachi Energy MSM

FESTO Hardware Controller, Hardware Servo Press Kit

FESTO Didactic CP, MPS 200, and MPS 400 Firmware

FESTO CODESYS

FESTO Automation Suite, FluidDraw, and Festo Didactic Products

ESET Threat Report H1 2025: Key findings

Iranian Blackout Affected Misinformation Campaigns

Microsoft Removes Password Management from Authenticator App Starting August 2025

Terrible tales of opsec oversights: How cybercrooks get themselves caught

ESET APT Activity Report Q4 2024Q1 2025: Malware sharing, wipers and exploits

Proton bashes Apple and joins antitrust suit that seeks to throw the App Store wide open

~ 30 Jun 2025 ~

US shuts down a string of North Korean IT worker scams

U.S. Agencies Warn of Rising Iranian Cyberattacks on Defense, OT Networks, and Critical Infrastructure

Europol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five Suspects

Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams

Jasper Sleet: North Korean remote IT workers evolving tactics to infiltrate organizations

Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks

British IT worker sentenced to seven months after trashing company network

Senator Chides FBI for Weak Advice on Mobile Security

Scattered Spider crime spree takes flight as focus turns to aviation sector

Leveraging Credentials As Unique Identifiers: A Pragmatic Approach To NHI Inventories

Weekly Recap: Airline Hacks, Citrix 0-Day, Outlook Malware, Banking Trojans and more

Sinaloa drug cartel hired a cybersnoop to identify and kill FBI informants

How Cybersecurity Fears Affect Confidence in Voting Systems