PyPI maintainers alert users to email verification phishing attack
PyPI maintainers alert users to email verification phishing attack Pierluigi Paganini July 30, 2025 PyPI warns of phishing emails from noreply@pypj[.]org posing as “[PyPI] Email…
Month: July 2025
AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
Once reserved for large enterprises, cybersecurity has become a top priority for businesses of all sizes. SMBs are driving surging demand for vCISO services to…
Critical SonicWall SSL VPN Vulnerability Let Attackers Trigger DoS Attack
A critical vulnerability in SonicWall Gen7 firewall products could allow remote unauthenticated attackers to cause service disruptions through denial-of-service (DoS) attacks. The format string vulnerability…
Microsoft SharePoint Server 0-Day Exploit Targets African Treasury, Companies, and University
A sophisticated zero-day exploit campaign targeting unpatched vulnerabilities in Microsoft SharePoint Server has compromised approximately 400 organizations worldwide, with potential for a far higher victim…
Cybercrime Magazine’s Radio Station Celebrates Its 4-Year Anniversary
In Jul. 2021, Newsday visited Cybercrime Magazine’s HQ and studios and ran the headline “Live from Long Island: Northport radio station rolls out round-the-clock coverage…
Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
Jul 30, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed now-patched critical security flaws in the firmware of Dahua smart cameras that, if left…
Cyber governance practices are maturing – and reshaping leadership expectations
The UK Cyber Governance Code of Practice (CGCP), published in April by the Department for Science, Innovation and Technology, is the outcome of a collaborative…
BeyondTrust Privilege Management for Windows Vulnerability Let Attackers Escalate Privileges
A significant security vulnerability has been discovered in BeyondTrust’s Privilege Management for Windows solution, allowing local authenticated attackers to escalate their privileges to the administrator…
Lazarus Group Enhances Malware with New OtterCookie Payload Delivery Technique
The Contagious Interview campaign conducted by the Lazarus Group continues to expand its capabilities. We have observed an exponential evolution in the delivery mechanisms for…
Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools
Jul 30, 2025Ravie LakshmananEndpoint Security / Cyber Espionage Chinese companies linked to the state-sponsored hacking group known as Silk Typhoon (aka Hafnium) have been identified…
Lumma Password Stealer Attack Infection Chain and Its Escalation Tactics Uncovered
The cybersecurity landscape has witnessed a significant surge in information-stealing malware, with Lumma emerging as one of the most prevalent and sophisticated threats targeting Windows…
WordPress Theme Security Vulnerability Enables to Execute Arbitrary Code Remotely
A critical security vulnerability has been discovered in the popular “Alone” WordPress theme that allows unauthenticated attackers to execute arbitrary code remotely and potentially take…