SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape 10 Things I Hate About Attribution:…
Author: Cybernoz
Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)If you haven’t…
Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini July 06, 2025 A new round of the weekly Security Affairs newsletter…
Dalfox 2.12 Released ︎ | HAHWUL
More powerful XSS scanning, Integration Dalfox v2.12.0 has been released. It’s been about three months since the previous version, 2.11, and this update includes various…
AI’s Morose Mania
I think, looking back, we might say that the first week of July 2025 was the start of AGI. Like, proto-AGI. All because of Claude…
North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates
North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates Pierluigi Paganini July 05, 2025 North Korea-linked hackers use fake Zoom updates to…
Ingram Micro outage caused by SafePay ransomware attack
An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has…
New Phishing Attack Impersonates as DWP Attacking Users to Steal Credit Card Data
A sophisticated phishing campaign targeting UK citizens has emerged, masquerading as official communications from the Department for Work and Pensions (DWP) to steal sensitive financial…
Writable File in Lenovo’s Windows Directory Enables a Stealthy AppLocker Bypass
A significant security vulnerability has been discovered in Lenovo’s preloaded Windows operating systems, where a writable file in the Windows directory enables attackers to bypass…
Instagram Started Using 1-Week Validity TLS certificates and Changes Them Daily
Instagram has adopted an unprecedented approach to web security by implementing daily rotation of TLS certificates that maintain validity periods of just one week, according…
“CitrixBleed 2” Vulnerability PoC Released
Critical flaw in Citrix NetScaler devices echoes infamous 2023 security breach that crippled major organizations worldwide. The new critical vulnerability in Citrix NetScaler devices has…
Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
Russian Federal Security Service (FSB) officers have detained two hackers in Siberia who conducted cyberattacks on critical infrastructure facilities under direct orders from Ukrainian intelligence…