Latest news as of 7/12/2025, 5:44:23 PM
The Register
Did we say CrowdStrike? We meant, er, The July Incident... The sound of cyber security professionals spraying their screens with coffee could be heard this week as Microsoft claimed, "security is our top priority," as it talked up its Secure Future Initiative (SFI) once again and explained how Windows could be secured.… IGNITE
Graham Cluley
Flipaclip, an animation creation app that is particularly popular with youngsters, has exposed the details of over 890,000 users. Read more in my article on the Hot for Security blog.
Dark Reading
In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers.
Bleeping Computer
Microsoft now blocks the Windows 11 24H2 update on computers with standalone scanners, multi-function printers, fax machines, modems, and other network devices with eSCL protocol support. [...]
Bleeping Computer
The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new "GhostSpider" backdoor in attacks against telecommunication service providers. [...]
Bleeping Computer
The Thai police, working together with Thailand's largest telecommunications service provider, Advanced Info Service (AIS), located and busted the Chinese operators of an SMS blaster device that spammed fraudulent messages across Bangkok. [...]
Bleeping Computer
Meta announced that it has taken down 2 million accounts across its platforms since the beginning of the year that are linked to pig butchering and other scams. [...]
Bleeping Computer
Microsoft is working on fixing an ongoing and widespread Microsoft 365 outage that is impacting multiple services and features, including Exchange Online, Microsoft Teams, and SharePoint Online. [...]
Dark Reading
Diversity isn't just an issue of fairness — it's about operational excellence and ensuring we have the best possible teams defending our national security.
The Hacker News
The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date. By putting the