Latest news as of 7/26/2025, 9:32:26 PM
Dark Reading
The newly launched security startup provides an engineering relationship management platform that provides enterprises with visibility across code, infrastructure, and tools.
The Hacker News
The Tibetan community has been targeted by a China-nexus cyber espionage group as part of two campaigns conducted last month ahead of the Dalai Lama's 90th birthday on July 6, 2025. The multi-stage attacks have been codenamed Operation GhostChat and Operation PhantomPrayers by Zscaler ThreatLabz. "The attackers compromised a legitimate website, redirecting users via a malicious link and
The Hacker News
You wouldn’t run your blue team once a year, so why accept this substandard schedule for your offensive side? Your cybersecurity teams are under intense pressure to be proactive and to find your network’s weaknesses before adversaries do. But in many organizations, offensive security is still treated as a one-time event: an annual pentest, a quarterly red team engagement, maybe an audit sprint
The Hacker News
Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud,
Graham Cluley
There is good news for any organisation which has been hit by the Phobos ransomware. Japanese police have released a free decryptor capable of recovering files encrypted by both the notorious Phobos ransomware, and its offshoot 8Base. Read more in my article on the Fortra blog.
Bleeping Computer
SonicWall urges customers to patch SMA 100 series appliances against a critical authenticated arbitrary file upload vulnerability that can let attackers gain remote code execution. [...]
The Register
French fashion house dishes out notices after hackers raided a client database – ShinyHunters suspected Fashion house Dior has begun dropping data breach notices after cybercrooks with a taste for high-end targets made off with customer data.…
The Hacker News
Microsoft has revealed that one of the threat actors behind the active exploitation of SharePoint flaws is deploying Warlock ransomware on targeted systems. The tech giant, in an update shared Wednesday, said the findings are based on an "expanded analysis and threat intelligence from our continued monitoring of exploitation activity by Storm-2603." The threat actor attributed to the financially
The Register
The "is" package was infected with cross-platform malware after a scam targeting maintainers The popular npm package "is" was infected with cross-platform malware, around the same time that linting utility packages used with the prettier code formatter were infected with Windows-only malware.…
Bleeping Computer
A Chinese hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. [...]