Latest news as of 7/15/2025, 7:44:16 PM
Dark Reading
Interpol's Operation Secure arrested more than 30 suspects across Vietnam, Sri Lanka, and Nauru, and seized 117 command-and-control servers allegedly used to run widespread phishing, business email compromise, and other cyber scams.
Bleeping Computer
A new attack dubbed 'SmartAttack' uses smartwatches as a covert ultrasonic signal receiver to exfiltrate data from physically isolated (air-gapped) systems. [...]
Bleeping Computer
Erie Insurance and Erie Indemnity Company have disclosed that a weekend cyberattack is behind the recent business disruptions and platform outages on its website. [...]
Dark Reading
Interpol's Operation Secure arrested more than 20 suspects across Vietnam, Sri Lanka, and Naru, and seized 117 command-and-control servers allegedly used to run widespread phishing, business email compromise, and other cyber scams.
Dark Reading
The move is unrelated to a recent nation-state attack the vendor endured but stems from a report by a third-party researcher.
Dark Reading
Agentic AI was everywhere at Gartner's Security & Risk Management Summit in Washington, DC, this year, as the AI security product engine chugs ahead at full speed.
The Register
FIN6 moves from point-of-sale compromise to phishing recruiters In a scam that flips the script on fake IT worker schemes, cybercriminals posing as job seekers on LinkedIn and Indeed are targeting recruiters - a group hated only slightly less than digital crooks - with malware hosted on phony resume portfolio sites.…
The Register
The 16 other flagged issues are on customers, says CRM giant Salesforce has assigned five CVE identifiers following a security report that uncovered more than 20 configuration weaknesses, some of which exposed customers to unauthorized access and session hijacking.…
Bleeping Computer
A new attack dubbed 'EchoLeak' is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user's context without interaction. [...]
The Hacker News
Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft Teams phishing to establish persistent access to target networks. "Recently, attackers have introduced Python script execution alongside these techniques, using cURL requests to fetch and deploy malicious payloads," ReliaQuest said in a report