Daily CyberSecurity •

BitoPro Crypto Heist: North Korea’s Lazarus Group Steals $11.5M via Phished Employee

BitoPro Hack, Lazarus Group

Cybercriminals

BitoPro Crypto Heist: North Korea’s Lazarus Group Steals $11.5M via Phished Employee

June 24, 2025

EvilConwi: Hackers Abuse Signed ConnectWise Installers to Launch Stealth Remote Access Attacks

abuse

Cybercriminals

EvilConwi: Hackers Abuse Signed ConnectWise Installers to Launch Stealth Remote Access Attacks

June 24, 2025

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks

CVE-2024-3393 - Zservers sanctions

Cybercriminals

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks

June 24, 2025

CoinTelegraph Hacked: Fake CTG Airdrop Scam Steals Crypto Via Malicious Pop-Ups

CoinTelegraph Hack, Crypto Scam

Cybercriminals

CoinTelegraph Hacked: Fake CTG Airdrop Scam Steals Crypto Via Malicious Pop-Ups

June 23, 2025

Critical Linksys Router Flaw (CVE-2025-34037, CVSS 10.0) Actively Exploited by TheMoon Worm

Linksys Router, TheMoon Worm

Critical Linksys Router Flaw (CVE-2025-34037, CVSS 10.0) Actively Exploited by TheMoon Worm

June 24, 2025

SHOE RACK Malware: NCSC Uncovers Stealthy Reverse SSH & DoH Post-Exploitation Tool Targeting FortiGate Firewalls

SHOE RACK Malware, Reverse SSH

Malware

SHOE RACK Malware: NCSC Uncovers Stealthy Reverse SSH & DoH Post-Exploitation Tool Targeting FortiGate Firewalls

June 24, 2025

Spyware Reloaded: SparkKitty Stalks Crypto Wallets via TikTok Mods and Fake Apps

Malware

Spyware Reloaded: SparkKitty Stalks Crypto Wallets via TikTok Mods and Fake Apps

June 24, 2025

Wedding Invitation Scam: SpyMax RAT Targets Indian WhatsApp Users, Stealing OTPs & Banking Credentials

Android Spyware, SpyMax RAT CVE-2024-0039 Android Auto-Reboot Google Play Services

Malware

Wedding Invitation Scam: SpyMax RAT Targets Indian WhatsApp Users, Stealing OTPs & Banking Credentials

June 24, 2025

Cyber Fattah Breach: Pro-Iranian Hackers Leak Saudi Games Athlete Data in Targeted Info Op

Saudi Games, Cyber Fattah

Data Leak

Cyber Fattah Breach: Pro-Iranian Hackers Leak Saudi Games Athlete Data in Targeted Info Op

June 24, 2025

Massive Data Leak: Hacker Allegedly Selling 16 Billion Login Credentials from Major Tech Giants

Login Credentials, Data Leak CVE-2024-47191 - OATH-Toolkit

Data Leak

Massive Data Leak: Hacker Allegedly Selling 16 Billion Login Credentials from Major Tech Giants

June 20, 2025

Hackers Leak 7.4 Million Paraguayan Citizen Records, Demand $1 Per Person Ransom

Paraguay Data Breach, Ransomware

Data Leak

Hackers Leak 7.4 Million Paraguayan Citizen Records, Demand $1 Per Person Ransom

June 17, 2025

SmartAttack: Turning Your Smartwatch into a Spy Tool for Air-Gapped Networks

Smartwatch Hacking, Air-Gapped Data Exfiltration

Data Leak

SmartAttack: Turning Your Smartwatch into a Spy Tool for Air-Gapped Networks

June 16, 2025

Windows 11 Gets New UI Customization: Reposition System Indicator Bar to Top-Center or Top-Left Windows 11, Indicator Bar

Windows 11, Indicator Bar

Windows 11 Gets New UI Customization: Reposition System Indicator Bar to Top-Center or Top-Left

Ddos June 24, 2025

Xbox App Beta Unites Game Libraries: Launch All Your PC Games from One Hub Xbox App, Unified Game Library

Xbox App, Unified Game Library

Xbox App Beta Unites Game Libraries: Launch All Your PC Games from One Hub

Ddos June 24, 2025

Xbox x Meta Quest 3S Confirmed: Co-Branded VR Headset Launching Today Meta Quest Xbox VR, Co-branded VR

Meta Quest Xbox VR, Co-branded VR

Xbox x Meta Quest 3S Confirmed: Co-Branded VR Headset Launching Today

Ddos June 24, 2025

CVE-2025-6218: WinRAR Directory Traversal Bug Opens the Door to Remote Code Execution WinRAR RCE, Directory Traversal

WinRAR RCE, Directory Traversal

CVE-2025-6218: WinRAR Directory Traversal Bug Opens the Door to Remote Code Execution

Ddos June 24, 2025

Critical Convoy Flaw (CVE-2025-52562, CVSS 10.0): Unauthenticated Remote Code Execution on KVM Servers! Convoy RCE, Unauthenticated

Convoy RCE, Unauthenticated

Critical Convoy Flaw (CVE-2025-52562, CVSS 10.0): Unauthenticated Remote Code Execution on KVM Servers!

Ddos June 24, 2025

From Bypass to Root: Mandiant Red Team Exploits CVE-2025-2171 and CVE-2025-2172 in Aviatrix Cloud Controller bypass

bypass

From Bypass to Root: Mandiant Red Team Exploits CVE-2025-2171 and CVE-2025-2172 in Aviatrix Cloud Controller

Ddos June 24, 2025

No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform InnoShop vulnerabilities

InnoShop vulnerabilities

No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform

Ddos June 24, 2025

Speaker Proposal Deadline Approaches for OpenSSL Conference 2025 in Prague PR_Speakers_Conf_02_1750689274PuXbB6t4ud

PR_Speakers_Conf_02_1750689274PuXbB6t4ud

Speaker Proposal Deadline Approaches for OpenSSL Conference 2025 in Prague

cybernewswire June 23, 2025

Newark, United States, 23rd June 2025, CyberNewsWire

CoinMarketCap Hacked: “Doodle” Graphic Delivers Malware, Stealing $43K+ from User Wallets CoinMarketCap Hack, Inferno Drainer CVE-2024-53677 PoC Exploit

CoinMarketCap Hack, Inferno Drainer CVE-2024-53677 PoC Exploit

CoinMarketCap Hacked: “Doodle” Graphic Delivers Malware, Stealing $43K+ from User Wallets

Ddos June 23, 2025

YouTube’s New Anti-Ad Blocker Tactic: “Fake Buffering” Delays Videos by 10+ Seconds YouTube Ad Blockers, Fake Buffering Google Lens, YouTube Shorts

YouTube Ad Blockers, Fake Buffering Google Lens, YouTube Shorts

YouTube’s New Anti-Ad Blocker Tactic: “Fake Buffering” Delays Videos by 10+ Seconds

Ddos June 23, 2025

Microsoft Tightens Windows Restore: 60-Day Limit for Windows 11 24H2 Restore Points Windows Restore, Microsoft Policy

Windows Restore, Microsoft Policy

Microsoft Tightens Windows Restore: 60-Day Limit for Windows 11 24H2 Restore Points

Ddos June 23, 2025

CapCut’s New Terms: ByteDance Gains Perpetual Rights to User Content, Likeness, & Voice Globally

CapCut’s New Terms: ByteDance Gains Perpetual Rights to User Content, Likeness, & Voice Globally

Ddos June 23, 2025

iOS 26 Unveils “Captive Assist”: Seamless Public Wi-Fi Login Across All Your Apple Devices iOS 26, Wi-Fi Synchronization Apple Redesign Apple Public Betas, AirPods Firmware

iOS 26, Wi-Fi Synchronization Apple Redesign Apple Public Betas, AirPods Firmware

iOS 26 Unveils “Captive Assist”: Seamless Public Wi-Fi Login Across All Your Apple Devices

Ddos June 23, 2025

Apple Eyes Perplexity AI Acquisition: Bolstering Search & Siri with Generative AI Perplexity Apple, Perplexity AI Acquisition Mac Mini M2, Power Issue macOS, Intel Macs

Perplexity Apple, Perplexity AI Acquisition Mac Mini M2, Power Issue macOS, Intel Macs

Apple Eyes Perplexity AI Acquisition: Bolstering Search & Siri with Generative AI

Ddos June 23, 2025

Cloudflare Mitigates Record 7.3 Tbps DDoS Attack: 37.4 TB in 45 Seconds Cloudflare DDoS, Record Attack

Cloudflare DDoS, Record Attack

Cloudflare Mitigates Record 7.3 Tbps DDoS Attack: 37.4 TB in 45 Seconds

Ddos June 23, 2025

Microsoft Family Safety Blocks Google Chrome in Windows 11: Workarounds Revealed Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Microsoft Family Safety Blocks Google Chrome in Windows 11: Workarounds Revealed

Ddos June 23, 2025

Windows Update’s Driver Purge: Smoother Updates, or Hidden Headaches? Driver Cleanup CVE-2024-49138 - December Patch Tuesday Windows update errors, Windows update troubleshooting

Driver Cleanup CVE-2024-49138 - December Patch Tuesday Windows update errors, Windows update troubleshooting

Windows Update’s Driver Purge: Smoother Updates, or Hidden Headaches?

Ddos June 23, 2025

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign Confucius APT, Anondoor Backdoor

Confucius APT, Anondoor Backdoor

Confucius Group Evolves: Researcher Uncovers New Modular Backdoor “Anondoor” in Latest Espionage Campaign

Ddos June 23, 2025

Prometei Botnet Evolves: Linux Variant Returns With Stealthier Payloads and Monero Mining Focus Prometei Botnet, Linux Malware

Prometei Botnet, Linux Malware

Prometei Botnet Evolves: Linux Variant Returns With Stealthier Payloads and Monero Mining Focus

Ddos June 23, 2025

Mocha Manakin: New Threat Group Uses “Paste and Run” to Deploy Custom NodeJS RAT! Mocha Manakin, NodeInitRAT

Mocha Manakin, NodeInitRAT

Mocha Manakin: New Threat Group Uses “Paste and Run” to Deploy Custom NodeJS RAT!

Ddos June 23, 2025