Daily CyberSecurity •

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer

Cursor AI, Crypto Theft

Cybercriminals

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer

July 15, 2025

MoonPay CEO Falls Victim to Crypto Scam: Imposter Steve Witkoff Dupes Executive for $250K

Crypto Scam, Executive Fraud business email compromise scam

Cybercriminals

MoonPay CEO Falls Victim to Crypto Scam: Imposter Steve Witkoff Dupes Executive for $250K

July 14, 2025

GMX Hacked for $40M, Hacker Returns Funds for $5M Bounty After On-Chain Appeal

GMX Exploit, Crypto Bounty Ubiquiti vulnerability - OilRig TTPs

Cybercriminals

GMX Hacked for $40M, Hacker Returns Funds for $5M Bounty After On-Chain Appeal

July 14, 2025

Red Bull Job Scam Exposed: Phishing Campaign Spoofs Brands, Uses “Slow Kill” Tactics to Steal Credentials

phishing-3390518_1280

Cybercriminals

Red Bull Job Scam Exposed: Phishing Campaign Spoofs Brands, Uses “Slow Kill” Tactics to Steal Credentials

July 14, 2025

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

NPM Supply Chain, North Korea Malware

Malware

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

July 15, 2025

HazyBeacon: Novel Backdoor Uses AWS Lambda for Stealthy C2, Targets Govts

backdoor

Malware

HazyBeacon: Novel Backdoor Uses AWS Lambda for Stealthy C2, Targets Govts

July 15, 2025

BlackSuit: New Royal/Conti Rebrand Hits With Speed, Stealth, & Data Exfiltration

blacksuit

Malware

BlackSuit: New Royal/Conti Rebrand Hits With Speed, Stealth, & Data Exfiltration

July 15, 2025

Interlock RAT Gets PHP Makeover: New Variant Uses Steganography & ClickFix for Stealthy Infiltration

Malware

Interlock RAT Gets PHP Makeover: New Variant Uses Steganography & ClickFix for Stealthy Infiltration

July 14, 2025

Rockerbox Data Leak Exposes 245,949 Records: SSNs, Driver’s Licenses, Military IDs Leaked from Unsecured Cloud

Data Breach, Cloud Misconfiguration

Data Leak

Rockerbox Data Leak Exposes 245,949 Records: SSNs, Driver’s Licenses, Military IDs Leaked from Unsecured Cloud

July 9, 2025

Android Privacy Alert: Google Gemini AI Now Accesses WhatsApp, Texts & Calls by Default

Google Gemini, Android Privacy Google Veo 3, AI Video Generation Google AI video, generative AI

Android Privacy Alert: Google Gemini AI Now Accesses WhatsApp, Texts & Calls by Default

July 9, 2025

State Secrets for Sale: China’s “Hack-for-Hire” Ecosystem Exposed in Massive VenusTech & Salt Typhoon Leaks

china-data

State Secrets for Sale: China’s “Hack-for-Hire” Ecosystem Exposed in Massive VenusTech & Salt Typhoon Leaks

July 7, 2025

Taiwan Warns Public: Popular Chinese Apps (TikTok, WeChat, Rednote) Pose National Security Risk Via Data Transfer to China

Chinese Apps, Taiwan Security Warning

Data Leak

Taiwan Warns Public: Popular Chinese Apps (TikTok, WeChat, Rednote) Pose National Security Risk Via Data Transfer to China

July 7, 2025

Google Confirms Major OS Merger: Android & ChromeOS to Become a Single Unified Platform Android ChromeOS Merger, Google OS Unification Google monopolistic dominance Google ccTLD

Android ChromeOS Merger, Google OS Unification Google monopolistic dominance Google ccTLD

Google Confirms Major OS Merger: Android & ChromeOS to Become a Single Unified Platform

Ddos July 15, 2025

CISA Warns of Active Exploitation of Wing FTP Server Flaw (CVE-2025-47812), CVSS 10 Wing FTP Server, RCE Exploit CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor

Wing FTP Server, RCE Exploit CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor

CISA Warns of Active Exploitation of Wing FTP Server Flaw (CVE-2025-47812), CVSS 10

Ddos July 15, 2025

ImageMagick Flaw (CVE-2025-53101): Stack Buffer Overflow Allows Potential Remote Code Execution ImageMagick, Stack Buffer Overflow

ImageMagick, Stack Buffer Overflow

ImageMagick Flaw (CVE-2025-53101): Stack Buffer Overflow Allows Potential Remote Code Execution

Ddos July 15, 2025

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform Immich, Account Hijacking

Immich, Account Hijacking

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform

Ddos July 15, 2025

Tible Partners with AccuKnox to Deploy Zero Trust CNAPP Solution tible_option1_1751896835tkCEqRorsJ

tible_option1_1751896835tkCEqRorsJ

Tible Partners with AccuKnox to Deploy Zero Trust CNAPP Solution

cybernewswire July 14, 2025

Bangalore, India, 14th July 2025, CyberNewsWire

Critical Apache Jackrabbit Flaw (CVE-2025-53689): XXE Attacks Allow Data Exfiltration & DoS CVE-2023-37895 Apache Jackrabbit, XXE Vulnerability

CVE-2023-37895 Apache Jackrabbit, XXE Vulnerability

Critical Apache Jackrabbit Flaw (CVE-2025-53689): XXE Attacks Allow Data Exfiltration & DoS

Ddos July 14, 2025

Zoom Unveils Custom AI Companion: Agent-Like AI Boosts Productivity Across 16 Business Apps Zoom AI, Custom AI Companion

Zoom AI, Custom AI Companion

Zoom Unveils Custom AI Companion: Agent-Like AI Boosts Productivity Across 16 Business Apps

Ddos July 14, 2025

GPUHammer: First Rowhammer Attack on GDDR6 GPU Memory Induces Bit Flips, Degrades AI Models GPUHammer, Rowhammer

GPUHammer, Rowhammer

GPUHammer: First Rowhammer Attack on GDDR6 GPU Memory Induces Bit Flips, Degrades AI Models

Ddos July 14, 2025

CVE-2025-7503 (CVSS 10): Hidden Backdoor in Popular IP Camera Grants Hackers Root Access IP Camera, Critical Vulnerability

IP Camera, Critical Vulnerability

CVE-2025-7503 (CVSS 10): Hidden Backdoor in Popular IP Camera Grants Hackers Root Access

Ddos July 14, 2025

Elon Musk’s AI Empire Boosted: SpaceX Invests $2B in xAI to Accelerate Grok Development & Tesla Integration Grok AI, xAI Investment

Grok AI, xAI Investment

Elon Musk’s AI Empire Boosted: SpaceX Invests $2B in xAI to Accelerate Grok Development & Tesla Integration

Ddos July 14, 2025

CVE-2025-25257 (CVSS 9.6): Pre-Auth SQLi in Fortinet FortiWeb Opens Door to RCE, PoC Published CVE-2025-25257 PoC FortiWeb, SQL Injection

CVE-2025-25257 PoC FortiWeb, SQL Injection

CVE-2025-25257 (CVSS 9.6): Pre-Auth SQLi in Fortinet FortiWeb Opens Door to RCE, PoC Published

Ddos July 14, 2025

RenderShock: New Zero-Click Attack Explores Hidden Vulnerabilities in OS & Enterprise Environments rend

rend

RenderShock: New Zero-Click Attack Explores Hidden Vulnerabilities in OS & Enterprise Environments

Ddos July 14, 2025

SLOW#TEMPEST: Advanced Obfuscation Evades Static Analysis With CFG & Indirect Calls SLOW#TEMPEST, Malware Obfuscation

SLOW#TEMPEST, Malware Obfuscation

SLOW#TEMPEST: Advanced Obfuscation Evades Static Analysis With CFG & Indirect Calls

Ddos July 14, 2025

SMM Vulnerabilities in Gigabyte UEFI Firmware Expose Systems to Stealthy Attacks Gigabyte UEFI, Critical Vulnerabilities

Gigabyte UEFI, Critical Vulnerabilities

SMM Vulnerabilities in Gigabyte UEFI Firmware Expose Systems to Stealthy Attacks

Ddos July 14, 2025

CVE-2025-30023: Critical RCE Vulnerability Discovered in Axis Video Management Software Axis Communications, Remote Code Execution

Axis Communications, Remote Code Execution

CVE-2025-30023: Critical RCE Vulnerability Discovered in Axis Video Management Software

Ddos July 14, 2025

WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads WordPress Supply Chain, Plugin Backdoor

WordPress Supply Chain, Plugin Backdoor

WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads

Ddos July 14, 2025

Google Uncovers Massive Phishing Scam Exploiting Booking.com Users layout

layout

Google Uncovers Massive Phishing Scam Exploiting Booking.com Users

Ddos July 14, 2025

Darktrace Exposes “Fake Startup” Malware Campaign: Lures Crypto Users with AI/Web3 Apps to Steal Wallets startup

startup

Darktrace Exposes “Fake Startup” Malware Campaign: Lures Crypto Users with AI/Web3 Apps to Steal Wallets

Ddos July 14, 2025

Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer GitHub Malware, Supply Chain Attack

GitHub Malware, Supply Chain Attack

Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer

Ddos July 14, 2025

1Password Free Family Plan: How to Keep Getting 1 Year of Free Premium Access 1Password Free, Family Plan

1Password Free, Family Plan

1Password Free Family Plan: How to Keep Getting 1 Year of Free Premium Access

Ddos July 13, 2025