Month: June 2025

U.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber-attacks from Iranian state-sponsored or affiliated threat actors.  "Over the past several months, there has been increasing activity from hacktivists and Iranian government-affiliated actors, which is expected to escalate due to recent events," the agencies said. "These cyber actors often

 Multiple critical vulnerabilities in D-Link router models could allow remote attackers to execute arbitrary code and gain unauthorized access to the network infrastructure.  The vulnerabilities affect all hardware revisions and…

 Microsoft has released RIFT (Rust Identification and Function Tagging), a groundbreaking open-source tool designed to help cybersecurity analysts identify and analyze malware concealed within Rust binaries.  The cybersecurity community has…

Europol on Monday announced the takedown of a cryptocurrency investment fraud ring that laundered €460 million ($540 million) from more than 5,000 victims across the world. The operation, the agency said, was carried out by the Spanish Guardia Civil, along with support from law enforcement authorities from Estonia, France, and the United States. Europol said the investigation into the syndicate

 Over 2,100 vulnerable Citrix NetScaler servers remain exposed to active exploitation, despite patches being available for critical vulnerabilities that allow attackers to bypass authentication mechanisms and steal session tokens. Cybersecurity…

 A sophisticated new phishing campaign has emerged, leveraging obsolete Windows file formats and advanced evasion techniques to distribute the notorious Remcos Remote Access Trojan. The attack chain employs DBatLoader as…

Malicious websites designed to rank high in Google search results for ChatGPT and Luma AI deliver the Lumma and Vidar infostealers and other malware. Read More  

[[{"value":"NASA needs to perform an agency-wide cybersecurity risk assessment and to complete important cybersecurity tasks for each of its projects. The post NASA Needs Agency-Wide Cybersecurity Risk Assessment: GAO appeared…

 Langflow, the popular Python framework for rapid AI prototyping, is under siege after researchers disclosed CVE-2025-3248, a flaw in the /api/v1/validate/code endpoint that lets unauthenticated attackers execute arbitrary Python with…

The sooner we integrate cybersecurity basics into school curriculum, the stronger and more resilient our children — and their futures — will be. Read More  

 Every security practitioner knows that employees are the weakest link in an organization, butthis is no longer the case. SquareX’s research reveals that Browser AI Agents are more likely tofall…

The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66. Trustwave SpiderLabs, in a report published last week, said it was able to make this connection by pivoting from Proton66-linked digital assets, leading to the discovery of an active threat cluster that leverages Visual Basic Script (VBS) files as its

 Cybercriminals have launched a sophisticated campaign exploiting Facebook’s advertising platform to distribute malware and steal cryptocurrency wallet credentials, targeting users worldwide through deceptive Pi Network-themed advertisements. The malicious operation, which…

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 30, 2025 – Read the full story from USA Today According to Cybersecurity Ventures, global damage…