2025-07-29
Dark Reading
Nimble 'Gunra' Ransomware Evolves With Linux Variant
The Citizen Lab
Targeted Across Borders: Digital Transnational Repression, Gender Dimensions, and the Role of Host States
Eclypsium
Enemies in the Server Racks: How BMC Vulnerabilities Became Critical Infrastructure Threats
Dark Reading
The Hidden Threat of Rogue Access
Palo Alto Networks
A Secure Vision for Our AI-Driven Future
Schneier on Security
Aeroflot Hacked
Talos Intelligence
Insights from Talos IR: Navigating NIS2 technical implementation
Searchlight Cyber Research
Struts Devmode in 2025? Critical Pre-Auth Vulnerabilities in Adobe Experience Manager Forms
NVISO Labs
Refinery raid
ISC SANS
ISC Stormcast For Tuesday, July 29th, 2025 https://isc.sans.edu/podcastdetail/9546, (Tue, Jul 29th)
CrankySec
Be Savvy
Elastic Security Labs
MaaS Appeal: An Infostealer Rises From The Ashes
2025-07-28
Infernux Blog
Microsoft Sentinel Data Lake - FAQ
watchTowr Labs
Stack Overflows, Heap Overflows, and Existential Dread (SonicWall SMA100 CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598)
Dark Reading
Chaos Ransomware Rises as BlackSuit Gang Falls
Schneier on Security
That Time Tom Lehrer Pranked the NSA
Ars Technica Security
Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel
Embrace The Red
The Month of AI Bugs 2025
Microsoft Security
Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability
Amazon Security
How to automatically disable users in AWS Managed Microsoft AD based on GuardDuty findings
Dark Reading
How to Spot Malicious AI Agents Before They Strike
Schneier on Security
Microsoft SharePoint Zero-Day
Trail of Bits
We built the security layer MCP always needed
Troy Hunt
Weekly Update 462
Malwarebytes
A week in security (July 21 – July 27)
ISC SANS
ISC Stormcast For Monday, July 28th, 2025 https://isc.sans.edu/podcastdetail/9544, (Mon, Jul 28th)
2025-07-26
Palo Alto Networks
Muddled Libra: From Social Engineering to Enterprise-Scale Disruption
Ars Technica Security
Microsoft to stop using China-based teams to support Department of Defense
Ars Technica Security
After BlackSuit is taken down, new ransomware group Chaos emerges
2025-07-25
Ars Technica Security
North Korean hackers ran US-based “laptop farm” from Arizona woman’s home
Schneier on Security
Friday Squid Blogging: Stable Quasi-Isodynamic Designs
The Citizen Lab
Marcus Michaelsen on the Impacts of Transnational Repression: Interview by Stockholm Center for Freedom
Dark Reading
AI-Generated Linux Miner 'Koske' Beats Human Malware
Malwarebytes
Steam games abused to deliver malware once again
Amazon Security
New AWS whitepaper: AWS User Guide to Financial Services Regulations and Guidelines in Australia
Zero Day Initiative
CVE-2025-20281: Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
Ars Technica Security
Supply-chain attacks on open source software are getting out of hand
Dark Reading
Why Security Nudges Took Off
Eye Security Research
How we Rooted Copilot
Schneier on Security
Subliminal Learning in AIs
Trail of Bits
Exploiting zero days in abandoned hardware
ISC SANS
ISC Stormcast For Friday, July 25th, 2025 https://isc.sans.edu/podcastdetail/9542, (Fri, Jul 25th)
2025-07-24
Palo Alto Networks
Security by Design — UX and AI in Modern Cybersecurity
Dark Reading
Can Security Culture Be Taught? AWS Says Yes
Amazon Security
Post-quantum TLS in Python
Ars Technica Security
Hackers—hope to defect to Russia? Don’t Google “defecting to Russia.”
Amazon Security
AWS Security Incident Response: The customer’s journey to accelerating the incident response lifecycle
Talos Intelligence
BRB, pausing for a "Sanctuary Moon" marathon
Krebs on Security
Phishers Target Aviation Execs to Scam Customers
Dark Reading
Translating Cyber-Risk for the Boardroom
Malwarebytes
Age verification: Child protection or privacy risk?
Malwarebytes
Introducing the smarter, more sophisticated Malwarebytes Trusted Advisor, your cybersecurity personal assistant
Schneier on Security
How the Solid Protocol Restores Digital Agency
Talos Intelligence
Unmasking the new Chaos RaaS group attacks
Hybrid Analysis Blog
New Advanced Stealer (SHUYAL) Targets Credentials Across 19 Popular Browsers
ISC SANS
ISC Stormcast For Thursday, July 24th, 2025 https://isc.sans.edu/podcastdetail/9540, (Thu, Jul 24th)
Greynoise
A Spike in the Desert: How GreyNoise Uncovered a Global Pattern of VOIP-Based Telnet Attacks
2025-07-23
Meta Security
Policy Zones: How Meta enforces purpose limitation at scale in batch processing systems
Dark Reading
Banking Trojan Coyote Abuses Windows UI Automation
Dark Reading
Dark Web Hackers Moonlight as Travel Agents
Ars Technica Security
What to know about ToolShell, the SharePoint threat under mass exploitation
Amazon Security
New whitepaper available: AICPA SOC 2 Compliance Guide on AWS
Dark Reading
What Makes Great Threat Intelligence?
Ars Technica Security
After $380M hack, Clorox sues its “service desk” vendor for simply giving out passwords
Malwarebytes
Proton launches Lumo, a privacy-focused AI chatbot
Dark Reading
Lumma Stealer Is Back & Stealthier Than Ever
Dark Reading
Why ISO 42001 Matters for AI Governance at Scale
Black Hills Info Sec
Detecting ADCS Privilege Escalation
Searchlight Cyber
What Are the Four Ways CTEM Fails Without ASM?
Palo Alto Networks
Redefining DNS Protection
Schneier on Security
Google Sues the Badbox Botnet Operators
Trail of Bits
Inside EthCC[8]: Becoming a smart contract auditor
Talos Intelligence
Meet Hazel Burton
Mateusz Lewczak Blog
Under the Hood of AFD.sys Part 2: TCP handshake