News

• CIS Benchmarks July 2025 Update Tue, 08 Jul 2025 14:49:00 -0400
  Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for July 2025.

Looking Glass Cyber

Malware Patrol

SecList

• Code highlighting with Cursor AI for $500,000
  Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer.

securingtomorrow.mcafee.com

Quick Heal

Threat Post

• Student Loan Breach Exposes 2.5M Records
• Watering Hole Attacks Push ScanBox Keylogger
• Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
• Ransomware Attacks are on the Rise
• Cybercriminals Are Selling Access to Chinese Surveillance Cameras
• Twitter Whistleblower Complaint: The TL;DR Version
• Firewall Bug Under Active Attack Triggers CISA Warning
• Fake Reservation Links Prey on Weary Travelers
• iPhone Users Urged to Update to Patch 2 Zero-Days
• Google Patches Chrome’s Fifth Zero-Day of the Year

Naked Security

Security Affairs

• Qantas data breach impacted 5.7 million individuals
• DoNot APT is expanding scope targeting European foreign ministries
• Nippon Steel Solutions suffered a data breach following a zero-day attack
• Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates
• Hackers weaponize Shellter red teaming tool to spread infostealers
• Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day
• Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant
• U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog
• IT Worker arrested for selling access in $100M PIX cyber heist
• New Batavia spyware targets Russian industrial enterprises

Security Awareness Tips of the week

Exploits

• [webapps] Discourse 3.2.x - Anonymous Cache Poisoning
• [webapps] Stacks Mobile App Builder 5.2.3 - Authentication Bypass via Account Takeover
• [remote] Microsoft Outlook - Remote Code Execution (RCE)
• [local] Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
• [local] Sudo 1.9.17 Host Option - Elevation of Privilege
• [remote] ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)
• [local] Sudo chroot 1.9.17 - Local Privilege Escalation
• [remote] Microsoft PowerPoint 2019 - Remote Code Execution (RCE)
• [webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
• [remote] Microsoft SharePoint 2019 - NTLM Authentication
• [remote] gogs 0.13.0 - Remote Code Execution (RCE)
• [remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
• [webapps] Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)
• [remote] McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
• [webapps] Sitecore 10.4 - Remote Code Execution (RCE)
• [remote] Microsoft Excel 2024 Use after free - Remote Code Execution (RCE)
• [remote] freeSSHd 1.0.9 - Denial of Service (DoS)
• [webapps] Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
• [remote] OneTrust SDK 6.33.0 - Denial Of Service (DoS)
• [remote] PX4 Military UAV Autopilot 1.12.3 - Denial of Service (DoS)
• [remote] Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)
• [local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)
• [remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse
• [webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
• [remote] WebDAV Windows 10 - Remote Code Execution (RCE)
• [remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection
• [local] Microsoft Excel Use After Free - Local Code Execution
• [webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
• [remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
• [local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit
• [webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
• [webapps] Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)
• [remote] PCMan FTP Server 2.0.7 - Buffer Overflow
• [remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction
• [webapps] Roundcube 1.6.10 - Remote Code Execution (RCE)
• [remote] Freefloat FTP Server 1.0 - Remote Buffer Overflow
• [local] TightVNC 2.8.83 - Control Pipe Manipulation
• [remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)
• [local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege
• [webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection
• [remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)
• [remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)
• [local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation
• [remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
• [webapps] CloudClassroom PHP Project 1.0 - SQL Injection
• [remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow

Last 20 Website Defacements - Zone-h

Advisories

Symantec Packet Stoem Security