Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- UK government walks back controversial Apple ‘back door’ demand after Trump administration pressure
- Mobile phishers target brokerage accounts in ‘ramp and dump’ cashout scheme
- New zero-day startup offers $20 million for tools that can hack any smartphone
- SIM-swapper, Scattered Spider hacker gets 10
- Oregon man charged with administering “Rapper Bot” DDoS-for-hire Botnet
- Study: Social media probably can’t be fixed
For the more technical
- Latest data from the advanced in-the-wild malware test - July 2025
- TCC bypass in Visual Studio Code via misconfigured Node fuses
- Think before you Click(Fix): Analyzing the ClickFix social engineering technique
- Help TDS and its malicious plugins redirect thousands of sites to tech support scams
- SpyVPN: The Google-featured VPN that secretly captures your screen
- Weaponizing image scaling against production AI systems
- Cybercriminals abuse AI website creation app for phishing
- Can AI weaponize new CVEs in under 15 minutes?
- A comprehensive analysis of HijackLoader and its infection chain
- Supply chain risk in Python: termncolor and colorinal explained
- RustyPages malware - technical analysis
- The silent, fileless threat of VShell
- Fake Telegram Premium site distributes new Lumma Stealer variant
- Behind the curtain: How Lumma affiliates operate
- Noodlophile stealer evolves: Targeted copyright phishing hits enterprises with social media footprints
- Detailed analysis of the stealer-traffer ecosystem
- QuirkyLoader - A new malware loader delivering infostealers and RATs
- Hunt.io exposes and analyzes ERMAC V3.0 banking trojan full source code leak
- PhantomCard: New NFC-driven Android malware emerging in Brazil
- Salty 2FA: Undetected PhaaS from Storm-1575 hitting US and EU industries
- Warlock: From SharePoint vulnerability exploit to enterprise ransomware
- Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
- A cereal offender: Analyzing the CORNFLAKE.V3 backdoor
- Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices
- UAC-0057 keeps applying pressure on Ukraine and Poland
- APT MuddyWater deploys multi-stage phishing to target CFOs
- Ghost-tapping and the Chinese cybercriminal retail fraud ecosystem
- The coordinated embassy hunt: Unmasking the DPRK-linked GitHub C2 espionage campaign
- Analysis of the GFW's unconditional port 443 block on August 20, 2025
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
Comments