IT Security Weekend Catch Up – July 25, 2025

Comments
close searching

25.07.2025 | 12:00

IT Security Weekend Catch Up – July 25, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – July 25, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Decoding secrets through symbols: How military insignia revealed Russia’s hidden SIGINT network
  2. From dirty crypto to clean money – the laundering playbook of Russophone cybercriminals
  3. Ukraine-aligned hackers claim cyberattack on major Russian drone supplier
  4. Dell confirms breach of test lab platform by World Leaks extortion group
  5. Hungary: Police arrest suspect behind DDoS cyberattacks on IPI and independent media websites
  6. ATM fraudsters halted in Europol-supported operation led by Romanian and British authorities
  7. Ukraine arrests suspected admin of XSS Russian hacking forum
  8. After a tip, ExpressVPN updates its Windows app to strengthen protections
  9. Brave blocks Microsoft Recall by default

For the more technical

  1. DLL Hijacking in Check Point SmartConsole installer aka CVE-2024-24916
  2. SharePoint 0-day uncovered (CVE-2025-53770)
  3. Active exploitation of Microsoft SharePoint vulnerabilities
  4. SharePoint ToolShell: Zero-day exploited in-the-wild targets enterprise servers
  5. Disrupting active exploitation of on-premises SharePoint vulnerabilities
  6. NVIDIAScape - Critical NVIDIA AI vulnerability: A three-line container escape in NVIDIA Container Toolkit (CVE-2025-23266)
  7. Uncovering a stealthy WordPress backdoor in mu-plugins
  8. Google releases critical Chrome update for CVE-2025-6558 exploit active in the wild
  9. Copy-paste pitfalls: Revealing the AppLocker bypass risks in the suggested block-list policy
  10. Fake CAPTCHA led to LUMMA
  11. Back to business: Lumma stealer returns with stealthier methods
  12. Dissecting the ClickFix user-execution attack and its sophisticated persistence via ADS
  13. New variant of ACRStealer actively distributed with modifications
  14. Malware in DNS
  15. Ghost Crypt powers PureRAT with hypnosis
  16. NailaoLocker ransomware’s “cheese”
  17. Coyote in the wild: First-ever malware that abuses UI Automation
  18. DeedRAT backdoor enhanced by Chinese APTs with advanced capabilities
  19. Lookout Discovers Iranian APT MuddyWater leveraging DCHSpy during Israel-Iran conflict
  20. MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities
  21. Hive0156 continues Remcos campaigns against Ukraine
  22. Illusory wishes: China-nexus APT targets the Tibetan community

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical Decoding secrets through symbols: How military insignia revealed Russia’s hidden SIGINT network F 2025-07-25T12:00:37+02:00

Comments