IT Security Weekend Catch Up – June 28, 2025

Comments
close searching

28.06.2025 | 23:38

IT Security Weekend Catch Up – June 28, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – June 28, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Mastodon updates its terms to prohibit AI model training
  2. Group of high-profile authors sue Microsoft over use of their books in AI training
  3. Meta secures bittersweet fair use victory in AI ‘piracy’ case
  4. Former Western Sydney University student charged after allegedly hacking system for personal gain over years
  5. Patient's death linked to cyber attack on NHS, hospital trust says
  6. Russian court releases several REvil ransomware gang members

For the more technical

  1. When memory refuses to forget: Sensitive data persistence in desktop application
  2. Remote code execution in CentOS Web Panel - CVE-2025-48703
  3. Is b for backdoor? Pre-auth RCE chain in Sitecore Experience Platform
  4. CitrixBleed 2: Electric Boogaloo — CVE-2025–5777
  5. Multiple Brother devices: Multiple vulnerabilities
  6. Attackers actively exploiting critical vulnerability in Motors theme
  7. ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware
  8. Ransomware gangs collapse as Qilin seizes control
  9. Dire Wolf strikes: New ransomware group targeting global sectors
  10. Dissecting a malicious Havoc sample
  11. DRAT V2: Updated DRAT emerges in TAG-140’s arsenal
  12. FileFix - A ClickFix alternative
  13. How much EU is in DNS4EU?
  14. Russian Internet users are unable to access the open Internet
  15. Resurgence of the Prometei botnet
  16. Cryptominers’ anatomy: Shutting down mining botnets
  17. Black Hat SEO poisoning search engine results for AI to distribute malware
  18. Ongoing campaign abuses Microsoft 365’s Direct Send to deliver phishing emails
  19. OneClik: A ClickOnce-based APT campaign targeting energy, oil and gas infrastructure
  20. Iranian Educated Manticore targets leading tech academics
  21. Hive0154 aka Mustang Panda shifts focus on Tibetan community to deploy Pubload backdoor
  22. Another wave: North Korean contagious interview campaign drops 35 new malicious npm packages

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical Mastodon updates its terms to prohibit AI model training Group of high-profile authors sue Micros 2025-06-28T23:38:03+02:00

Comments