IT Security Weekend Catch Up – June 7, 2025

Comments
close searching

07.06.2025 | 21:18

IT Security Weekend Catch Up – June 7, 2025
avatar

badcyber

comments

IT Security Weekend Catch Up – June 7, 2025

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Trump pardoned him. Now he’s selling his cyber business for $200 million
  2. NSO appeals WhatsApp decision, says it can’t pay $168 million in ‘unlawful’ damages
  3. Switzerland plans surveillance worse than US
  4. OpenAI slams court order to save all ChatGPT logs, including deleted chats
  5. Can AI therapists really be an alternative to human help?
  6. CrowdStrike and Microsoft unite to harmonize cyber threat attribution
  7. International operation takes down crypting sites used for testing malware
  8. U.S. Government seizes approximately 145 criminal marketplace domains
  9. Ross Ulbricht got a $31 million donation from a dark web dealer, crypto tracers suspect

For the more technical

  1. Roundcube ≤ 1.6.10 post-auth RCE via PHP object deserialization
  2. Threat of TCC bypasses on macOS
  3. Ready_ Wasn’t Ready – four critical vulnerabilities in Symfonia eDokumenty
  4. Bombardino Crocodilo in Poland - analysis of IKO Lokaty mobile malware campaign
  5. Crocodilus in the wild: Mapping the campaign in Poland
  6. Critical Firefox 0-interaction libvpx vulnerability let attackers execute arbitrary code
  7. Google fixes another actively exploited vulnerability in Chrome, so update now!
  8. Don't call that "Protected" method: Dissecting an N-day vBulletin RCE
  9. vBulletin replaceAdTemplate exploited in the wild
  10. Attacker exploits misconfigured AI tool to run AI-generated payload
  11. Cybercriminals camouflaging threats as AI tool installers
  12. Infostealer malware FormBook spread via phishing campaign
  13. Lumma infostealer – down but not out?
  14. Deep dive into a dumped malware without a PE header
  15. Unpacking ClickFix: Darktrace’s detection of a prolific social engineering tactic
  16. ViperSoftX stealing cryptocurrencies
  17. BladedFeline: Whispering in the dark
  18. DCRat presence growing in Latin America
  19. Victims risk AsyncRAT infection after being redirected to fake Booking.com sites
  20. Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine
  21. The Bitter end: Unraveling eight years of espionage antics - part one

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.


Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! For the less technical Trump pardoned him. Now he’s selling his cyber business for $200 million NSO appeals WhatsApp dec 2025-06-07T21:18:34+02:00

Comments