"Dark Web vendors shift to third parties, supply chains."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 03 July 2025, 1506 UTC.

Content and Source provided by Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check email subscription link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

140K followers35 articles per week

#security#tech

60

Today

Dark Web Vendors Shift to Third Parties, Supply Chains

3 TTPs

•

by Robert Lemos, Contributing Writer / 1h

As attacks on software supply chains and third parties increase, more data on critical software and infrastructure services is being advertised and sold on the Dark Web.

IDE Extensions Pose Hidden Risks to Software Supply Chain

10 TTPs

•

by Rob Wright / 2h

Malicious extensions can be engineered to bypass verification checks for popular integrated development environments, according to research from OX Security.

AI Tackles Binary Code Challenges to Fortify Supply Chain Security

RevEng.ai raises 415 million

•

by Arielle Waldman / 2h

Analyzing binary code helps vendors and organizations detect security threats and zero-day vulnerabilities in the software supply chain, but it doesn't come without challenges. It looks like AI has come to the rescue.

Browser Extensions Pose Heightened, but Manageable, Security Risks

by Arielle Waldman / 2h

Attackers can abuse malicious extensions to access critical data, including credentials, but organizations can reduce the risks by raising awareness and enforcing strict policy controls.

Attackers Impersonate Top Brands in Callback Phishing

5 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 2h

Microsoft, PayPal, Docusign, and others are among the trusted brands threat actors use in socially engineered scams that try to get victims to call adversary-controlled phone numbers.

Yesterday

Qantas Airlines Breached, Impacting 6M Customers

2 TTPs

•

by Nate Nelson, Contributing Writer / 16h

•

Qantas suffers major data breach

Passengers' personal information was likely accessed via a third-party platform used at a call center, but didn't include passport or credit card info.

Initial Access Broker Self-Patches Zero Days as Turf Control

4 TTPs

•

by Jai Vijayan, Contributing Writer / 17h

A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to the same network.

US Treasury Sanctions BPH Provider Aeza Group

3 TTPs

•

by Kristina Beek / 17h

•

US sanctions Aeza Group cybercriminal hosting

In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer.

Russian APT 'Gamaredon' Hits Ukraine With Fierce Phishing

26 TTPs

•

by Alexander Culafi / 18h

•

Gamaredon targets Ukraine with evolved cybertools

A Russian APT known as "Gamaredon" is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine.

ClickFix Spin-Off Attack Bypasses Key Browser Safeguards

8 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 21h

•

FileFix bypasses Windows security

A new threat vector exploits how modern browsers save HTML files, bypassing Mark of the Web and giving attackers another social-engineering attack for delivering malware.

1 Year Later: Lessons Learned From the CrowdStrike Outage

by Nadir Izrael / 21h

The ever-growing volume of vulnerabilities and threats requires organizations to remain resilient and anti-fragile — that is, to be able to proactively respond to issues and continuously improve.

FileFix Attack Chain Enables Malicious Script Execution

by Kristina Beek / 1d

By using social engineering tactics, threat actors are able to manipulate their victims into saving and renaming files that will backfire against them.

Scope, Scale of Spurious North Korean IT Workers Emerges

4 TTPs

•

by Becky Bracken / 1d

•

US dismantles North Korean cyber operations

Microsoft warns thousands of North Korean workers have infiltrated tech, manufacturing, and transportation sectors to steal money and data.

Rethinking Cyber-Risk as Traditional Models Fall Short

by Arielle Waldman / 1d

Systemic cyber-risk models are not accounting for rapidly evolving threats — and a time when organizations are more interconnected than ever.

Jul 1, 2025

Silver Fox Suspected in Taiwanese Campaign Using DeepSeek Lure

9 TTPs

•

by Robert Lemos, Contributing Writer / 1d

•

Chinese hackers distribute malware via fake sites

The attack uses sideloading to deliver a variant of the popular Gh0stRAT malware and lures victims by posing — among other things — as a purported installer for DeepSeek's LLM.

Like SEO, LLMs May Soon Fall Prey to Phishing Scams

8 TTPs

•

by Jai Vijayan, Contributing Writer / 1d

Just as attackers have used SEO techniques to poison search engine results, they could rinse and repeat with artificial intelligence and the responses LLMs generate from user prompts.

LevelBlue Acquires Trustwave, Forms World's Largest Independent MSSP

LevelBlue acquires Trustwave expands MSSP

•

by Jeffrey Schwartz / 1d

As the largest managed security services provider, the combined entity will offer cyber consulting, managed detection and response, and incident response services.

Ransomware Reshaped How Cyber Insurers Perform Security Assessments

by Arielle Waldman / 1d

Cyber-insurance companies were forced to adapt once ransomware skyrocketed and highlighted crucial security weaknesses among organizations in all sectors.

We've All Been Wrong: Phishing Training Doesn't Work

by Nate Nelson, Contributing Writer / 1d

Teaching employees to detect malicious emails isn't really having an impact. What other options do organizations have?

DoJ Disrupts North Korean IT Worker Scheme Across Multiple US States

US dismantles North Korean cyber operations

•

by Kristina Beek / 1d

The US also conducted searches of 29 "laptop farms" across 16 states and seized 29 financial accounts used to launder funds.

Chrome Zero-Day, 'FoxyWallet' Firefox Attacks Threaten Browsers

6 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 2d

•

CVE-2025-6554

Separate threats to popular browsers highlight the growing security risk for enterprises presented by the original gateway to the Web, which remains an integral tool for corporate users.

How Businesses Can Align Cyber Defenses With Real Threats

by David Meese, Andrew Bayers / 2d

Companies that understand the motivations of their attackers and position themselves ahead of the competition will be in the best place to protect their business operations, brand reputation, and their bottom line.

Jun 30, 2025

Scattered Spider Hacking Spree Continues With Airline Sector Attacks

6 TTPs

•

by Jai Vijayan, Contributing Writer / 2d

•

Scattered Spider targets CFO credentials

Microsoft has called the hacker collective one of the most dangerous current cyberthreats.

Hired Hacker Assists Drug Cartel in Finding, Killing FBI Sources

Sinaloa cartel hacked FBI surveillance

•

by Rob Wright / 2d

According to a government report, El Chapo's Sinaloa drug cartel used a hacker to spy on people connected to the FBI's 2018 investigation against the kingpin, which led to deadly consequences.

Chinese Company Hikvision Banned By Canadian Government

by Kristina Beek, Associate Editor, Dark Reading / 2d

Though the company's video surveillance products will be prohibited for government use, individuals and private businesses can still buy the vendor's products.

Airoha Chip Vulns Put Sony, Bose Earbuds & Headphones at Risk

Bluetooth vulnerabilities enable eavesdropping

•

by Kristina Beek, Associate Editor, Dark Reading / 2d

The vulnerabilities, which have yet to be published, could allow a threat actor to hijack not only Bluetooth earbuds and headphones but also the devices connected to them.

AI-Themed SEO Poisoning Attacks Spread Info, Crypto Stealers

IoC > 1 domain

•

by Elizabeth Montalbano, Contributing Writer / 3d

•

17 TTPs

•

Hackers exploit AI search results

Malicious websites designed to rank high in Google search results for ChatGPT and Luma AI deliver the Lumma and Vidar infostealers and other malware.

Why Cybersecurity Should Come Before AI in Schools

21by Crystal Morin / 3d

The sooner we integrate cybersecurity basics into school curriculum, the stronger and more resilient our children — and their futures — will be.

Jun 27, 2025

Top Apple, Google VPN Apps May Help China Spy on Users

Beware risky Chinese-linked apps

•

by Nate Nelson, Contributing Writer / 5d

Apple and Google espouse strong values about data privacy, but they allow programs from a Big Brother state to thrive on their app stores, researchers allege.

'CitrixBleed 2' Shows Signs of Active Exploitation

2 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 5d

If exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while remaining undetected.

Scattered Spider Taps CFO Credentials in 'Scorched Earth' Attack

IoC > 1 IP

•

by Rob Wright / 5d

•

14 TTPs

•

Scattered Spider targets CFO credentials

In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and Snowflake environments, and for the first known time, actively fought back against incident response teams.

Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover

by Nate Nelson, Contributing Writer / 5d

Hackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket steering system.

Vulnerability Debt: How Do You Put a Price on What to Fix?

by Matt Middleton-Leal / 6d

Putting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture.

US Falling Behind China in Exploit Production

32by Robert Lemos, Contributing Writer / 6d

Cyber operations have become critical to national security, but the United States has fallen behind in one significant area — exploit production — while China has built up a significant lead.