"China-backed Salt Typhoon hacks US National Guard for nearly a year."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 19 July 2025, 2120 UTC.

Content and Source:  Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check subscription link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

141K followers31 articles per week

#security#tech

56

Most popular

China-Backed Salt Typhoon Hacks US National Guard for Nearly a Year

3 TTPs

•

by Alexander Culafi / 2d

•

Chinese hackers infiltrated US National Guard

Between March and December of last year, infamous Chinese state-sponsored APT Salt Typhoon gained access to sensitive US National Guard data.

3 Ways Security Teams Can Minimize Agentic AI Chaos

by Josh Lemos / 1d

Security often lags behind innovation. The path forward requires striking a balance.

'PoisonSeed' Attacker Skates Around FIDO Keys

by Alexander Culafi / 1d

Researchers discovered a novel phishing attack that serves the victim a QR code as part of supposed multifactor authentication (MFA), in order to get around FIDO-based protections.

Yesterday

Nearly 2,000 MCP Servers Possess No Security Whatsoever

by Nate Nelson, Contributing Writer / 1d

Authentication in MCP — the backbone of agentic AI — is optional, and nobody's implementing it. Instead, they're allowing any passing attackers full control of their servers.

Firmware Vulnerabilities Continue to Plague Supply Chain

by Robert Lemos, Contributing Writer / 1d

Four flaws in the basic software for Gigabyte motherboards could allow persistent implants, underscoring problems in the ways firmware is developed and updated.

Jul 17, 2025

4 Chinese APTs Attack Taiwan's Semiconductor Industry

7 TTPs

•

by Nate Nelson, Contributing Writer / 1d

•

China-linked hackers target Taiwan chips

Chinese threat actors have turned to cyberattacks as a way to undermine and destabilize Taiwan's most important industrial sector.

Cisco Discloses '10' Flaw in ISE, ISE-PIC — Patch Now

4 TTPs

•

by Alexander Culafi / 2d

Cisco just disclosed a critical severity flaw in its ISE and ISE-PIC products, joining two similar bugs disclosed last month.

Printer Security Gaps: A Broad, Leafy Avenue to Compromise

Printer security neglected worldwide

•

by Tara Seals / 2d

Security teams aren't patching firmware promptly, no one's vetting the endpoints before purchase, and visibility into potential dangers is limited — despite more and more cyberattackers targeting printers as a matter of course.

Armenian Extradited to US Over Ryuk Ransomware

Armenian extradited for ransomware charges

•

by Kristina Beek / 2d

The suspect faces three charges for his alleged crimes that could earn him up to five years in federal prison, and a heap of fines.

Why Cybersecurity Still Matters for America's Schools

by Chester Moyer / 2d

Cyberattacks on educational institutions are growing. But with budget constraints and funding shortfalls, leadership teams are questioning whether — and how — they can keep their institutions safe.

AI Driving the Adoption of Confidential Computing

by Agam Shah / 2d

After years of hanging out in the wild, confidential computing is getting closer to an AI model near you.

Jul 16, 2025

Oracle Fixes Critical Bug in Cloud Code Editor

3 TTPs

•

by Jai Vijayan, Contributing Writer / 2d

The bug allowed an attacker an easy way to compromise a full suite of developer tools in Oracle Cloud Infrastructure.

Elite 'Matanbuchus 3.0' Loader Spruces Up Ransomware Infections

18 TTPs

•

by Nate Nelson, Contributing Writer / 3d

•

Microsoft Teams used to deploy Matanbuchus

An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS-based C2 communication.

ISC2 Finds Orgs Are Increasingly Leaning on AI

HR AI adoption outpaces training

•

by Kristina Beek / 3d

While many organizations are eagerly integrating AI into their workflows and cybersecurity practices, some remain undecided and even concerned about potential drawbacks of AI deployment.

Women Who 'Hacked the Status Quo' Aim to Inspire Cybersecurity Careers

by Elizabeth Montalbano, Contributing Writer / 3d

A group of female cybersecurity pioneers will share what they've learned about navigating a field dominated by men, in order to help other women empower themselves and pursue successful cybersecurity careers.

Fully Patched SonicWall Gear Under Likely Zero-Day Attack

11 TTPs

•

by Jai Vijayan, Contributing Writer / 3d

A threat actor with likely links to the Abyss ransomware group is leveraging an apparent zero-day vulnerability to deploy the "Overstep" backdoor on fully up-to-date appliances.

Cognida.ai Launches Codien: An AI Agent to Modernize Legacy Test Automation and Fast-Track Test Creation

3d

[no content]

Securing the Budget: Demonstrating Cybersecurity's Return

by Kara Sprague / 3d

By tying security investments to measurable outcomes — like reduced breach likelihood and financial impact — CISOs can align internal stakeholders and justify spending based on real-world risk.

Jul 15, 2025

Altered Telegram App Steals Chinese Users' Android Data

Fake Telegram malware campaign spreads

•

by Robert Lemos, Contributing Writer / 3d

Using more than 600 domains, attackers entice Chinese-speaking victims to download a vulnerable Telegram app that is nearly undetectable on older versions of Android.

Lessons Learned From McDonald's Big AI Flub

by Alexander Culafi / 4d

McDonald's hiring platform was using its original default credentials and inadvertently exposed information belonging to possibly millions of job applicants.

AI Is Reshaping How Attorneys Practice Law

by Arielle Waldman / 4d

Experts recommend enhanced AI literacy, training around the ethics of using AI, and verification protocols to maintain credibility in an increasingly AI-influenced courtroom.

AsyncRAT Spawns Concerning Labyrinth of Forks

10 TTPs

•

by Jai Vijayan, Contributing Writer / 4d

•

AsyncRAT malware evolves with variants

Since surfacing on GitHub in 2019, AsyncRAT has become a poster child for how open source malware can democratize cybercrime, with a mazelike footprint of variants available across the spectrum of functionality.

Attackers Abuse AWS Cloud to Target Southeast Asian Governments

13 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 4d

•

Southeast Asian governments targeted by cloud

The intelligence-gathering cyber campaign introduces the novel HazyBeacon backdoor and uses legitimate cloud communication channels for command-and-control (C2) and exfiltration to hide its malicious activities.

How Criminal Networks Exploit Insider Vulnerabilities

by Rob Juncker / 4d

Criminal networks are adapting quickly, and they're betting that companies won't keep pace. Let's prove them wrong.

MITRE Launches AADAPT Framework for Financial Systems

MITRE launches cryptocurrency cybersecurity

•

by Kristina Beek / 4d

The new framework is modeled after and meant to complement the MITRE ATT&CK framework, and it is aimed at detecting and responding to cyberattacks on cryptocurrency assets and other financial targets.

Jul 14, 2025

Web-Inject Campaign Debuts Fresh Interlock RAT Variant

14 TTPs

•

by Alexander Culafi / 4d

•

Interlock ransomware uses PHP malware

A cyber-threat campaign is using legitimate websites to inject victims with remote access Trojans belonging to the Interlock ransomware group, in order to gain control of devices.

Google Gemini AI Bug Allows Invisible, Malicious Prompts

Google Gemini phishing vulnerability discovered

•

by Elizabeth Montalbano, Contributing Writer / 5d

A prompt-injection vulnerability in the AI assistant allows attackers to create messages that appear to be legitimate Google Security alerts but instead can be used to target users across various Google products with vishing and phishing.

The Dark Side of Global Power Shifts & Demographic Decline

by Ty Greenhalgh / 5d

As global power realigns and economies falter, the rise in cybercrime is no longer hypothetical — it's inevitable.

Jul 11, 2025

Pay2Key Ransomware Gang Resurfaces With Incentives to Attack US, Israel

9 TTPs

•

by Rob Wright / 8d

•

Iranian ransomware offers US Israel

The ransomware-as-a-service (RaaS) operation, which has been tied to an Iranian advanced persistent threat (APT) group, recently boosted its affiliate profit share to 80% for attacks on Western targets.

350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE

4 TTPs

•

27by Nate Nelson, Contributing Writer / 8d

Mercedes, Skoda, and Volkswagen vehicles, as well as untold industrial, medical, mobile, and consumer devices, may be vulnerable to an attack chain called "PerfektBlue."

As Cyber-Insurance Premiums Drop, Coverage Is Key to Resilience

Stable growth in cyber insurance

•

by Robert Lemos, Contributing Writer / 8d

Cyber-insurance premiums continue to decline from their explosive growth from 2020 to 2022, but coverage is more important than ever to manage risks, experts say.

Factoring Cybersecurity Into Finance's Digital Strategy

by Jeff Prelle / 8d

As financial institutions continue to embrace digital transformation, their success will depend on their ability to establish and maintain robust and responsible cybersecurity practices.

Digital Fingerprints Test Privacy Concerns in 2025

by Stephen Lawton / 8d

Digital fingerprinting technology creates detailed user profiles by combining device data with location and demographics, which increases the risks of surveillance.

Jul 10, 2025

Customer, Employee Data Exposed in Nippon Steel Breach

Exfiltration (Enterprise TA0010)

•

by Kristina Beek / 8d

•

Nippon Steel Solutions suffers zero-day breach

Information from the company's NS Solutions subsidiary has yet to show up on any Dark Web sites, but it doesn't rule out the possibility that the data may have been stolen.

eSIM Bug in Millions of Phones Enables Spying, Takeover

3 TTPs

•

by Nate Nelson, Contributing Writer / 8d

eSIMs around the world may be fundamentally vulnerable to physical and network attacks because of a 6-year-old Oracle vulnerability in technology that underlies billions of cards.

Ingram Micro Up and Running After Ransomware Attack

Ingram Micro faces prolonged global outage

•

by Kristina Beek / 9d

Customers were the first to notice the disruption on the distributor's website when they couldn't place orders online.

Agentic AI's Risky MCP Backbone Opens Brand-New Attack Vectors

3 TTPs

•

by Jai Vijayan, Contributing Writer / 9d

Critical security vulnerabilities affect different parts of the Model Context Protocol (MCP) ecosystem, which many organizations are rapidly adopting in order to integrate AI models with external data sources.

4 Arrested in UK Over M&S, Co-op, Harrods Hacks

4 TTPs

•

by Alexander Culafi / 9d

•

UK arrests four suspected hackers

The UK's National Crime Agency arrested four people, who some experts believe are connected to the notorious cybercriminal collective known as Scattered Spider.

SIM Swap Fraud Is Surging — and That's a Good Thing

by Shaun Cooney / 9d

Now it's time to build systems that attackers can't reroute with a phone call.

Browser Exploits Wane as Users Become the Attack Surface

by Robert Lemos, Contributing Writer / 9d

For browsers, exploitation is out — and getting users to compromise their own systems is in. Improved browser security has forced attackers to adapt their tactics, and they've accepted the challenge.

AirMDR Tackles Security Burdens for SMBs With AI

AirMDR raises 155 million

•

by Arielle Waldman / 9d

The security startup provides managed detection and response services for small to midsize businesses to detect and address modern threats, such as ransomware, phishing attacks, and