Security Affairs

"Microsoft Patch Tuesday updates for July 2025 fixed a zero-day."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 11 July 2025, 1408 UTC.

Content and Source provided by Email subscription from https://feedly.com.

https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check subscription link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

3 TTPs

•

by Pierluigi Paganini / 2d

•

CVE-2025-49719

Microsoft released Patch Tuesday security updates for July 2025, which addressed 130 flaws, including one a Microsoft SQL Server zero-day. Microsoft Patch Tuesday security updates for July 2025 addressed 130 vulnerabilities in Windows and Windows Components, Office and Office Components, .NET and Visual Studio, Azure, Teams, Hyper-V, Windows BitLocker, Microsoft Edge (Chromium-based), and the Win

Nippon Steel Solutions suffered a data breach following a zero-day attack

Nippon Steel Solutions suffers zero-day breach

•

by Pierluigi Paganini / 1d

Nippon Steel Solutions reported a data breach caused by hackers exploiting a zero-day vulnerability in their network equipment. Nippon Steel Solutions, a subsidiary of Japan’s Nippon Steel, disclosed a data breach, attackers exploited a zero-day vulnerability. The company provides cloud and cybersecurity services. On March 7, 2025, Nippon Steel Solutions detected suspicious server activity and is

Qantas data breach impacted 5.7 million individuals

8 TTPs

•

by Pierluigi Paganini / 1d

•

Qantas faces major cyberattack extortion

Australia’s largest airline Qantas has confirmed that the recent data breach impacted 5.7 million individuals. Early this month, Australian airline Qantas disclosed a cyberattack after hackers accessed a third-party platform used by a call centre, stealing significant customer data. The breach, linked to ongoing Scattered Spider activity, was detected and contained on Monday. Qantas confirmed tha

Yesterday

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

5 TTPs

•

by Pierluigi Paganini / 4h

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler ADC and Gateway, tracked as CVE-2025-5777 , to its Known Exploited Vulnerabilities (KEV) catalog . The CVE-2025-5777 flaw, dubbed ‘ CitrixBleed

UK NCA arrested four people over M&S, Co-op cyberattacks

Four arrested for UK retail cyberattacks

•

by Pierluigi Paganini / 16h

NCA arrested four people in UK, including three teens, over cyberattacks on M&S, Co-op, and Harrods, per its investigation. The British National Crime Agency (NCA) arrested four individuals in the country following an investigation into the recent wave of attacks targeting Co-op , M&S , and Harrods . On July 10, Law enforcement arrested 4 youths, aged 17–20, in London and West Midlands, the polic

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

6 TTPs

•

by Pierluigi Paganini / 18h

•

PerfektBlue vulnerabilities expose millions of

Researchers found critical PerfektBlue flaws in OpenSynergy BlueSDK, allowing remote code execution to hack millions of vehicles’ systems. Researchers at PCA Cyber Security identified a set of critical vulnerabilities, collectively tracked as PerfektBlue, in OpenSynergy BlueSDK Bluetooth stack. The exploitation of the flaws potentially allows remote code execution in millions of vehicles. These f

Jul 9, 2025

DoNot APT is expanding scope targeting European foreign ministries

24 TTPs

•

by Pierluigi Paganini / 1d

•

DoNot APT targets European ministries

DoNot APT, likely an India-linked cyberespionage group, targets European foreign ministries with LoptikMod malware. The DoNot APT group, likely linked to India, has expanded its operations and is targeting European foreign ministries with a new malware, called LoptikMod. The Donot Team ( also known as APT-C-35 and Origami Elephant) has been active since 2016, focusing on government entities, fore

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

14 TTPs

•

by Pierluigi Paganini / 2d

•

Iranian ransomware group escalates attacks

An Iranian ransomware group, Pay2Key.I2P, has intensified attacks on U.S. and Israeli targets, offering affiliates higher profits. The Iranian ransomware group Pay2Key.I2P is stepping up attacks on U.S. and Israeli targets, luring affiliates with higher profit shares. The ransomware gang is the successor to the original Pay2Key group and experts linked it to the Iran-nexus APT group Fox Kitten .

Jul 8, 2025

Hackers weaponize Shellter red teaming tool to spread infostealers

3 TTPs

•

by Pierluigi Paganini / 2d

•

Hackers exploit leaked Shellter software

Hackers are abusing the legitimate red teaming tool Shellter to spread stealer malware after a licensed copy was leaked. Elastic Security Labs has identified several malware campaigns using the commercial AV/EDR evasion tool SHELLTER . The tool was originally built for legitimate red team operations, however, threat actors have now adopted it to bypass security measures and deploy malware. Since

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

Chinese hacker linked to Silk Typhoon

•

by Pierluigi Paganini / 2d

Italian police arrested a Chinese national linked to Silk Typhoon APT group at Milan’s Malpensa Airport on a U.S. warrant. Italian police arrested a Chinese national, Zewei Xu (33), at Milan’s Malpensa Airport on a U.S. warrant. Xu was arrested at Malpensa Airport on July 3rd after arriving on a flight from China. Authorities accused the man of cyberespionage, U.S. authorities linked him to the C

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

Execution (Enterprise TA0002)

•

by Pierluigi Paganini / 2d

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaborat

Jul 7, 2025

IT Worker arrested for selling access in $100M PIX cyber heist

Brazil arrests suspects in PIX cyberattacks

•

by Pierluigi Paganini / 3d

Brazil arrests IT worker João Roque for aiding $100M PIX cyber heist, one of Brazil’s biggest banking system breaches. Brazilian police arrested João Roque (48), an IT employee at C&M, for allegedly aiding a cyberattack that stole over 540 million reais (~$100 million) via the PIX banking system. The company C&M links smaller banks to Brazil’s PIX system. PIX is Brazil’s instant payment system, l

Hawaii Cybersecurity Journal