SecurityWeek Briefing.

"eSIM hack allows for cloning, spying."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 July 2025, 1610 UTC.

Content and Source:  "SecurityWeek Briefing."

Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Ffeeds.feedburner.com%2FSecurityweek

Please check subscription link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

SecurityWeek

89K followers39 articles per week

#security#tech

23

Today

eSIM Hack Allows for Cloning, Spying

by Eduard Kovacs / 1h

Details have been disclosed for an eSIM hacking method that could impact many, but the industry is taking action. The post appeared first on SecurityWeek .

Ingram Micro Restores Systems Impacted by Ransomware

3 TTPs

•

by Ionut Arghire / 2h

•

Ingram Micro faces prolonged global outage

Ingram Micro has restored operations across all countries and regions after disconnecting systems to contain a ransomware attack. The post appeared first on SecurityWeek .

Four Arrested in UK Over M&S, Co-op Cyberattacks

Four arrested for retail cyberattacks

•

by Eduard Kovacs / 2h

Three teens and a woman have been arrested by the UK’s NCA over the hacking of M&S, Co-op and Harrods. The post appeared first on SecurityWeek .

Qantas Confirms 5.7 Million Impacted by Data Breach

2 TTPs

•

by Ionut Arghire / 3h

•

Qantas faces major cyberattack extortion

Hackers compromised names, addresses, email address, phone numbers, and other information pertaining to Qantas customers. The post appeared first on SecurityWeek .

Booz Allen Invests in Machine Identity Firm Corsha

by Kevin Townsend / 4h

‘Machine identities’, often used interchangeably with ‘non-human identities’ (NHIs), have been increasing rapidly since the start of digital transformation. The post appeared first on SecurityWeek .

Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack

4 TTPs

•

by Eduard Kovacs / 5h

PCA Cyber Security has discovered critical vulnerabilities in the BlueSDK Bluetooth stack that could have allowed remote code execution on car systems. The post appeared first on SecurityWeek .

What Can Businesses Do About Ethical Dilemmas Posed by AI?

by Stu Sjouwerman / 5h

AI-made decisions are in many ways shaping and governing human lives. Companies have a moral, social, and fiduciary duty to responsibly lead its take-up. The post appeared first on SecurityWeek .

Yesterday

AirMDR Raises $15.5 Million for MDR Solution

AirMDR raises 155 million

•

by Ionut Arghire / 6h

AI-powered MDR provider AirMDR has raised $15.5 million in funding (seed and infusion investment) to support its R&D efforts. The post appeared first on SecurityWeek .

Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack

4 TTPs

•

by Eduard Kovacs / 1d

•

Nippon Steel Solutions suffers zero-day breach

Nippon Steel Solutions has disclosed a data breach that resulted from the exploitation of a zero-day in network equipment. The post appeared first on SecurityWeek .

Samsung Announces Security Improvements for Galaxy Smartphones

Samsung enhances security and privacy

•

by Ionut Arghire / 1d

New Samsung Galaxy features include protections for on-device AI, expanded cross-device threat detection, and quantum-resistant encryption for network security. The post appeared first on SecurityWeek .

ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact

6 TTPs

•

by Eduard Kovacs / 1d

•

PatchTuesday

Industrial solutions providers Siemens, Schneider Electric and Phoenix Contact have released July 2025 Patch Tuesday ICS security advisories. The post appeared first on SecurityWeek .

Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking

4 TTPs

•

by Ionut Arghire / 1d

Multiple vulnerabilities in Ruckus Wireless management products could be exploited to fully compromise the managed environments. The post appeared first on SecurityWeek .

Jul 8, 2025

Canadian Electric Utility Says Power Meters Disrupted by Cyberattack

by Eduard Kovacs / 1d

Nova Scotia Power is notifying individuals affected by the recent data breach, including in the United States. The post appeared first on SecurityWeek .

Ivanti, Fortinet, Splunk Release Security Updates

2 TTPs

•

by Ionut Arghire / 1d

Ivanti, Fortinet, and Splunk have released patches for critical- and high-severity vulnerabilities in their products. The post appeared first on SecurityWeek .

Alleged Chinese State Hacker Wanted by US Arrested in Italy

Chinese hacker arrested in Italy

•

by Eduard Kovacs / 1d

Xu Zewei has been arrested on charges that he is a member of the Chinese state-sponsored hacking group Hafnium (Silk Typhoon). The post appeared first on SecurityWeek .

Adobe Patches Critical Code Execution Bugs

3 TTPs

•

by Ionut Arghire / 1d

Adobe patches were also released for medium-severity flaws in After Effects, Audition, Dimension, Experience Manager Screens, FrameMaker, Illustrator, Substance 3D Stager, and Substance 3D Viewer. The post appeared first on SecurityWeek .

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday

5 TTPs

•

by Ionut Arghire / 1d

•

PatchTuesday

Patch Tuesday July 2025: Microsoft rolled out fixes for 130 vulnerabilities, including a zero-day in SQL Server. The post appeared first on SecurityWeek .

Impostor Uses AI to Impersonate Rubio and Contact Foreign and US Officials

AI impersonation targets diplomats

•

by Associated Press / 1d

The warning came after the department discovered that an impostor attempted to reach out to at least three foreign ministers, a U.S. senator and a governor. The post appeared first on SecurityWeek .

Legitimate Shellter Pen-Testing Tool Used in Malware Attacks

Defense Evasion (Enterprise TA0005)

•

by Ionut Arghire / 1d

•

Hackers exploit leaked Shellter software

A stolen copy of Shellter Elite shows how easily legitimate security tools can be repurposed by threat actors when vetting and oversight fail. The post appeared first on SecurityWeek .

The Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore

3 TTPs

•

by Kevin Townsend / 2d

As organizations rush to adopt agentic AI, security leaders must confront the growing risk of invisible threats and new attack vectors. The post appeared first on SecurityWeek .

SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover

3 TTPs

•

by Ionut Arghire / 2d

SAP has released patches for multiple insecure deserialization vulnerabilities in NetWeaver that could lead to full system compromise. The post appeared first on SecurityWeek .

Exploits, Technical Details Released for CitrixBleed2 Vulnerability

by Ionut Arghire / 2d

Researchers released technical information and exploit code targeting a critical vulnerability (CVE-2025-5777) in Citrix NetScaler. The post appeared first on SecurityWeek .

Qantas Hit with Extortion Demand After Data Breach

5 TTPs

•

by Ionut Arghire / 2d

•

Qantas faces major cyberattack extortion

The Australian airline says a cybercriminal attempted to extort it after customer data was stolen from a contact center. The post appeared first on SecurityWeek .

End of feed