Security Affairs.
- Get link
- X
- Other Apps
"Zero-DY Quest returns: Microsoft ups the stakes with $5M bug bounty."
Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 05 August 2025, 2040 UTC.
Content and Source provided by email subscription from https://feedly.com.
https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed.
Please check subscription link or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
58
Today
Microsoft launches largest bug bounty
by Pierluigi Paganini / 2h
Microsoft offers up to $5M for Zero Day Quest 2026 bug hacking contest; top researchers join live hacking event after fall 2025 submissions. Microsoft is bringing back its live hacking contest, Zero Day Quest , in spring 2026, and this time, it’s offering up to $5 million in rewards. The competition will spotlight researchers who uncover serious security flaws in cloud and AI systems. This is the
3 TTPs
by Pierluigi Paganini / 5h
•Cisco suffers voice phishing breach
Cisco disclosed CRM data breach via vishing attack; basic user info was exposed, but no sensitive data or systems were compromised Cisco has confirmed a data breach involving a third-party CRM system, exposing basic profile details (e.g. names, emails, and phone numbers) of users who registered on Cisco.com. The breach was discovered on July 24 after a vishing attack targeted one of Cisco’s repre
5 TTPs
by Pierluigi Paganini / 9h
These are in plain sight without a Breach. No ransomware. No compromise. Just misconfigured systems, overpermissioned users, silent access. When we think of a breach, we imagine firewalls failing, malware spreading, or hackers stealing credentials. But 2025 has made something else clear: you don’t need a breach to suffer breach-level damage. Sometimes, data leaks without ever being attacked, and
Yesterday
7 TTPs
by Pierluigi Paganini / 11h
•Akira ransomware targets SonicWall VPN
SonicWall probes possible new zero-day after spike in Akira ransomware attacks on Gen 7 firewalls with SSLVPN enabled. SonicWall is investigating a potential new zero-day after a surge in Akira ransomware attacks targeting Gen 7 firewalls with SSLVPN enabled. The company is working to determine if the incidents stem from an existing flaw or a newly discovered vulnerability. “Over the past 72 hour
4 TTPs
by Pierluigi Paganini / 12h
•CVE-2025-23319
New flaws in NVIDIA’s Triton Server let remote attackers take over systems via RCE, posing major risks to AI infrastructure. Newly revealed security flaws in NVIDIA’s Triton Inference Server for Windows and Linux could let remote, unauthenticated attackers fully take over vulnerable servers. According to Wiz Research team, chaining these vulnerabilities enables remote code execution (RCE), posing
3 TTPs
by Pierluigi Paganini / 1d
•Monte Carlo casino hit by ransomware
The cybercrime D4rk4rmy added the Monte-Carlo Société des Bains de Mer to the list of victims on its Tor dark web leak site. The cybercrime group D4rk4rmy claimed the hack of Monte-Carlo Société des Bains de Mer (SBM). The company is Monaco’s premier luxury hospitality group, established in 1863. It operates iconic properties like the Casino de Monte-Carlo and Hôtel de Paris, playing a key role i
Northwest Radiologists data breach affects 350000
by Pierluigi Paganini / 1d
A January 2025 breach at Northwest Radiologists exposed data of 350,000 Washington State residents, the company confirmed. A data breach at Northwest Radiologists in January 2025 has exposed the personal information of 350,000 residents of Washington State, the company has confirmed. The security breach occurred on January 25, 2025 and caused “network disruption” at the organization. Northwest Ra
Chinese actors deploy PlayPraetor malware
by Pierluigi Paganini / 1d
PlayPraetor Android RAT has hit 11K+ devices, spreading fast via campaigns targeting Spanish and French speakers, say Cleafy researchers. Cleafy researchers have identified a new Android RAT called PlayPraetor, which has infected over 11,000 devices, mainly in Portugal, Spain, France, Morocco, Peru, and Hong Kong. The malware is spreading rapidly, with more than 2,000 new infections weekly, targe
Aug 3, 2025
Lovense sex toys leak user data
by Pierluigi Paganini / 1d
Lovense fixed bugs exposing emails and allowing account takeovers. Company CEO may take legal action after the flaws were publicly disclosed. Lovense, a manufacturer of internet-connected sex toys, fixed two vulnerabilities that exposed users’ emails and allowed remote account takeovers. A researcher known as BobDaHacker recently disclosed the flaws after Lovense claimed it would take 14 months t
23 TTPs
by Pierluigi Paganini / 1d
State-backed group CL-STA-0969 hit Southeast Asian telecoms in 2024, targeting critical infrastructure, says Palo Alto Networks’ Unit 42. Palo Alto Networks reported that a nation-state actor, tracked as CL-STA-0969, targeted telecom firms in Southeast Asia, with attacks on critical infrastructure from February to November 2024. Threat actor CL-STA-0969 overlaps with the China-linked cyber espion
7 TTPs
by Pierluigi Paganini / 2d
•Akira ransomware targets SonicWall VPN
Akira ransomware targets fully patched SonicWall VPNs in suspected zero-day attacks, with multiple intrusions seen in late July 2025. Arctic Wolf Labs researchers reported that Akira ransomware is exploiting SonicWall SSL VPNs in a likely zero-day attack, targeting even fully patched devices. Arctic Wolf Labs observed multiple intrusions via VPN access in late July 2025. Evidence suggests a likel
by Pierluigi Paganini / 2d
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Endgame Gear mouse config tool infected users with malware Auto-Color Backdoor: How Darktrace Thwarted a Stealthy Linux Intrusion Sealed Chain of Deception: Actors leveraging Node.JS to Launch JSCeal Decrypted: FunkSec Ransomware Threat actor use
Aug 2, 2025
by Pierluigi Paganini / 2d
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New Linux backdoor Plague bypasses auth via malicious PAM module China Presses Nvidia Over Alleged Backdoors in H20 Chips Amid Tech Tensions Malicio
7 TTPs
100+by Pierluigi Paganini / 2d
•Undetectable Linux backdoor exploits PAM
A stealthy Linux backdoor named Plague, hidden as a malicious PAM module, allows attackers to bypass auth and maintain persistent SSH access. Nextron Systems researchers discovered a new stealthy Linux backdoor called Plague, hidden as a malicious PAM (Pluggable Authentication Module) module. It silently bypasses authentication and grants persistent SSH access. A Pluggable Authentication Module (
Nvidia H20 demand exceeds supply
by Pierluigi Paganini / 2d
China questioned Nvidia over suspected backdoors in its H20 chips, adding to rising tensions in the tech fight between the U.S. and Beijing. China’s internet watchdog has summoned Nvidia over concerns that its H20 AI chips may contain hidden backdoors. Nvidia H20 chips are AI GPUs tailored for the Chinese market, based on Hopper architecture. They deliver strong AI performance but with reduced fe
Aug 1, 2025
11 TTPs
by Pierluigi Paganini / 3d
•AI malware drains cryptocurrency funds
AI-generated npm package @kodane/patch-manager drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025. AI-generated npm package @kodane/patch-manager was flagged for hiding malicious software to drain Solana wallets. The package was uploaded on July 28, 2025, and it was downloaded more than 1,500 times before takedown. “The package @kodane/patch-manager, is a sophisticated cryp
by Pierluigi Paganini / 4d
Meta backs Pwn2Own Ireland 2025 in Cork, offering up to $1M for WhatsApp exploits; targets include phones and wearables, Oct 21–24 via Zero Day Initiative. Meta is sponsoring ZDI’s Pwn2Own Ireland 2025 hacking competition, where participants can earn big prizes for smartphone, WhatsApp and wearable device exploits. Participants can earn up to $1 million for a WhatsApp exploit that allows attacker
IoC > 1 domain
by Pierluigi Paganini / 4d
•21 TTPs
Storm2603 exploits SharePoint vulnerabilities
Storm-2603 group exploits SharePoint flaws and uses a custom C2 framework, AK47 C2, with HTTP- and DNS-based variants named AK47HTTP and AK47DNS. Check Point Research is tracking a ToolShell campaign exploiting four Microsoft SharePoint flaws, linking it to China-nexus groups APT27 , APT31 , and a new cluster, Storm-2603. The researchers pointed out that Storm-2603’s goals remain unclear. Storm-2
Jul 31, 2025
by Pierluigi Paganini / 4d
CISA releases Thorium, an open-source tool for malware and forensic analysis, now available to analysts in government, public, and private sectors. CISA has released Thorium , a new open-source platform designed to support malware and forensic analysis. The platform was designed in collaboration with Sandia National Laboratories , the US Agency presented it as a scalable, open-source platform for
18 TTPs
by Pierluigi Paganini / 5d
•Russian hackers target Moscow embassies
Russia-linked Secret Blizzard targets foreign embassies in Moscow via ISP-level AitM attacks, deploying custom ApolloShadow malware. Microsoft researchers uncovered a cyberespionage campaign by the Russia-linked APT group Secret Blizzard (aka Turla , Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) targeting foreign embassies in Moscow. The threat actor uses an adversary-in-the-middle (A
IoC > 2 IPs
87by Pierluigi Paganini / 5d
•2 TTPs
Hackers exploit a critical vulnerability, tracked as CVE-2025-5394 (CVSS score of 9.8), in the Alone WordPress theme to hijack sites. Threat actors are actively exploiting a critical flaw, tracked as CVE-2025-5394 (CVSS score of 9.8), in the “ Alone – Charity Multipurpose Non-profit WordPress Theme ” to compromise websites. On May 30th, 2025, security researcher Thái An reported the bug via WordP
Jul 30, 2025
2 TTPs
by Pierluigi Paganini / 5d
Critical flaws in Dahua cameras let hackers take control remotely. The vendor has released patches, users should update firmware asap. Bitdefender cybersecurity experts discovered serious vulnerabilities in Dahua smart cameras that could have allowed hackers to take full control of the devices remotely. Fortunately, the vulnerabilities have been patched, but users are urged to update their firmwa
7 TTPs
by Pierluigi Paganini / 5d
•FunkSec AI ransomware rapidly spreads
Researchers have released a decryptor for the ransomware FunkSec, allowing victims to recover their encrypted files for free. Researchers at Avast developed a decryptor for the FunkSec ransomware. Gen Digital researchers released a decryptor for the FunkSec ransomware after cooperating with law enforcement to neutralize the threat. “Researchers at Avast developed a decryptor for the FunkSec ranso
41by Pierluigi Paganini / 6d
Apple addressed a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users. Apple released security updates to address a high-severity vulnerability, tracked as CVE-2025-6558 (CVSS score of 8.8), that has been exploited in zero-day attacks targeting Google Chrome users. The vulnerability is an insufficient validation of untrusted input in ANGLE and GPU
by Pierluigi Paganini / 6d
PyPI warns of phishing emails from noreply@pypj[.]org posing as “[PyPI] Email verification” to redirect users to fake package sites. PyPI warns of an active phishing attack using fake “[PyPI] Email verification” messages from noreply@pypj[.]org, aiming to lure users to spoofed PyPI sites. PyPI, short for the Python Package Index, is the official repository for Python software packages. It’s where
3 TTPs
by Pierluigi Paganini / 6d
•US seizes crypto linked ransomware
FBI Dallas seized 20 BTC from Chaos ransomware affiliate “Hors,” tied to cyberattacks on Texas firms, on April 15, 2025. The FBI division in Dallas seized about 20 Bitcoins on April 15, 2025, from a
- Get link
- X
- Other Apps
Comments
Post a Comment
Please leave a comment about our recent post.