#DanaBot #malware operators exposed via C2 bug added in 2022

https://www.bleepingcomputer.com/news/security/danabot-malware-operators-exposed-via-c2-bug-added-in-2022/

#cybercrime #cybersecurity #privacy

#ConnectWise rotating code signing certificates over security concerns

https://www.bleepingcomputer.com/news/security/connectwise-rotating-code-signing-certificates-over-security-concerns/

#cybersecurity

#WholeFoods warns of shortages after cyberattack at its primary distributor #UNFI

https://techcrunch.com/2025/06/11/whole-foods-tells-staff-cyberattack-at-its-primary-distributor-unfi-will-affect-product-availability/

#groceries #cybersecurity

Found in the wild: 2 #SecureBoot exploits. #Microsoft is patching only 1 of them.

https://arstechnica.com/security/2025/06/unearthed-in-the-wild-2-secure-boot-exploits-microsoft-patches-only-1-of-them/

#cybersecurity

#Microsoft June 2025 #PatchTuesday fixes exploited zero-day, 66 flaws

https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2025-patch-tuesday-fixes-exploited-zero-day-66-flaws/

#cybersecurity

#Microsoft #Outlook to block more risky attachments used in attacks

https://www.bleepingcomputer.com/news/security/microsoft-outlook-to-block-more-risky-attachments-used-in-attacks/

#cybersecurity #email

#KI ist praktisch – doch gebt nicht zu viel preis! Sensible Daten wie Passwörter oder Bankinfos haben in KI-Tools nichts verloren. Auch Kriminelle nutzen KI für Deepfakes & Betrug. Weniger teilen = besser schützen.

Tipps: 👉 https://www.bsi.bund.de/dok/1113674

#KünstlicheIntelligenz #CyberSecurity

#FIN6 hackers pose as #job seekers to backdoor recruiters’ devices

https://www.bleepingcomputer.com/news/security/fin6-hackers-pose-as-job-seekers-to-backdoor-recruiters-devices/

#cybersecurity

#IvantiWorkspaceControl hardcoded key flaws expose #SQL credentials

https://www.bleepingcomputer.com/news/security/ivanti-workspace-control-hardcoded-key-flaws-expose-sql-credentials/

#Ivanti #IWC #cybersecurity

Over 20,000 malicious IP addresses or domains linked to infostealer malware have been taken down in a joint international operation joined by Japan and 25 other countries. https://www.japantimes.co.jp/business/2025/06/12/companies/npa-interpol-malware/?utm_medium=Social&utm_source=mastodon #business #companies #npa #interpol #cybersecurity

How can #OpenSource AI boost European digital sovereignty?

Why is #cybersecurity a critical dimension of the open source agenda?

During the #OSAwards project, we aim to explore some of the most intriguing questions of the current open source landscape.

Eleven open source experts. Two webinars. One playlist.

Replay the #OSAwards conversations and subscribe to stay tuned for future webinars: https://www.youtube.com/@EuropeanOpenSourceAcademy/playlists

"AI-assisted hackers are a major fear in the cybersecurity industry, even if their potential hasn’t quite been realized yet."

Informative @WIRED article about vibe-coding's potentially scarier sibling:

https://www.wired.com/story/youre-not-ready-for-ai-hacker-agents/

#AI #CyberSecurity

Join us June 26 at the #openSUSE Conference in #Nuremberg for a full day of #workshops focused on the #Cyber Resilience Act (#CRA) & #NIS2 Directive.
How will new #EU laws shape the future of #opensource? Discover what #SMEs need to know!
#CyberSecurity https://events.opensuse.org/

#Apple will end support for #Intel Macs next year, macOS 27 will require Apple Silicon

https://9to5mac.com/2025/06/09/apple-will-end-support-for-intel-macs/

#Mac #AppleSilicon #cybersecurity

Stolen #Ticketmaster data from #Snowflake attacks briefly for sale again

https://www.bleepingcomputer.com/news/security/stolen-ticketmaster-data-from-snowflake-attacks-briefly-for-sale-again/

#cybersecurity #DataBreach #music

Over 84,000 #Roundcube instances vulnerable to actively exploited flaw

https://www.bleepingcomputer.com/news/security/over-84-000-roundcube-instances-vulnerable-to-actively-exploited-flaw/

#cybersecurity

#Paragon says it canceled contracts with #Italy over government’s refusal to investigate #spyware attack on journalist

https://techcrunch.com/2025/06/09/paragon-says-it-cancelled-contracts-with-italy-over-governments-refusal-to-investigate-spyware-attack-on-journalist/

#cybersecurity #privacy #journalism #politics

#Sensata Technologies says personal data stolen by #ransomware gang

https://www.bleepingcomputer.com/news/security/sensata-technologies-says-personal-data-stolen-by-ransomware-gang/

#cybersecurity #privacy #DataBreach

#Grocery wholesale giant #UnitedNaturalFoods hit by #cyberattack

https://www.bleepingcomputer.com/news/security/grocery-wholesale-giant-united-natural-foods-hit-by-cyberattack/

#UNFI #food #cybersecurity #WholeFoods #Amazon

"In a victory for personal privacy, a New York federal district court judge today granted a preliminary injunction in a lawsuit challenging the U.S. Office of Personnel Management’s (OPM) disclosure of records to DOGE and its agents.

Judge Denise L. Cote of the U.S. District Court for the Southern District of New York found that OPM violated the Privacy Act and bypassed its established cybersecurity practices under the Administrative Procedures Act. The court will decide the scope of the injunction later this week. The plaintiffs have asked the court to halt DOGE agents’ access to OPM records and for DOGE and its agents to delete any records that have already been disclosed. OPM’s databases hold highly sensitive personal information about tens of millions of federal employees, retirees, and job applicants.

“The plaintiffs have shown that the defendants disclosed OPM records to individuals who had no legal right of access to those records,” Cote found. “In doing so, the defendants violated the Privacy Act and departed from cybersecurity standards that they are obligated to follow. This was a breach of law and of trust. Tens of millions of Americans depend on the Government to safeguard records that reveal their most private and sensitive affairs.”"

https://www.eff.org/press/releases/privacy-victory-judge-grants-preliminary-injunction-opmdoge-lawsuit

#USA #Trump #Musk #DOGE #OPM #CyberSecurity #Privacy #DataProtection

New #Mirai #botnet infect #TBK #DVR devices via command injection flaw

https://www.bleepingcomputer.com/news/security/new-mirai-botnet-infect-tbk-dvr-devices-via-command-injection-flaw/

#cybersecurity

Threat Actor Claims #TikTok Breach, Puts 428 Million Records Up for Sale

https://hackread.com/threat-actor-tiktok-breach-428-million-records-sale/

#cybersecurity #DataBreach #privacy

#Trump administration takes aim at #Biden and #Obama #cybersecurity rules

https://techcrunch.com/2025/06/07/trump-administration-takes-aim-at-biden-and-obama-cybersecurity-rules/

#politics

#Malware found in #NPM packages with 1 million weekly downloads

https://www.bleepingcomputer.com/news/security/supply-chain-attack-hits-gluestack-npm-packages-with-960k-weekly-downloads/

#cybersecurity

Malicious #npm packages posing as utilities delete project directories

https://www.bleepingcomputer.com/news/security/malicious-npm-packages-posing-as-utilities-delete-project-directories/

#cybersecurity