Iranian State Hackers Partner Up for Large-Scale Attacks, Report (www.hackread.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/85/2b/852b07bc9721f9b137acceca24471939bd5aba47c7b2d56d2316b9e873a6389e.jpg)
Critical Fluent Bit flaw impacts all major cloud providers (www.bleepingcomputer.com)
A critical Fluent Bit vulnerability that can be exploited in denial-of-service and remote code execution attacks impacts all major cloud providers and many technology giants.
![](https://kbin.social/media/cache/resolve/entry_thumb/3c/15/3c157f108ba40dcc1f8c1554e87cb99f8339a87863517c8e3ab107e425910bc6.jpg)
Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms (www.darkreading.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/ca/be/cabed8c3da166294f3654170e1c1da6c75f28ebd2c205f8bd393dd76ee22dab8.jpg)
Hacktivist Groups Target Indian Elections, Leak Personal Data, Says Report (www.hackread.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/68/a4/68a428827adb28d9b60309e449081082a3d2eb8757cb6717024d14b8aeed559c.jpg)
PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026) (www.helpnetsecurity.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/77/23/7723c31dcd72c8eb839e399121de726267757ba7593df6d6e24b506a95402483.jpg)
Bad Karma, No Justice: Void Manticore Destructive Activities in Israel (research.checkpoint.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/62/79/62793c6500f91abf43eb6084b07e9d3dba264149d2b1f03f90faa0ca2ab4596c.png)
Exploiting CVE-2024-32002: RCE via git clone (amalmurali.me)
![](https://kbin.social/media/cache/resolve/entry_thumb/98/04/980454b22f642d7de9cdc0093c7cc3cabe9f1a077bde392f391b00290a8955dc.jpg)
SEC Adds New Incident Response Rules for Financial Sector (www.darkreading.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/7d/58/7d58ba4fad4ec7dd5ea0badceb287afaf8def1cc41f17b21500dfa2337e0edb2.jpg)
QNAP QTS zero-day in Share feature gets public RCE exploit (www.bleepingcomputer.com)
An extensive security audit of QNAP QTS, the operating system for the company’s NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed.
![](https://kbin.social/media/cache/resolve/entry_thumb/bd/66/bd6673b7ddf5530916436bad2cedf7dd5cb8a4166110c36d3a08f9660d0986b3.jpg)
Australia Investigates Data Breach at National Electronic Prescriptions Provider; Health Data Potentially Compromised (www.bitdefender.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/13/e9/13e95c1144eecd70f18300373b6f1657efc4b77b0ec77a027d75a15afd81cdad.jpg)
Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising (www.bleepingcomputer.com)
A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.
![](https://kbin.social/media/cache/resolve/entry_thumb/18/14/18144a30f3aa2d7adfa69ce4eacbf95c4781045c1ac3b3ccb9f697dc774935eb.jpg)
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog - RedPacket Security (www.redpacketsecurity.com)
CISA Adds Three Known Exploited Vulnerabilities to Catalog
![](https://kbin.social/media/cache/resolve/entry_thumb/cf/b7/cfb7084d7e15ce026c09d6d68283316c9c9ad1cd099ddc9d2d78c511011d37f3.png)
American Radio Relay League cyberattack takes Logbook of the World offline (www.bleepingcomputer.com)
The American Radio Relay League (ARRL) warns it suffered a cyberattack, which disrupted its IT systems and online operations, including email and the Logbook of the World.
![](https://kbin.social/media/cache/resolve/entry_thumb/5d/fe/5dfe30dfcde7c78f2f7afd6189bcd321aa7b9d6877e9d56257ee13797b9ebd76.jpg)
Banking malware Grandoreiro returns after police disruption (www.bleepingcomputer.com)
The banking trojan “Grandoreiro” is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks.
![](https://kbin.social/media/cache/resolve/entry_thumb/23/79/23794c9f6f135d6e3bff238736c51198efa3a1d967dd4e461a3a92e8e4c82cee.jpg)
Microsoft to start enforcing Azure multi-factor authentication in July (www.bleepingcomputer.com)
Starting in July, Microsoft will begin gradually enforcing multi-factor authentication (MFA) for all users signing into Azure to administer resources.
![](https://kbin.social/media/cache/resolve/entry_thumb/ba/df/badf5f9982624810c9a631f517b167a6ac0c27297f706a6956a70f6ffb2a91df.jpg)
Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) (www.helpnetsecurity.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/16/71/16713aee8184747ec03f32263deec33864c29291bd98fe32bcbf83509de901cf.jpg)
Norway recommends replacing SSL VPN to prevent breaches (www.bleepingcomputer.com)
The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks.
![](https://kbin.social/media/cache/resolve/entry_thumb/c2/53/c253c5120c39e533ea7b2cf957b273355915fecab09d0608d5b512706450a142.jpg)
Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets (www.aquasec.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/d6/86/d686e8f90c7fc6648ebf8714fde9a77cefeda4bd5b33007899300ba9f76a2192.jpg)
Llama Drama: Critical Flaw in AI Python Package Can Lead to System and Data Compromise (CVE-2024-34359) (www.securityweek.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/07/c8/07c81baa6cebcb566c1164f5f8937bd5121032e1527da0285a2b33666f778e2e.jpg)
US AI experts targeted in cyberespionage campaign using SugarGh0st RAT (www.csoonline.com)
Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence.
![](https://kbin.social/media/cache/resolve/entry_thumb/a4/62/a462dd4d4cccb7bc523958e2c4b969aebd087331e24f5a564a682ee585414dfe.jpg)
Russian hackers use new Lunar malware to breach a European govt's agencies (www.bleepingcomputer.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/13/64/1364856c1b06c2eae0001da2a30130dd2ec7f221f6a47f12305267562101def3.jpg)
Kimsuky hackers deploy new Linux backdoor in attacks on South Korea (www.bleepingcomputer.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/b5/91/b591f08fa9c91add7f6462e74f21636f4893b8b4783ae6224025f128e7290288.jpg)
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware (www.microsoft.com)
![](https://kbin.social/media/cache/resolve/entry_thumb/56/54/56546d5702f030f7fd2ea65328a3bc7be5a72e1270e8acd34394310333675e5b.png)
Microsoft fixes three zero-day vulnerabilities, two actively exploited (www.csoonline.com)
The company’s Patch Tuesday includes fixes for flaws in Windows Desktop Window Manager, Windows MSHTML, and Visual Studio, among others, that IT security orgs should prioritize.
![](https://kbin.social/media/cache/resolve/entry_thumb/b8/3e/b83e6e9fcd9ae87efda5402246d019c500e23f2f88d53a71aae10333fef20a53.jpg)