BlackSuit: A Hybrid Approach with Data Exfiltration and Encryption
#BlackSuitGroup #BlackSuitRansomware
https://www.cybereason.com/blog/blacksuit-data-exfil

Havoc Professional: A Lethal Presence
#HAVOCC2
https://www.infinitycurve.org/blog/introduction

What the NULL?! Wing FTP Server RCE (CVE-2025-47812)
#CVE_2025_47812
https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/

GoldMelody’s Hidden Chords: Initial Access Broker In-Memory IIS Modules Revealed
#GOLDMELODY
https://unit42.paloaltonetworks.com/initial-access-broker-exploits-leaked-machine-keys/

macOS.ZuRu Resurfaces | Modified Khepri C2 Hides Inside Doctored Termius App
#macOS.ZuRu
https://www.sentinelone.com/blog/macos-zuru-resurfaces-modified-khepri-c2-hides-inside-doctored-termius-app/

Grammarly to Acquire Superhuman to Accelerate Its AI Productivity Platform
#Grammarly
https://www.grammarly.com/blog/company/grammarly-to-acquire-superhuman/

Count(er) Strike – Data Inference Vulnerability in ServiceNow
#ServiceNow #CVE_2025_3648
https://www.varonis.com/blog/counter-strike-servicenow

From Click to Compromise: Unveiling the Sophisticated Attack of DoNot APT Group on Southern European Government Entities
#DonotTeam #LoptikMod
https://www.trellix.com/blogs/research/from-click-to-compromise-unveiling-the-sophisticated-attack-of-donot-apt-group-on-southern-european-government-entities/

Pay2Key’s Resurgence: Iranian Cyber Warfare Targets the West
#Pay2Key.I2P
https://engage.morphisec.com/hubfs/Pay2Key_Iranian_Cyber_Warfare_Targets_the_West_Whitepaper.pdf

Appeals court revives Salvadoran journalists’ lawsuit against NSO Group
#NSOGroup
https://therecord.media/appeals-court-revives-salvadoran-journalist-lawsuit-nso-group-spyware

Atomic macOS Stealer now includes a backdoor for persistent access
#AtomicStealer
https://moonlock.com/amos-backdoor-persistent-access

Exclusive disclosure of the attack activities of the APT group “NightEagle”
#NightEagle
https://github.com/RedDrip7/NightEagle_Disclose/commits/main/Exclusive%20disclosure%20of%20the%20attack%20activities%20of%20the%20APT%20group%20NightEagle.pdf

Free certificates for IP addresses: security problem or solution?`
#Let'sEncrypt
https://www.malwarebytes.com/blog/news/2025/07/free-certificates-for-ip-addresses-security-problem-or-solution

TikTok recruits senior UK privacy regulator as it battles fine and investigation
#TikTok
https://therecord.media/tiktok-uk-stephen-bonner-ico

Exposing Scattered Spider: New Indicators Highlight Growing Threat to Enterprises and Aviation
#SCATTEREDSPIDER
https://blog.checkpoint.com/research/exposing-scattered-spider-new-indicators-highlight-growing-threat-to-enterprises-and-aviation/

Hpingbot: A New Botnet Family Based on Pastebin Payload Delivery Chain and Hping3 DDoS Module
#Hpingbot
https://nsfocusglobal.com/hpingbot-a-new-botnet-family-based-on-pastebin-payload-delivery-chain-and-hping3-ddos-module/

Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
#Catwatchful
https://techcrunch.com/2025/07/02/data-breach-reveals-catwatchful-stalkerware-spying-on-thousands-android-phones/

HC begins hearing on Proton Mail’s appeal against proceedings to block it in India
#ProtonMail
https://economictimes.indiatimes.com/tech/technology/hc-begins-hearing-on-proton-mails-appeal-against-proceedings-to-block-it-in-india/articleshow/122187391.cms

How this ClickFix campaign leads to Redline Stealer
#ClickFix #RedLineStealer
https://sec.okta.com/articles/2025/07/how-this-clickfix-campaign-leads-to-redline-stealer/

Hunters International ransomware group claims to be shutting down
#HuntersInternational
https://therecord.media/hunters-international-ransomware-extortion-group-claims-shutdown