Vulnerabilities
- Critical Vulnerability in MOVEit Transfer Let Hackers Gain Files Access
- Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack
- Plugins on WordPress.org backdoored in supply chain attack
- New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites
- PrestaShop Website Under Injection Attack Via Facebook Module
- Fortra Warns of Hard-Coded Password Vulnerability in The Filecatalyst
- SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately
- Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping
- Threat Actor Claims 0Day Sandbox Escape RCE in Chrome Browser
- Researchers Released PoC For Windows Bluetooth Service RCE Vulnerability
- PoC Released for D-LINK Information Disclosure that Leaks Passwords
- New Zip Slip vulnerability Let Attackers Execute Arbitrary Code Via Path Traversal
- Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool
- Microsoft Power BI Vulnerability Let Attackers Access Organizations Sensitive Data
- Zyxel NAS Devices Under Attack: Mirai-Like Botnet Exploiting CVE-2024-29973
TTP
- Beware Of Shorten URLs With Word Files That Install Remcos RAT
- New Adware Attacks Users Searching for Meta Quest App for Windows
Breaches
- ANY.RUN Cyber Attack: Employee Email Address Hacked
- Levi’s Data Breach: 72,000+ Customers’ Data Exposed
- NCSC Statement Following Synnovis Sata Breach
- LockBit Claims Massive Breach of the United States Federal Reserve System
Note worthy
- Mozilla Firefox Now Requires Device Lock To Access Stored Passwords
- FireTail Unveils Free Access for All to Cutting-Edge API Security Platform
- OpenAI’s ChatGPT for Mac is now available to all users
- Firefox starts letting you use AI chatbots in the sidebar
- Google rolls out Gemini side panels for Gmail and other Workspace apps
- iPhone mirroring is now available for developers to try
- Amazon Prime Day 2024 dates announced: Shop the summer sale on July 16 and 17
Miscellaneous
- Google is killing infinite scroll on search results
- EU finds Microsoft violated antitrust laws by bundling Teams
- Microsoft removes documentation for switching to a local account in Windows 11
- Google Addressed Numerous Security Flaws With Chrome 126