🚨 A stealthy new botnet called RondoDox is hijacking Linux DVRs & routers—then hiding in plain sight.

It kills security tools, rewrites system commands, and mimics traffic from Discord, Minecraft, and Fortnite to stay invisible.

Learn how it spreads → https://thehackernews.com/2025/07/rondodox-botnet-exploits-flaws-in-tbk.html

🚨 Does your org run on Microsoft?

Discover the 2025 Microsoft Vulnerabilities Report by BeyondTrust: 5-yr vuln trends, deep CVE insights & expert commentary. Your roadmap to stronger security.

Grab your free copy ➡️ https://thn.news/microsoft-vulnerability-report

🚨 WARNING: A popular VS Code extension for Ethereum smart contracts was hijacked with 2 hidden lines of code—launching PowerShell to run mystery scripts.

Crypto theft? Contract poisoning? It fooled 6,000+ devs.

Here’s how the attack worked → https://thehackernews.com/2025/07/malicious-pull-request-infects-6000.html

🚨 Adidas, Dior, Victoria’s Secret, M&S, and more were breached—no malware, no exploits.

Hackers just logged in using stolen credentials, stale SaaS tokens, and fake IT help calls.

The real threat? Invisible identities hiding in your SaaS stack.

Details here → https://thehackernews.com/2025/07/5-ways-identity-based-attacks-are.html

🚨 90,000+ Android users infected by banking malware from a fake PDF app on Google Play.

It showed fake “maintenance” screens to steal logins and drain accounts—targeting US and Canada banks.

The app hit #4 in the Tools category before Google removed it.

Full story → https://thehackernews.com/2025/07/anatsa-android-banking-trojan-hits.html

🚨 Hackers are using the legit red-teaming tool Shellter to spread malware like Lumma Stealer.

The worst part? It started with a leaked paid version—now it’s in the wild, dodging EDR.

Gaming lures, YouTube mods, fake sponsors... it’s all part of the trap.

Read → https://thehackernews.com/2025/07/hackers-use-leaked-shellter-tool.html

🚨 Microsoft just patched 130 flaws—but no exploited zero-days for the first time in 11 months.

One bug (CVSS 9.8) may be wormable, echoing WannaCry fears. Another leaks memory from SQL Server.

Patch now. Details here → https://thehackernews.com/2025/07/microsoft-patches-130-vulnerabilities.html

🚨 Chinese national arrested in Italy for role in massive U.S. cyber espionage campaign.

Xu Zewei allegedly hacked vaccine research & 12,700+ victims using Microsoft Exchange zero-days—linked to China's state-backed Silk Typhoon group.

Details here → https://thehackernews.com/2025/07/chinese-hacker-xu-zewei-arrested-for.html

🚨 U.S. sanctions North Korean hacker for using stolen American IDs to place fake IT workers in U.S. jobs—funneling salaries to fund weapons programs.

The scheme hit hundreds of companies. Some workers even planted malware.

Details → https://thehackernews.com/2025/07/us-sanctions-north-korean-andariel.html

🚨 Malware alert triage just got easier.

A free Tines workflow automates response using CrowdStrike, Slack, PagerDuty, and GitHub—built by Intercom’s Lucas Cantor.

Device owners are looped in instantly. No more manual chasing.

Try it here → https://thehackernews.com/2025/07/how-to-automate-ticket-creation-device.html

Thinking of running DDoS simulations?

Whether you're using open-source tools or commercial software, a few best practices can make all the difference.

Start with the most common attack vectors. Test each protection layer separately. And follow these 7 essential tips to get the most from your efforts.

Check out the full list → https://thn.news/ddos-testing-tips

Suspected India-linked APT hacked European foreign ministry using fake defense emails and LoptikMod malware.

Phishing via Google Drive led to data exfiltration, persistence, and stealthy surveillance.

Diplomatic espionage is expanding → https://thehackernews.com/2025/07/donot-apt-expands-operations-targets.html

🚨 Exposed ASP.NET keys are being weaponized to hijack servers—3,000+ at risk.

An IAB called Gold Melody is selling stealthy access after exploiting ViewState flaws. Code runs in memory, leaving barely a trace.

Here's what’s happening → https://thehackernews.com/2025/07/gold-melody-iab-exploits-exposed-aspnet.html

🚨 Major flaws hit ServiceNow, Lenovo, and Windows:

🔸 ServiceNow bug (CVE-2025-3648) leaks PII via ACL misconfigs—no login needed
🔸 Lenovo app lets local users hijack DLLs to run code
🔸 Windows Kerberos bug (CVE-2025-47978) can crash domain controllers remotely

Find details here → https://thehackernews.com/2025/07/servicenow-flaw-cve-2025-3648-could.html

🚨 New AMD CPU attack technique uncovered! Researchers reveal a new class of side-channel flaws—TSA—impacting Ryzen, EPYC, and Instinct chips.

These let attackers leak sensitive data across virtual machines, apps, even OS kernel boundaries.

Exploits require local code execution—but the risk is real.

Here’s what to know ↓ https://thehackernews.com/2025/07/amd-warns-of-new-transient-scheduler.html

🚨 A fake Termius app for macOS is spreading ZuRu malware — with full remote access powers.

It silently hijacks developers hunting legit tools, using hacked code and stealthy C2 beacons.

The worst part? It auto-updates to dodge detection.

Full report → https://thehackernews.com/2025/07/new-macos-malware-zuru-targeting.html

🚨 95% of U.S. companies now use generative AI—often without IT knowing.

That means sensitive data is flowing into AI tools with no oversight, no logging, and no guardrails.

Shadow AI is today’s biggest blind spot.

Details + what to do about it → https://thehackernews.com/2025/07/what-security-leaders-need-to-know.html

🚨 UK teens linked to $590M cyberattacks on M&S, Co-op, Harrods arrested.

They’re tied to Scattered Spider—a group so slick, it tricks IT desks with fake calls.

The worst part? It’s just one arm of a crime ring tied to swatting and even murder.

Read → https://thehackernews.com/2025/07/four-arrested-in-440m-cyber-attack-on.html

🚨 Crypto users targeted in ultra-slick social engineering scam.

Hackers built dozens of fake AI/Web3 startups—complete with logos, blogs, and verified X accounts—to push malware disguised as investment tools.

The malware drains wallets on both Windows & macOS.

Details here → https://thehackernews.com/2025/07/fake-gaming-and-ai-firms-push-malware.html

🚨 Critical flaw in AI tool mcp-remote lets hackers run OS commands just by connecting to a fake server.

Full system takeover possible on Windows. Over 437K downloads already.

Update now or risk remote hijack.

Details here → https://thehackernews.com/2025/07/critical-mcp-remote-vulnerability.html