⚠️ Matanbuchus 3.0 is here—and hackers are pushing it via fake Microsoft Teams IT calls.

It slips in through Quick Assist, bypasses AV, and can launch ransomware with a click.

Details on the $15K MaaS threat → https://thehackernews.com/2025/07/hackers-leverage-microsoft-teams-to.html

🛑 China-backed hackers breached Taiwan’s chip industry and a U.S. National Guard unit.

They used fake resumes, poisoned PDFs, and VPN beacons to exfiltrate intel—some attacks went undetected for 9 months.

Critical infrastructure data was stolen. PII too.

Here’s the full story → https://thehackernews.com/2025/07/chinese-hackers-target-taiwans.html

💥 New Cisco ISE flaw lets attackers run code as root — no login needed.

The bug (CVE-2025-20337) scores a perfect 10.0. Just one crafted API call = full system takeover.

Affected? Patch now or risk compromise.

Details here → https://thehackernews.com/2025/07/cisco-warns-of-critical-ise-flaw.html

👨🏻‍💻 Europol just crippled pro-Russian hacktivist group NoName057(16):

→ 100+ systems seized
→ 6 Russian suspects wanted
→ 1,000+ supporters warned

They gamified cyberattacks—badges, leaderboards, crypto rewards—to fuel digital warfare.

Full story → https://thehackernews.com/2025/07/europol-disrupts-noname05716-hacktivist.html

🚀 Exclusive threat intelligence used by top SOCs is now free!

#ANYRUN just made TI Lookup available to everyone
🔥

Access live attack data to cut MTTR and drive down business risks.

Act faster and smarter now: https://thn.news/anyrun-threat-intel-tg

🔓 Most security tools only look at known threats.

BreachLock combines CTEM, ASM & VM to expose everything—even the risks you don’t see.

One platform. Total visibility. Faster response.

Here’s how it works → https://thehackernews.com/2025/07/ctem-vs-asm-vs-vulnerability-management.html

🚨 Hackers are hiding crypto miners in legit websites using an old Apache flaw (CVE-2021-41773).

They’re mining silently. Detection is hard. Victims see HTTPS + valid SSL.

It’s a stealthy, years-long campaign.

Here’s how it works — and why it matters: https://thehackernews.com/2025/07/hackers-exploit-apache-http-server-flaw.html

🚨 Hackers abused fake GitHub accounts to host Amadey malware plugins & stealers like Lumma & RedLine.

They used Emmenhtal loader to drop payloads—evading filters with public repos. Even legit tools like PuTTY were weaponized.

Details → https://thehackernews.com/2025/07/hackers-use-github-repositories-to-host.html

🚨 Critical NVIDIA GPU bug lets attackers hijack AI containers with just 3 lines of code (CVSS 9.0).

Impacts 37% of cloud environments—risking full server takeover & model theft.

Read the full report → https://thehackernews.com/2025/07/critical-nvidia-container-toolkit-flaw.html

🚨 Google sues 25 China-based actors behind BADBOX 2.0 — a botnet infecting 10M+ devices with malware before they even reach users.

The kicker? They used hacked TVs & apps to steal ad money from Google itself.

Details here → https://thehackernews.com/2025/07/google-sues-25-chinese-entities-over.html

🚨 New malware “LAMEHUG” uses a coding LLM to generate real-time attack commands—no scripts needed.

Discovered by Ukraine CERT, it runs through Hugging Face and was sent by APT28 to target officials.

This changes how phishing works → https://thehackernews.com/2025/07/cert-ua-discovers-lamehug-malware.html

🚨 Ransomware now wipes backups, steals data & blocks recovery.

Old backup plans won’t cut it.

SMBs lose ₹45L/day to downtime — not counting trust & revenue loss.

Build real cyber resilience now ↓ https://thehackernews.com/2025/07/how-cyber-resilience-helps-it-defend-against-ransomwa.html

🚨 ALERT - Hackers exploited two Ivanti flaws as zero-days to drop stealth malware MDifyLoader—and run Cobalt Strike in memory.

It hides using DLL sideloading, evades detection, and keeps coming back.

Full story ↓ https://thehackernews.com/2025/07/ivanti-zero-days-exploited-to-drop.html

⚠️ WARNING - Fake CVs are being used to breach defense, energy & aviation sectors in Asia.

Espionage group UNG0002 is deploying Cobalt Strike, Shadow RAT & fake gov CAPTCHA pages in targeted attacks across China, Hong Kong & Pakistan.

Full breakdown → https://thehackernews.com/2025/07/ung0002-group-hits-china-hong-kong.html

🔥 China’s border police are using a secret tool called Massistant to extract everything—from GPS to Signal chats—off phones.

It installs silently, pulls your data, then vanishes. iPhones may be next.

Details here → https://thehackernews.com/2025/07/chinas-massistant-tool-secretly.html

🚨 Hackers are actively exploiting a critical flaw in CrushFTP (CVE-2025-54309, CVSS 9.0) to gain admin access via HTTPS—no DMZ needed.

They reverse engineered a patch and struck fast.

The worst part? Many systems are still exposed.

Details here → https://thehackernews.com/2025/07/hackers-exploit-critical-crushftp-flaw.html

🚨 Hackers hijacked popular npm packages using phishing emails that mimicked npm support.

They published malware directly—no GitHub commits, no PRs.

One version tries to run a DLL for remote code execution.

Check if you’re affected ↓ https://thehackernews.com/2025/07/malware-injected-into-6-npm-packages.html

⚠️ A critical UNPATCHED zero-day in Microsoft SharePoint (CVE-2025-53770) is being massively exploited right now.

At least 75 orgs breached—including major companies and governments.

Here’s what you need to know ↓ https://thehackernews.com/2025/07/critical-microsoft-sharepoint-flaw.html

🚨 Web3 devs targeted with fake AI job interviews — to steal your crypto.

Hackers lure victims with sites like “Norlax AI,” then drop malware disguised as a Realtek audio driver.

One click = stolen wallets, credentials, and project data.

Read → https://thehackernews.com/2025/07/encrypthub-targets-web3-developers.html

🔥 ALERT ➟ Microsoft issues urgent security patches for critical SharePoint RCE flaw (CVE-2025-53770), now under active exploitation worldwide.

Hackers are bypassing MFA, stealing keys, and targeting banks, government agencies, hospitals & more.

Details → https://thehackernews.com/2025/07/microsoft-releases-urgent-patch-for.html

If your SharePoint is on-prem and internet-facing—assume compromise. Patching alone won’t evict the threat.

🛡️ Urgent steps: Patch, rotate machine keys, restart IIS.