Employee arrested after Brazil's central bank service provider hacked for US $140 million
This month could barely have started any worse for some financial institutions in Brazil. On 30 June 2025, C&M Software, a Brazilian company that provides a "bridge" helping the country's central bank connect to local banks, revealed that it had been hacked. 800 Brazilian reals (approximately US $140 million) was stolen from the reserve accounts of six financial institutions as a result of the security breach. READ MORE...
Suspected Scattered Spider domains target everyone from manufacturers to Chipotle
While the aviation industry has borne the brunt of Scattered Spider's latest round of social engineering attacks, the criminals aim to catch manufacturing and medical tech companies as evidenced by hundreds of domains that security researchers say look a lot like phishing websites used by the criminal crews. Check Point researchers recently uncovered 500 such domains that follow Scattered Spider's naming conventions to spoof legitimate corporate login portals. READ MORE...
No thanks: Google lets its Gemini AI access your apps, including messages
If you're an Android user, you'll need to take action if you don't want Google's Gemini AI to have access to your apps. That's because, regardless of your previous settings, Google now allows Gemini to interact with third-party apps. Through Gemini extensions, it already had the ability to integrate with apps to lend a helping hand and make Google Assistant obsolete. While Google presents this as happy news, we're not in full agreement. READ MORE...
SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover
Enterprise software maker SAP on Tuesday announced the release of 27 new and four updated security notes as part of its July 2025 Security Patch Day, including six that address critical vulnerabilities. At the top of the list is an update for a note released in May, which addresses five security defects in its Supplier Relationship Management (SRM). SAP initially marked the note as high-priority, based on the severity score of the most important of these bugs. READ MORE...
Bert Blitzes Linux & Windows Systems
A new multiplatform ransomware strain is attracting attention for the speed at which it can encrypt systems, despite having relatively simple code. The key to its speed is the malware's aggressive use of multithreading, which enables it to rapidly encrypt multiple files in parallel across both Windows and Linux systems, leaving victims little time to detect or respond to it. Researchers at Trend Micro said they first observed it in April targeting healthcare, event services, and technology. READ MORE...
Chrome Store Features Extension Poisoned With Sophisticated Spyware
Google has inadvertently been promoting sophisticated spyware that can hijack browser sessions with malicious redirects hidden in a legitimate Chrome extension. The extension, which offers a legitimate color picker, was poisoned with the malware via an update at the end of June. The extension, called "Color Picker, Eyedropper - Geco colorpick," has more than 100,000 downloads, a verified Google badge, and a featured placement in the Google Chrome Web Store. READ MORE...
Atomic macOS infostealer adds backdoor for persistent attacks
Malware analyst discovered a new version of the Atomic macOS info-stealer (also known as 'AMOS') that comes with a backdoor, to attackers persistent access to compromised systems. The new component allows executing arbitrary remote commands, it survives reboots, and permits maintaining control over infected hosts indefinitely. MacPaw's cybersecurity division Moonlock analyzed the backdoor in Atomic malware after a tip from independent researcher g0njxa, a close observer of infostealer activity. READ MORE...
Ransomware negotiator investigated over criminal gang kickbacks
If someone is going to negotiate with criminals for you, that person should at least be on your side. That might not have been the case at Digital Mint, a ransomware negotiation company where one worker allegedly went rogue. According to Bloomberg, Digital Mint is cooperating with the US Department of Justive (DoJ) to investigate allegations that a former employee had worked with ransomware criminals. READ MORE...
- ...in 1853, Commodore Matthew Perry's diplomatic expedition sails into Japan's Edo Bay, now known as Tokyo Bay.
- ...in 1950, President Truman appoints Gen. Douglas MacArthur as head of the United Nations Command in the Korean War.
- ...in 1970, Grammy-winning singer-songwriter Beck Hansen AKA Beck ("Odelay", "Sea Change") is born in Los Angeles.
- ...in 2011, the Space Shuttle Atlantis is launched on the final mission of the NASA Space Shuttle program.
