June 2025 – Page 5

Business Case for Agentic AI SOC Analysts

Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected to reduce risk and deliver results without relying on larger teams or increased spending.
At the same time, SOC inefficiencies are draining resources. Studies show that up to half of all

Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit.
The activity has been attributed with medium confidence to a Chinese hacking group called Silver Fox (aka Void Arachne), citing similarities in tradecraft with previous campaigns attributed to the threat actor.

RevEng.ai Raises $4.15 Million to Secure Software Supply Chain

RevEng.ai has raised $4.15 million in seed funding for an AI platform that automatically detects malicious code and vulnerabilities in software.

The post RevEng.ai Raises $4.15 Million to Secure Software Supply Chain appeared first on SecurityWeek.

Chinese Hackers Target Chinese Users With RAT, Rootkit

China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit.

The post Chinese Hackers Target Chinese Users With RAT, Rootkit appeared first on SecurityWeek.

Retail giant Ahold Delhaize says data breach affects 2.2 million people

Ahold Delhaize, one of the world’s largest food retail chains, is notifying over 2.2 million individuals that their personal, financial, and health information was stolen in a November ransomware attack that impacted its U.S. systems. […]

Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability

The Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild for initial access.

The post Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability appeared first on SecurityWeek.

Vulnerability Exposed All Open VSX Repositories to Takeover

A vulnerability in the extension publishing mechanism of Open VSX could have allowed attackers to tamper with any repository.

The post Vulnerability Exposed All Open VSX Repositories to Takeover appeared first on SecurityWeek.

Microsoft 365 Direct Send Abused for Phishing

Hackers are abusing the Microsoft 365 Direct Send feature to deliver phishing emails that bypass email security controls.

The post Microsoft 365 Direct Send Abused for Phishing appeared first on SecurityWeek.

MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

Threat intelligence firm GreyNoise is warning of a “notable surge” in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems.MOVEit Transfer is a popular managed file transfer solution used by businesses and government agencies to share sensitive data

Windows 11 KB5060829 update released with 38 new changes, fixes

Microsoft has released the KB5060829 preview cumulative update for Windows 11 24H2, which includes 38 changes, including improvements to the taskbar and a new PC-to-PC migration experience. […]

Month: June 2025