Infosec bits for 2025 week 27

Zoya Vilakazi | July 4, 2025, 3:20 p.m.

Cybersecurity News:

Cyberattack Targets International Criminal Court [Ionut Arghire, SecurityWeek]

Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms [Ravie Lakshmanan, The Hacker News]

Dozens of fake wallet add-ons flood Firefox store to drain crypto [Bill Toulas, Bleeping Computer]

Inside the Cyberattack That Hit Six Million Qantas Customers [James Darley, Technology Magazine]

AI Crawlers Reshape The Internet With Over 30% of Global Web Traffic [Tushar Subhra Dutta, Cyber Security News]

Vulnerabilities & patches:

Cisco warns that Unified CM has hardcoded root SSH credentials [Sergiu Gatlan, Bleeping Computer]

Wing FTP Server Max Severe Vulnerability Let Attackers Take Full Server Control [Kaaviya, Cyber Security News]

Chrome 138 Update Patches Zero-Day Vulnerability [Ionut Arghire, SecurityWeek]

Django App Vulnerabilities Allow Remote Code Execution [Divya, GBHackers]

Linux Users Urged to Patch Critical Sudo CVE [Phil Muncaster, Infosecurity Magazine]

New FileFix attack runs JScript while bypassing Windows MoTW alerts [Bill Toulas, Bleeping Computer]

Forminator plugin flaw exposes WordPress sites to takeover attacks [Bill Toulas, Bleeping Computer]

Malware:

Hunters International ransomware shuts down after World Leaks rebrand [Sergiu Gatlan, Bleeping Computer]

Malicious Passlib Python Package Forces Windows Shutdowns Through Invalid Inputs [Mandvi, Cyber Press]

North Korean Hackers Use Fake Zoom Updates to Install macOS Malware [Ionut Arghire, SecurityWeek]

New macOS Malware Employs Process Injection and Remote Communications to Exfiltrate Keychain Credentials [Tushar Subhra Dutta, Cyber Security News]

Other:

Breaking the cycle of attack playbook reuse [Cristian Iordache, Help Net Security]