#AIslop and fake reports are exhausting #security #bugbounties
The world of #cybersecurity is not immune to this problem. In last year, people across the cybersecurity industry have raised concerns about #AI #slop #bugbounty reports, meaning reports that claim to have found #vulnerabilities that do not actually exist, because they were created with a #largelanguagemodel (#LLM) that simply made up the #vulnerability, and then packaged it into a professional-looking writeup
https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/

Another Supply Chain Vulnerability

ProPublica is reporting:
Microsoft is using engineers in China to help maintain the Defense Department’s ... https://www.schneier.com/blog/archives/2025/07/another-supply-chain-vulnerability.html

Firmware flaws in 240+ Gigabyte motherboards (2017–2021) could allow stealth malware to bypass Secure Boot and take full control.

Fixes exist, but nearly half the boards are unsupported due to EOL status—leaving many users exposed.
Check for updates or consider replacing hardware.

@techspot

https://www.techspot.com/news/108688-firmware-flaws-over-200-gigabyte-motherboards-could-lead.html

Security Vulnerabilities in ICEBlock

The ICEBlock tool has vulnerabilities:
The developer of ICEBlock, an iOS app for anonymously reporting sightings of US I... https://www.schneier.com/blog/archives/2025/07/security-vulnerabilities-in-iceblock.html

#PerfektBlue #Bluetooth #Vulnerabilities Expose Millions of #Vehicles to Remote Code Execution

"Cybersecurity researchers have discovered a set of four security flaws in OpenSynergy's BlueSDK Bluetooth stack that, if successfully #exploited, could allow remote code execution #rce on millions of #transport vehicles from different vendors."
https://thehackernews.com/2025/07/perfektblue-bluetooth-vulnerabilities.html

https://www.europesays.com/uk/244121/ China-linked attacker hit France’s critical infrastructure via trio of Ivanti zero-days last year #China #CISA #CybersecurityAndInfrastructureSecurityAgency(cisa) #EU #Europe #exploit #exploitation #France #Ivanti #mandiant #vulnerabilities #ZeroDays

Multiple PHP Vulnerabilities Allow SQL Injection & DoS Attacks – Update Now https://cybersecuritynews.com/multiple-php-vulnerabilities/ #CyberSecurityNews #cybersecuritynews #Vulnerabilities #CyberSecurity #cybersecurity #vulnerability #Dosattack #Php #SQL

DATE: July 03, 2025 at 04:50PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

The #FDA says that #cyber #vulnerabilities - including a hidden #backdoor - involving certain patient monitoring devices made by #China-based #Contec have a patch to fix the issues.
But for some users, applying the patch won't be easy, the FDA warns.
https://t.co/4Xphw2IvXt

Here are any URLs found in the article text:

https://t.co/4Xphw2IvXt

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

https://www.youtube.com/watch?v=9CISphpvapI #linux #vulnerabilities #security #bug

CISA Catalog of Known Exploited Vulnerabilities
Choose your products that to compare to current CVEs. The list is generated from current CVEs. Download them or create a custom GRC plan.
https://blackcatwhitehatsecurity.com/cveProducts.cfm
#CISA #Catalog #Known #Exploited #Vulnerabilities #technology

https://www.europesays.com/2183857/ Banks in S. Korea, Taiwan, Thailand #Economy #outlook #RetailNews #RetailProblems #retailers #sector #SouthKorea #vulnerabilities

CISA Catalog of Known Exploited Vulnerabilities
Choose your products that you use to compare to current CVEs. Product list is generated from current CVEs. Download the vulnerabilities or create a custom GRC plan.
https://blackcatwhitehatsecurity.com/cveProducts.cfm
#CISA #Catalog #Known #Exploited #Vulnerabilities #technology

GreyNoise has observed exploit attempts targeting CVE-2023-28771 — an RCE vuln affecting Zyxel devices. Full analysis + malicious IPs

https://www.greynoise.io/blog/exploit-attempts-targeting-zyxel-cve-2023-28771

(Maybe intentional, maybe unintentional) deceptive advisories 101: https://certvde.com/en/advisories/VDE-2025-052/ .

The actual vulns here are OS command injection issues (CWE-78). The webapp just so happens to be vulnerable to CSRF too, so they use CWE-352, but honestly nobody in their right mind gives a crap about CSRF as a top priority item.

There are multiple ways to exploit the bugs. The score/vector in the advisory is technically correct, but you could also exploit the bug (or series of bugs) as 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) or 9.9 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) depending on the privilege required to do the OS command injection. But honestly the 'what privilege required' becomes moot when you search the user manual for default credentials....

Whether the deception is intentional or not, who knows, it is what it is. Attackers are never* gonna use CSRF, but they are absolutely positively going to abuse command injection (even authenticated command injection), especially against devices which has 1) a cellular modem and 2) published default credentials that are incredibly easy to learn.

This is all an example of the fact that CVSS does not score a vulnerability, but rather scores one exploitation method of a vulnerability. There are often multiple ways to interpret 'a vuln'. In this case the advisory probably should have reserved more CVEs anyway: some to cover the CSRF, and others to cover the command injection bugs (the fixes for each are most likely distinct code changes, so worthy of independent CVEs, but I digress).

And sorry for the sales pitch: this is the kind of thing that we manually review all week, every week, and publish details about in our Worldview reports: https://www.dragos.com/dragos-worldview/

Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser

“Security researchers managed to access the live feeds of 40,000 internet-connected cameras worldwide and they may have only scratched the surface of what’s possible. The US was the most affected region, with around 14,000 of the total feeds streami ...continues

See https://gadgeteer.co.za/peep-show-40k-iot-cameras-worldwide-stream-secrets-to-anyone-with-a-browser/

Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser

https://squeet.me/display/962c3e10-d04730de-0e0edcadf2a2e541

Linux Foundation unveils decentralised WordPress plugin manager

https://squeet.me/display/962c3e10-4b7eeb29-9d4ba77be232e560

Latest issue of my curated #cybersecurity and #infosec list of resources for week #23/2025 is out!

It includes the following and much more:

Cartier announced a #databreach;

Microsoft and CrowdStrike are working together to connect the different names used for hacking groups;

German authorities have identified Vitaly Nikolaevich Kovalev as the leader of the #TrickBot cybercrime gang;

Over 30 #Vulnerabilities Patched in #Android;

Microsoft has launched a free European Security Program to enhance cybersecurity for #EU governments;

#Microsoft Helps India CBI Dismantle Indian Call Centers;

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end

https://infosec-mashup.santolaria.net/p/infosec-mashup-23-2025

The @EUCommission Internal Security Strategy, #ProtectEU, includes a Technology Roadmap on encryption, raising concerns about law enforcement access to encrypted data. @edri and 39 organizations urge inclusion of experts and civil society for an evidence-based approach.

The consensus is clear: granting law enforcement access to end-to-end encryption creates #vulnerabilities.

https://edri.org/our-work/technical-experts-call-on-virkkunen-for-a-seat-on-the-table-european-commissions-technology-roadmap-on-encryption/

New Linux Vulnerabilities

They’re interesting:
Tracked as CVE-2025-5054 and CVE-2025-4598</a... https://www.schneier.com/blog/archives/2025/06/new-linux-vulnerabilities.html