DJBSEC's CyberNews 2025-07-09
1. FortiOS Buffer Overflow Vulnerability Discovered
A critical buffer overflow vulnerability has been discovered in Fortinet’s FortiOS operating system. This flaw could allow attackers to execute arbitrary code or trigger a denial of service on affected devices. Fortinet has released patches to address the vulnerability and urges all customers to update immediately. Exploitation risks are high due to the widespread use of FortiOS in enterprise networks.
2. Phishing Scams Can Deceive Large Language Models
New research shows that phishing scams can successfully deceive large language models used in cybersecurity detection. Attackers craft messages with linguistic tricks and context manipulation to bypass AI-driven filters. This raises concerns over overreliance on AI for email security without human verification. Experts recommend combining AI with traditional rule-based detection and user training to reduce risks.
3. Anatsa Android Banking Malware Returns via Google Play
The Anatsa banking trojan has resurfaced on Google Play, targeting Android users across Europe. Disguised as legitimate apps, the malware steals banking credentials and initiates fraudulent transactions directly from infected devices. Researchers warn that Anatsa uses sophisticated techniques to bypass Google Play’s security checks. Users are urged to verify app publishers and permissions before installation.
4. Anatsa Android Banking Trojan Hits Over 100,000 Devices
Further reports confirm that the Anatsa banking trojan has infected over 100,000 Android devices through malicious apps on Google Play. The malware utilizes advanced overlay attacks to capture user credentials from banking apps. Its operators primarily target financial institutions in Europe to perform large-scale theft. Google has removed the apps, but users already infected remain at risk.
5. Defending Against Phishing Kit Attacks
Researchers have highlighted the growing threat of phishing kits, which enable cybercriminals to launch sophisticated phishing attacks with minimal effort. These kits include pre-built templates and evasion techniques to bypass security filters. Organizations are advised to deploy advanced email security solutions and conduct regular employee training. Phishing kits continue to fuel credential theft and business email compromise campaigns.
6. Zoom Clients for Windows Vulnerability Discovered
A newly discovered vulnerability in Zoom clients for Windows could allow attackers to escalate privileges on affected systems. The flaw impacts both desktop and VDI installations, potentially giving attackers administrative access. Zoom has released an update addressing the issue, and users are urged to update immediately. This vulnerability underscores the importance of keeping collaboration tools patched.
7. Large-Scale Browser Hijacking Campaign Exposed
Researchers have uncovered a large-scale browser hijacking campaign targeting Chrome and Edge users. Attackers use malicious extensions to redirect users to unwanted ads and phishing sites, generating illicit revenue. The extensions often masquerade as productivity tools to gain user trust. Users should review installed extensions and remove any unrecognized or suspicious add-ons.
8. M&S Confirms Social Engineering Led to Ransomware Attack
UK retailer Marks & Spencer has confirmed that a recent massive ransomware attack resulted from a social engineering incident. Attackers tricked an employee into providing access credentials, which were then used to infiltrate corporate networks. The ransomware deployment caused operational disruptions and data encryption. The company is working with cybersecurity experts to recover and strengthen its defenses.
9. Malicious Open-Source Packages Spike in Repositories
Security researchers report a spike in malicious open-source packages uploaded to popular repositories like npm and PyPI. Attackers embed malware or credential stealers within seemingly useful packages to target developers. Organizations are urged to implement supply chain security checks and review dependencies before integration. The trend highlights ongoing threats to software supply chain integrity.
10. Microsoft Patches 137 CVEs in Latest Update
Microsoft’s latest Patch Tuesday addressed 137 CVEs, including critical vulnerabilities in Windows, Office, and Azure. Notably, no zero-day exploits were disclosed this cycle, but several critical flaws could enable remote code execution. Security experts recommend prioritizing updates for Windows Kernel and Microsoft Exchange vulnerabilities. Organizations should deploy patches promptly to reduce exploitation risks.
Enjoy Reading This Article?
Here are some more articles you might like to read next: