A naukri.com initiative
Dev
3w
106
Image Credit: Dev
Security news weekly round-up - 20th June 2025
- Discord flaw allows reuse of expired invites leading to malware campaigns with PowerShell downloaders and final payloads like AsyncRAT, Skuld Stealer, and ChromeKatz.
- Over 269,000 websites infected with JSFireTruck JavaScript malware posing a significant threat by redirecting victims to malicious URLs for malware and exploits.
- Anubis ransomware now includes a wiper to destroy files beyond recovery, removing Volume Shadow Copies and using encryption similar to EvilByte and Prince ransomware.
- CrowdStrike researchers investigate patchless AMSI bypass attack technique, VEH², allowing adversaries to evade Windows' Antimalware Scan Interface stealthily.
- New ClickFix malware variant 'LightPerlGirl' targets users, discovered from a corporate customer visiting an infected travel site, deploying Lumma Stealer.
- New Linux udisks flaw lets attackers escalate privileges to root on major Linux distros through CVE‑2025‑6018 and CVE‑2025‑6019, highlighting the power of seemingly benign services.
- Scammers display fake phone numbers on legitimate websites like HP by appending parameters to ad links in search results, injecting malicious text for targets to see.
Read Full Article
6 Likes
For uninterrupted reading, download the app