All posts by John Doe

■■■□□ The Pakistan Airports Authority (PAA) appears to have been compromised, their email infrastructure being used to distribute password-protected ZIP archives containing a previously undocumented malware. https://x.com/WhichbufferArda/status/1933300356370325981

■■■■■ Graphite spyware used in Apple iOS zero-click attacks on journalists. https://www.bleepingcomputer.com/news/security/graphite-spyware-used-in-apple-ios-zero-click-attacks-on-journalists/

■■□□□ Data-Leak: 🇮🇷🇮🇱🇺🇳 Iran has released documents revealing that IAEA chief Grossi has been fully coordinated with Israel and acting on its orders. The documents are part of those that Iran managed to take out of Israel the other day.

■□□□□ As Israel hits Iran with missiles in Tehran, online war of information has begun, as wikipedia becomes the propaganda point. https://en.m.wikipedia.org/wiki/June_2025_Israeli_strikes_in_Iran

■□□□□ European Union has its own DNS resolver; DNS4EU. https://www.joindns4.eu/

■■■■■ Microsoft Outlook Vulnerability Let Attackers Execute Arbitrary Code Remotely. Microsoft Outlook Vulnerability Let Attackers Execute Arbitrary Code Remotely

■■■□□ Forensic analysis confirms ✅ two more European journalists targeted with Paragon’s Graphite spyware. Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted

■■■■■ ⚠️ Zero-click AI exploit in Microsoft 365 Copilot (CVE-2025-32711, CVSS 9.3) lets attackers steal sensitive data silently via email—no user interaction needed. Details ↓ https://thehackernews.com/2025/06/zero-click-ai-vulnerability-exposes.html

■■■■□ From trust to threat. Cybercriminals hijack expired Discord invites, quietly redirecting users to malicious servers. Social engineering and multi-stage loaders with evasion techniques enable stealthy delivery of malware bundles (RATs & stealers) bypassing AV detection. https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/

■■■■□ United States 🇺🇸 CISA, Microsoft warn of Windows zero-day used in attack on ‘major’ Turkish defense org. therecord.media/microsoft-cisa-zero-day-turkish-defense-org CISA list of exploited bugs in the Wild. https://www.cisa.gov/news-events/alerts/2025/06/10/cisa-adds-two-known-exploited-vulnerabilities-catalog