![Cybersecurity News | Daily Recap [07 Jul 2025]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [07 Jul 2025]")
This cybersecurity recap highlights the abuse of legitimate tools like Inno Setup and Shellter Elite by cybercriminals to distribute stealthy malware and evade detection. It also reports on sophisticated nation-state espionage campaigns by North Korea, TAG-140, APT36, and NightEagle, targeting critical sectors across different regions. #InnoSetupAbuse #ShellterElite #NimDoor #TAG-140 #APT36 #NightEagle
Malware & Exploits
- Cybercriminals abuse legitimate Inno Setup installers and leaked Shellter Elite red team tools to distribute sophisticated infostealers and evade detection β Inno Setup Abuse, Shellter Abuse
- North Korea-linked actors spread macOS NimDoor backdoor disguised as fake Zoom updates to stealthily target Web3 and crypto firms β NimDoor Spread
- Threat actor TAG-140 and APT36 deploy advanced RATs and Linux espionage malware against Indian government and critical infrastructure, leveraging phishing and modular malware β TAG-140 RAT, APT36 Linux Malware
- NightEagle APT group targets Chinaβs critical tech sectors with zero-day exploits and tailored espionage campaigns focused on semiconductors, AI, and military research β NightEagle Espionage
- This weekβs cybersecurity recap highlights critical vulnerabilities in Citrix and Cisco being exploited by threat actors including APT28 and MuddyWater, along with emerging malware like the stealthy Flodrix botnet and use of steganography β Weekly Recap
Ransomware & Cybercrime
- Hunters International ransomware group shuts down, releases free decryptors, and rebrands as World Leaks to focus on extortion and data theft β Hunters Shutdown
- Ingram Micro faces ransomware attack claimed by SafePay, causing major service outages and customer disruption β Ingram Micro Attack
- Brazilian police arrest insider suspect over a $100M banking hack targeting the PIX payment system, linked to credential sales and extensive fraud β Brazil Arrest
Vulnerabilities & Patching
- Two critical Sudo bugs affecting major Linux distros enable local root escalation via privilege bypasses, urging immediate patching β Sudo Bugs
- A US water facility was compromised due to the use of default passwords, underscoring the urgent need for secure-by-design manufacturing security practices β Default Password Risks
Phishing & Domain Abuse
- Cybercriminals increasingly exploit .es domains hosted on Cloudflare for credential phishing and distribution of remote access trojans across Spain β .es Domain Phishing
Geopolitical & Infrastructure Impact
- Russiaβs St. Petersburg suffers widespread mobile internet outages amid Kremlin preparations against suspected Ukrainian drone strikes, disrupting civilian and business networks β St. Petersburg Outage
Privacy & Regulation
- TikTok hires a senior UK data regulator from the ICO while facing investigations and fines over childrenβs data misuse, raising concerns about potential regulatory capture β TikTok Hiring
Technology Updates
- Windows 11 Notepad introduces native support for markdown formatting, enhancing text editing with headings, lists, and rich styles without affecting performance β Notepad Markdown