Daily Briefing for 07.01.25

Attacks, Threats, and Vulnerabilities

International Criminal Court hit with cyber security attack (AP News) The International Criminal Court has been targeted by a “sophisticated” cyberattack and is taking measures to limit any damage, the global tribunal announced Monday.

Iran-linked hackers threaten to release Trump aides' emails (Reuters) Iran-linked hackers have threatened to disclose more emails stolen from U.S. President Donald Trump's circle, after distributing a prior batch to the media ahead of the 2024 U.S. election.

NetScaler Critical Security Updates for CVE-2025-6543 and CVE-2025-5777 (NetScaler Blog) Over the past two weeks, Cloud Software Group has released builds to address CVE-2025-6543 and CVE 2025-5777, which affect NetScaler ADC and NetScaler Gateway if they are configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR an Authentication Authorization and Auditing (“AAA”) virtual server. While both of the vulnerabilities involve the same modules, the exposures differ. CVE 2025-6543, if exploited, could lead to a memory overflow vulnerability, resulting in unintended control flow and Denial of Service. CVE 2025-5777 arises from insufficient input validation that leads to memory overread. 

Products, Services, and Solutions

SSH Communications Security announces intention to enter into strategic partnership with Leonardo, backed by an EUR 20 million share issue to Leonardo (SSH Communications Security) SSH Communications Security Oyj (“SSH”), a leading defensive cybersecurity company for humans, systems, and networks, announces its intention to enter into a strategic partnership with Leonardo S.p.A. (“Leonardo”), a global key player in aerospace, defence, and security.

Cloudflare Is Blocking AI Crawlers by Default (WIRED) The age of the AI scraping free-for-all may be coming to an end. At least if Cloudflare gets its way.

For a complete running list of events, please visit the Event Tracker.

Events

fwd:cloudsec North America 2025 (Denver, Colorado, USA, Jun 30 - Jul 1, 2025) fwd:cloudsec is a non-profit conference on cloud security. At this conference you can expect discussions about all the major cloud platforms, both attack and defense research, limitations of security features, the pros and cons of different security strategies, and generally the types of things cloud practitioners want to know, but that don't fit neatly into a vendor conference schedule.

International Space Station Research and Development Conference (Seattle, Washington, USA, Jul 28 - 31, 2025) At ISSRDC, learn how to harness the International Space Station (ISS) and the unique conditions of space to help solve your most pressing research and development (R&D) challenges.

DEF CON 33 (Las Vegas, Nevada, USA, Aug 7 - 10, 2025) DEF CON is one of the oldest continuously running hacker conventions around, and also one of the largest.

39th Annual Small Satellite Conference (Salt Lake City, Utah, USA, Aug 11 - 13, 2025) During the 39th Annual Small Satellite Conference, we will delve into the innovations, demands, and cross-market collaborations shaping the future of satellite capabilities and driving new opportunities allowing us to collectively reach new horizons.