Critical Cybersecurity Alerts and Top Tech News for July 18, 2025

```html Top Tech Headlines for July 18, 2025 | BootableUSBs.com

Top Tech Headlines for July 18, 2025

From cutting-edge AI advancements to serious cybersecurity threats, today’s tech news is packed with high-stakes updates. Whether you're a system admin, developer, or everyday user, here's what you need to know to stay secure and in the loop.

🎯 Arch Linux Removes Malware-Infected AUR Packages

Three packages in Arch Linux’s community-driven AUR were discovered to secretly install the CHAOS remote access trojan (RAT). Thankfully, they've been removed, but this incident is a critical reminder for users to vet any community-sourced code. Always double-check script contents—and boot from a clean environment when in doubt.

🎯 UK Officially Ties GRU to Microsoft 365 Credential Theft

The UK's NCSC has attributed stealthy malware attacks targeting Microsoft 365 credentials to APT28, a hacking group linked to Russia's military intelligence (GRU). The malware known as ‘Authentic Antics’ signals an ongoing espionage threat against Western institutions. Secure your accounts with strong MFA—or better yet, keep recovery tools nearby.

🎯 Microsoft Flags Firewall Bug as Fixed—But It’s Not

Microsoft prematurely marked a Windows Firewall error log issue as resolved, though it's still causing trouble for users. This bug affects accurate logging and has implications for troubleshooting and security audits. If you're running Windows, double-check your logs and consider isolated environments for sensitive tasks.

🎯 ChatGPT o3-alpha Appears Smarter—Especially at Coding

OpenAI’s o3-alpha is being called their most capable ChatGPT model yet, thanks to improved reasoning and early signs of enhanced coding abilities. Developers could soon find it even more helpful when working through tricky bugs or building scripts. Useful—but remember, always validate generated code.

🎯 Russian Retail Giant WineLab Hit by Ransomware

WineLab, a major alcohol retailer in Russia, shuttered stores after a ransomware attack disrupted operations. Customers reported transaction problems, and the attack highlights how ransomware continues to cripple businesses globally. Backups are critical—but full recovery often needs more than just storage.

🎯 Free Ransomware Decryptor Released for Phobos Victims

Good news: the Japanese police have released a free decryptor for victims of Phobos and 8Base ransomware. BleepingComputer verified it works, potentially saving victims thousands. Get a copy now if you’re affected—or keep recovery tools ready on a bootable USB for emergencies.

🎯 TeleMessage Signal Clone Exposes User Credentials via Flaw

Hackers are actively scanning for vulnerable versions of TeleMessage SGNL, a secure messaging app. The flaw (CVE-2025-48927) allows attackers to retrieve usernames, passwords, and more. If you use SGNL, update immediately and review access logs for suspicious activity.

🎯 GPT-5 Is “Still Coming,” Says OpenAI

OpenAI confirmed that their next-gen model, GPT-5, is in the works—but no release date just yet. Expectations are sky-high, and insiders say it may send shockwaves across industries. Until then, o3-alpha is leading the charge as their best model to date.

🎯 Citrix Bleed 2 Exploited Weeks Before Disclosure

The critical Citrix NetScaler vulnerability (CVE-2025-5777, aka CitrixBleed 2) was being exploited weeks before public proof-of-concept releases—even though Citrix originally denied any attacks. If you manage Citrix appliances, patch immediately and run internal compromise checks.

🎯 Can AI Development Be Both Fast and Safe?

A new debate is brewing: an OpenAI researcher criticized a rival over safety shortcuts in AI development. As the arms race for smarter AI continues, companies are being urged to weigh speed vs. security. AI safety should be a design feature, not an afterthought.

🎯 Martech Mishaps Are Costing Brands Customers

A recent report shows that 24% of senior marketers lost customers due to marketing technology missteps. Nearly all CMOs dealt with a tech-related issue last year. Choosing secure, stable platforms—and having offline backups—makes all the difference.

🎯 Fake Coding Extensions Steal Crypto

Hackers uploaded trojanized Solidity development tools to a public repo, infecting devs and siphoning cryptocurrency. This underscores the dangers of downloading code without verification. For blockchain developers, booting into air-gapped setups can add serious protection.

🎯 Bitdefender + Scale Computing Team Up for Edge Security

This new partnership aims to beef up security for distributed systems, combining Bitdefender’s malware protection with Scale Computing’s edge infrastructure. That’s good news for IT teams managing remote operations—and a reminder that edge security should be treated with the same rigor as central systems.

🎯 China’s Massistant Tool Extracts Data from Seized Phones

Chinese law enforcement is using a tool called Massistant to extract SMS, GPS, and image data from phones via USB or Wi-Fi—on both Android and iOS. Privacy advocates are sounding the alarm. Traveling with sensitive data? Use encrypted bootable OSes and clean USB environments.

🎯 UNG0002 Hits South Asia with LNK and RAT-Based Campaigns

Threat group UNG0002 has launched malware campaigns targeting users in China, Hong Kong, and Pakistan, using malicious LNK files and RATs. Lateral movement and persistence are the goals here. This is another reason why offline, read-only systems can be essential for certain operations.

🎯 Ivanti ICS Zero-Days Used to Deploy Cobalt Strike

Attackers used Ivanti ICS zero-days between December 2024 and July 2025 to install the stealthy MDifyLoader and run in-memory Cobalt Strike beacons. If you're using Ivanti systems, patch now and assume compromise. Bootable rescue tools can help in immediate isolation efforts.

🎯 APT28 Uses LLM for Phishing Against Ukraine

Ukrainian CERT discovered that APT28 is deploying a new LAMEHUG malware via phishing, using Alibaba’s large language model for data harvesting. This marks a worrying fusion of AI and cyberespionage. Stay on top of email filtering and endpoint isolation protocols.

🎯 NVIDIA Container Toolkit Bug Affects 37% of Cloud Environments

A critical NVIDIA vulnerability (CVE-2025-23266) enables privilege escalation in many AI-focused cloud platforms. With over a third of cloud services possibly impacted, this flaw is a wake-up call. Secure your dev environments and scan for privilege anomalies.

🎯 Google Sues 25 Groups Over BADBOX 2.0 Android Botnet

Google is taking legal steps against 25 Chinese-linked groups responsible for developing the BADBOX 2.0 botnet, which infected over 10 million Android devices. The malware powered ad fraud and spyware. If you use Android, watch for rogue apps—and consider USB boot checks to scan compromised phones.

🎯 Backup Isn’t Enough—Enter Cyber Resilience

With ransomware tactics evolving fast, experts now stress that traditional backup isn't enough. Cyber resilience—which includes secure endpoints, mitigation strategies, and rapid recovery—is the new gold standard. Don’t just store data—prepare to recover it quickly.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.

```
, , ,

RELATED ARTICLES
Android Fakes and SSH Credential Theft: Top Cybersecurity Threats on August 24, 2025
Cybersecurity Warnings, Outlook Glitches, and Botnet Threats: Top Tech News for August 23, 2025
Cyber Threats, AI Security & Major Breaches: Top Tech News for August 22, 2025
Cybersecurity Breaches, AI Breakthroughs, and Major Tech Shifts – August 21, 2025 Tech Roundup
Urgent Tech & Cybersecurity News for August 20, 2025: AI Threats, Zero-Days, Microsoft Outages & More
Cybersecurity, AI, and Data Breaches: Tech News You Need for August 19, 2025
Cybersecurity Chaos: Top Breaches, Malware Leaks, and AI Threats – August 18, 2025
AI Breakthroughs, Google Projects, and Major Cybercrime Busts: Tech News for August 17, 2025