Scammers Are Ready to Strike as Amazon Prime Day Begins Tomorrow

On July 7, 2025, Check Point researchers warned shoppers to stay alert as Amazon Prime Day kicks off on July 8. In June alone, over 1,000 fake Amazon-related domains were registered—87% flagged as dangerous. These scam sites mimic Amazon’s login and checkout pages to steal personal data and passwords. Some even lead to identity theft or unauthorized purchases. Check Point also spotted phishing emails claiming account issues or refunds to trick people into clicking fake links. One phishing email used the subject “Refund Due – Amazon System Error” and led users to a bogus Amazon login page. “Cyber threats around Prime Day are no accident,” said Omer Dembinsky, a threat expert at Check Point. “They’re calculated, large-scale campaigns designed to exploit consumer behavior.” Experts urge shoppers to avoid clicking on email links, use strong passwords, and go directly to the official Amazon website or app. If a deal seems too good to be true, it probably is.

Read: https://www.infosecurity-magazine.com/news/hundreds-malicious-domains/

New Malware Turns Security Devices Into Silent Weapons for Cyber Attacks

On July 8, 2025, Fortinet researchers warned that a new botnet called RondoDox is hijacking vulnerable TBK DVRs and Four-Faith routers to launch stealthy DDoS attacks. These devices, often found in retail shops and offices, are easy targets due to outdated firmware and weak security. The malware exploits known flaws—CVE-2024-3721 and CVE-2024-12856—to gain control of devices. Once infected, the system runs hidden scripts, disables network tools, and hides traces of the attack. “Both flaws are being actively targeted, posing serious risks,” said Vincent Li, a threat researcher at Fortinet. RondoDox is dangerous not just because it takes over devices—but because it uses them as proxies. It mimics popular apps like Minecraft, Discord, and OpenVPN to avoid detection. The malware also renames important system files and sets up persistence so it can survive reboots. Experts say this botnet is part of a growing wave of smarter Linux malware that blends in with normal activity while quietly carrying out cyberattacks.

Read: https://thehackernews.com/2025/07/rondodox-botnet-exploits-flaws-in-tbk.html

AI Bots Face a Toll as Cloudflare Makes Them Pay to Scrape Websites

On July 1, 2025, Cloudflare began testing a bold new tool in the U.S. that could change how AI companies collect online content. The company launched a private beta for its “pay-per-crawl” feature, letting a small group of content creators charge bots to access their websites. Matthew Prince, CEO of Cloudflare, explained, “This is about safeguarding the future of a free and vibrant Internet.” Participating publishers can now block bots or allow specific ones, setting their own prices for content access. AI companies that want high-quality data must sign up and pay. Cloudflare believes this system will give creators more control while keeping AI useful and up-to-date. If successful, the system could grow into a marketplace where AI bots shop for content based on quality and price. This move comes after Cloudflare’s earlier tool allowing users to block AI crawlers with one click. Now, all new users are set to block bots by default—marking a shift from opt-out to permission-first.

Read: https://arstechnica.com/tech-policy/2025/07/pay-up-or-stop-scraping-cloudflare-program-charges-bots-for-each-crawl/

North Korea’s Sneaky Mac Malware Tricks Crypto Users Through Fake Zoom Invites

On July 2, 2025, researchers from SentinelOne warned that North Korean hackers are targeting Web3 and crypto users through Telegram. They’re using a macOS-specific malware called NimDoor, disguised as a Zoom update script.

The attackers pose as trusted contacts and invite victims to meetings via Calendly. They then send fake Zoom links and ask users to run a malicious script. This script silently steals browser data, Telegram credentials, and Apple Keychain information.

Phil Stokes and Raffaele Sabato, the researchers behind the report, said the script is designed to look harmless but hides dangerous code at the end. It connects to a command-and-control server and installs more malware. “Any request to update or download software in order to facilitate such a meeting should be considered a red flag,” warned Stokes.

The malware uses smart tricks to stay hidden, including encrypted communications and a rare persistence method. Experts advise crypto and Web3 users to be extra careful with meeting invites and use trusted security tools.

Read: https://www.darkreading.com/cyberattacks-data-breaches/dprk-macos-nimdoor-malware-web3-crypto-platforms

Canada’s Free Speech Battle Heats Up as Government Revives Controversial Censorship Law

In Canada, Prime Minister Mark Carney’s government is taking a “fresh look” at the shelved Online Harms Bill, once known as Bill C-63. Although the bill was paused earlier this year, the Liberals now seem ready to bring it back, sparking concerns among free speech advocates. The Democracy Fund’s litigation director, Mark Joseph, warned, “There are laws in place… sweeping new regimes are unnecessary.” He believes the bill’s past versions pushed dangerous censorship, including forced content removal and internet restrictions. Justice Minister Sean Fraser insists the review is about safety and adapting to tech like AI. But civil liberties groups remain cautious. They fear government overreach may be masked by vague promises of protection. The original bill included harsh powers—such as electronic monitoring and internet bans—based not on actions, but on fears of what someone might do. Critics say this approach threatens lawful debate and privacy. While Ottawa claims it’s undecided, free speech defenders are staying alert.

Read: https://reclaimthenet.org/canada-online-harms-bill-free-speech-concerns