Monthly Archives: July 2025

Deepfakes. Fake Recruiters. Cloned CFOs — Learn How to Stop AI-Driven Attacks in Real Time

Social engineering attacks have entered a new era—and they’re coming fast, smart, and deeply personalized....

16
Jul
Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act

Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a...

16
Jul
Hyper-Volumetric DDoS Attacks Reach Record 7.3 Tbps, Targeting Key Global Sectors

Cloudflare on Tuesday said it mitigated 7.3 million distributed denial-of-service (DDoS) attacks in the second...

15
Jul
Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools

Cybersecurity researchers have shed light on a new ransomware-as-a-service (RaaS) operation called GLOBAL GROUP that...

15
Jul
Comment Now: Reducing the Cybersecurity Risks of Portable Storage Media in OT Environments
July 15, 2025

The NIST National Cybersecurity Center of Excellence has developed the draft two-pager NIST Special Publication...

State-Backed HazyBeacon Malware Uses AWS Lambda to Steal Data from SE Asian Governments

Governmental organizations in Southeast Asia are the target of a new campaign that aims to...

15
Jul
Securing Agentic AI: How to Protect the Invisible Identity Access

AI agents promise to automate everything from financial reconciliations to incident response. Yet every time...

15
Jul
AsyncRAT’s Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe

Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT,...

15
Jul
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing...

15
Jul
The Unusual Suspect: Git Repos

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed...

14
Jul
New PHP-Based Interlock RAT Variant Uses FileFix Delivery Mechanism to Target Multiple Industries

Threat actors behind the Interlock ransomware group have unleashed a new PHP variant of its...

14
Jul
⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More

In cybersecurity, precision matters—and there’s little room for error. A small mistake, missed setting, or...

14
Jul
Getting your organisation ready for Windows 11 upgrade before Autumn 2025
July 14, 2025

Why you should act now to ensure you meet the new hardware standards, and prioritise...

CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center

India’s Central Bureau of Investigation (CBI) has announced that it has taken steps to dismantle...

14
Jul
eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks

Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology...

14
Jul
GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs

NVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against...

12
Jul
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub

Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be...

12
Jul
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)

Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an...

11
Jul
PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution

Cybersecurity researchers have discovered a set of four security flaws in OpenSynergy’s BlueSDK Bluetooth stack...

11
Jul
Securing Data in the AI Era

The 2025 Data Risk Report: Enterprises face potentially serious data loss risks from AI-fueled tools....

11
Jul
Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild

A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active...

11
Jul
Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals

An Iranian-backed ransomware-as-a-service (RaaS) named Pay2Key has resurfaced in the wake of the Israel-Iran-U.S. conflict...

11
Jul
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw...

11
Jul
Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

Cybersecurity researchers have discovered a critical vulnerability in the open-source mcp-remote project that could result...

10
Jul
Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord

Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup...

10
Jul
Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods

The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested...

10
Jul
What Security Leaders Need to Know About AI Governance for SaaS

Generative AI is not arriving with a bang, it’s slowly creeping into the software that...

10
Jul
New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App

Cybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called ZuRu, which...

10
Jul
AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs

Semiconductor company AMD is warning of a new set of vulnerabilities affecting a broad range...

10
Jul
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

A high-severity security flaw has been disclosed in ServiceNow’s platform that, if successfully exploited, could...

10
Jul