This weekโs cybersecurity stories cover a wide range of incidents. We saw fresh software flaws with global impact, and dataโฆ
News
Novel attack vector: A phishing campaign is using malicious SVG files disguised as mailsv from the Ukraine Police to initiateโฆ
Accelerated GenAI adoption: 95% of retail organizations now use GenAI apps, a significant increase from 73% in the previous year.โฆ
Significant exposure: An unsecured cloud server exposed 273,000 PDF documents containing sensitive bank transfer details of Indian customers. Sensitive informationโฆ
Emergency directive: CISA has issued an Emergency Directive, mandating federal agencies to mitigate vulnerabilities in Cisco devices. Critical vulnerabilities: Ciscoโฆ
Global VPN Day of Action: Campaign by Fight for the Future raises awareness against worldwide VPN restrictions. Windscribeโs Role: Providerโฆ
Critical vulnerability: ForcedLeak, a critical severity (CVSS 9.4) vulnerability chain in Salesforce Agentforce, was discovered Attack method: The vulnerability enabledโฆ
Bill Scope: Proposal bans porn, depictions of transgender people, and use of circumvention tools like VPNs. Unprecedented Move: Unlike age-verificationโฆ
Preschool targeted: The Radiant Group ransomware gang has claimed responsibility for a cyberattack on Kido International Preschool & Daycare. Highlyโฆ
Massive recovery: Operation HAECHI VI, spanning across 40 countries, recovered $439 million in illicit funds and assets. Global cooperation: Theโฆ
Suspect arrested: The UK's NCA arrested a man in his forties in connection with the ransomware attack on Collins Aerospace.โฆ
New malware discovered: A new malware family named YiBackdoor was first observed in June 2025. Significant code overlap: The malwareโฆ
Pervasive vulnerabilities: 75% of organizations have Building Management Systems with known exploited vulnerabilities, including hospitals. Internet exposure: More than halfโฆ
Massive network uncovered: A network of over 300 SIM servers and 100,000 SIM cards in the New York tristate areaโฆ
Website Access: IPVanish adds support for postal, ticketing, and banking portals to prevent VPN-related blocks. User Frustration: Updates reduce falseโฆ
Stealthy persistence: Malware is being disguised as fake plugins to create hidden administrator accounts in WordPress. Layered attack: Attackers areโฆ
Audit Success: Proton VPN passed its fourth consecutive independent no-logs audit by Securitum. No Data Stored: Audit confirmed no userโฆ
Hardware vulnerabilities up: Bugcrowd's 2025 report reveals a significant 88% increase in hardware vulnerability exploits. Network flaws double: The analysisโฆ
Identity under siege: Attackers are increasingly targeting identity systems, with intrusions involving layered persistence methods. Phishing evolves: Over 70% ofโฆ
Suspect surrenders: A suspect, allegedly a member of the Scattered Spider cybercrime group, surrendered to the authorities. Serious charges: Theโฆ
Get expert insights on threats, breaches, scams, and security trends โ delivered every Saturday.
Most Popular
