What Security Leaders Need to Know in 2025
The modern-day threat landscape requires enterprise security teams to think and act beyond traditional cybersecurity measures that are purely passive and reactive, and in most…
Month: July 2025
Alleged Ryuk Ransomware Member Faces $15M Extortion Charges
The United States Department of Justice has pushed charges against a suspected Ryuk ransomware operator extradited from Ukraine, last month, for carrying out a $15…
GhostContainer Malware Hacking Exchange Servers in the Wild Using N-day Vulnerability
A highly sophisticated malware campaign targeting Microsoft Exchange servers in government and high-tech organizations across Asia. The malware, dubbed GhostContainer, exploits known N-day vulnerabilities to…
Hackers Are Finding New Ways to Hide Malware in DNS Records
Hackers are stashing malware in a place that’s largely out of the reach of most defenses—inside domain name system (DNS) records that map domain names…
UK’s Co-op Retailer Hit by Cyberattack, 6.5 Million Members’ Data Exposed
The UK’s Co-op retailer has disclosed that all 6.5 million of its members had their personal data stolen during a devastating cyberattack in April 2024.…
Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine
An international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has been linked to a string…
Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity
Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity Pierluigi Paganini July 17, 2025 Cisco warns of CVE-2025-20337, a critical ISE…
Fail-Open Architecture for Secure Inline Protection on Azure
Every inline deployment introduces a tradeoff: enhanced inspection versus increased risk of downtime. Inline protection is important, especially for APIs, which are now the most…
Critical SharePoint RCE Vulnerability Exploited Using Malicious XML Payload Within Web Part
A newly disclosed remote code execution (RCE) vulnerability in Microsoft SharePoint has been identified, affecting the deserialization process of WebPart properties. The vulnerability enables attackers…
Hackers Use DNS Queries to Evade Defenses and Exfiltrate Data
Cybercriminals are increasingly exploiting the Domain Name System (DNS) to bypass corporate security measures and steal sensitive data, according to new research from cybersecurity experts.…
Chinese Salt Typhoon Infiltrated US National Guard Network for Months
A sophisticated Chinese APT group, Salt Typhoon, successfully infiltrated the US state’s Army National Guard network for nearly a year, from March 2024 to December…
Podcast: How (agentic) AI can help with unstructured data
In this podcast, we talk to Boris Bialek, vice-president and field chief technology officer (CTO) at MongoDB, about how artificial intelligence (AI) can help with…