Week in review: Microsoft fixes wormable RCE bug on Windows, check for CitrixBleed 2 exploitation

Week in review: Microsoft fixes wormable RCE bug on Windows, check for CitrixBleed 2 exploitation

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Microsoft fixes critical wormable Windows flaw (CVE-2025-47981)
For July 2025 Patch Tuesday, Microsoft has released patches for 130 vulnerabilities, among them one that’s publicly disclosed (CVE-2025-49719) and a wormable RCE bug on Windows and Windows Server (CVE-2025-47981).

Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)
With PoC exploits for CVE-2025-5777 (aka CitrixBleed 2) now public and reports of active exploitation of the flaw since mid-June, you should check whether your Citrix NetScaler ADC and/or Gateway instances have been probed and compromised by attackers.

Why your security team feels stuck
Cybersecurity friction usually gets framed as a user problem: password policies that frustrate employees, MFA that slows down logins, or blocked apps that send workers into the arms of shadow IT. But there’s a different kind of friction happening behind the scenes, and it’s hitting security teams themselves.

Train smarter, respond faster: Close the skill gaps in your SOC
“In today’s fast-paced digital landscape” – as AI chatbots are fond of phrasing it – a cyber attack targeting your organization is a statistical certainty. But is your security team ready to respond when it happens?

Exposure management is the answer to: “Am I working on the right things?”
In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain visibility into their attack surface to improve risk assessment and prioritization.

Four arrested in connection with M&S, Co-op ransomware attacks
Four individuals suspected of having been involved in the ransomware attacks that hit UK-based retailers earlier this year have been arrested by the UK National Crime Agency.

Where policy meets profit: Navigating the new frontier of defense tech startups
In this Help Net Security interview, Thijs Povel, Managing Partner at Ventures.eu, discusses how the firm evaluates emerging technologies through the lens of defense and resilience.

Ruckus network management solutions riddled with unpatched vulnerabilities
Claroty researcher Noam Moshe has discovered serious vulnerabilities in two Ruckus Networks (formerly Ruckus Wireless) products that may allow attackers to compromise the environments managed by the affected software, Carnegie Mellon University’s CERT Coordination Center (CERT/CC) has warned.

What EU’s PQC roadmap means on the ground
In this Help Net Security interview, David Warburton, Director at F5 Labs, discusses how the EU’s Post-Quantum Cryptography (PQC) roadmap aligns with global efforts and addresses both the technical and regulatory challenges of migrating to PQC.

July 2025 Patch Tuesday forecast: Take a break from the grind
There was a barrage of updates released the week of June 2025 Patch Tuesday. This included security updates from Adobe, Google, Microsoft, Mozilla, and others. But it has been ‘calm’ the past couple of weeks.

It’s time to give AI security its own playbook and the people to run it
In this Help Net Security interview, Dr. Nicole Nichols, Distinguished Engineer in Machine Learning Security at Palo Alto Networks, discusses why existing security models need to evolve to address the risks of AI agents.

Can your security stack handle AI that thinks for itself?
In this Help Net Security video, Art Poghosyan, CEO at Britive, explores the rise of agentic AI and its impact on identity security.

AI built it, but can you trust it?
In this Help Net Security interview, John Morello, CTO at Minimus, discusses the security risks in AI-driven development, where many dependencies are pulled in quickly.

Kanvas: Open-source incident response case management tool
Kanvas is an open-source incident response case management tool with a simple desktop interface, built in Python.

Review: Attack Surface Management
Attack Surface Management (ASM) has become one of those buzzwords that gets used a lot but rarely explained in detail. The authors of this book offer a practical guide that aims to change that.

CISOs urged to fix API risk before regulation forces their hand
Most organizations are exposing sensitive data through APIs without security controls in place, and they may not even realize it, according to Raidiam.

New technique detects tampering or forgery of a PDF document
Researchers from the University of Pretoria presented a new technique for detecting tampering in PDF documents by analyzing the file’s page objects

ParrotOS 6.4 lands with key tool updates and kernel upgrade
ParrotOS, known for its emphasis on security, privacy, and development, is widely used by cybersecurity professionals and enthusiasts alike.

Cloud security maintains its position as top spending priority
While most enterprises have integrated cloud resources into their operations, many need to improve their ability to secure these environments and the data they contain, according to Thales.

Cyberattacks are changing the game for major sports events
Sports fans and cybercriminals both look forward to major sporting events, but for very different reasons. Fake ticket sites, stolen login details, and DDoS attacks are common ways criminals try to make money or disrupt an event.

Open source has a malware problem, and it’s getting worse
Sonatype has published its Q2 2025 Open Source Malware Index, identifying 16,279 malicious open source packages across major ecosystems such as npm and PyPI.

Fake online stores look real, rank high, and trap unsuspecting buyers
Shopping on a fake online store can lead to more than a bad purchase. It could mean losing money, having your identity stolen, or even getting malware on your device.

6 eye-opening books on AI’s rise, risks, and realities
This collection of AI books offers diverse perspectives, including practical implementations, strategic defense models, and future trends.

Cybersecurity jobs available right now: July 8, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

New infosec products of the week: July 11, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Barracuda Networks, Cynomi, Lepide, Tosibox, and Zenni Optical.



Source link