NEWS

(Credit: Bilal Ulker – stock.adobe.com)

WordPress plugin Gravity Forms targeted in supply chain attack

Laura FrenchJuly 14, 2025

Certain versions of the legitimate plugin contained malware for a brief time period.

Cyber Security This horizontal 4K image depicts a field of electricity pylons and communication towers under a cloudy evening sky. Overlayed on the image are digital icons of shields with padlocks, representing the concept of cyber security for the power grid. The overall mood is one of vigilance and protection of critical infrastructure.

Critical Infrastructure Security

Hacktivists increasingly target critical infrastructure organizations

Steve ZurierJuly 14, 2025

The line between cybercrime and hacktivism has blurred, as attacks target energy firms, manufacturers, and telecoms.

Fake Visual Studio Code extension for Cursor led to $500K theft

Laura FrenchJuly 11, 2025

The spoofed “Solidity” extension was installed from the Open VSX registry in Cursor.

Citrix sign on its office building in Fort Lauderdale, Florida, USA, an American cloud computing and virtualization technology company.

Vulnerability Management

Federal agencies have 24 hours to patch ‘Citrix Bleed 2’ bug

Steve ZurierJuly 11, 2025

CISA has likely seen exploitation across federal agencies and the private sector.

(Credit: Louise Kellow/Wirestock Creators – stock.adobe.com)

McDonald’s ‘McHire’ chatbot records accessed via ‘123456’ password

Laura FrenchJuly 10, 2025

Paradox.ai, which built the McDonald’s “Olivia” chatbot, took responsibility for the issue.

Yellow robotic arms performing automated tasks on a production line, showcasing advanced manufacturing technology in industry 4.0

Critical Infrastructure Security

A majority of enterprises say CISOs now responsible for OT security

Steve ZurierJuly 10, 2025

Eight in 10 respondents plan to put OT security under CISOs in the next 12 months.

China Bans Cyber Attacks: Examining Internet Security with Chinese Flag and Binary Data Through a Magnifying Glass Concept

Network Security

China-based hacker to face charges in US after arrest in Italy

Shaun NicholsJuly 10, 2025

Man believed to be a member of group that stole research and intellectual property from the U.S.

Critical mcp-remote flaw could enable RCE when connecting AI clients

Laura FrenchJuly 9, 2025

A malicious MCP server could have executed arbitrary commands on the victim’s machine.

ServiceNow issues CVE for high-severity ACL bug

Steve ZurierJuly 9, 2025

Varonis says attackers could easily expose ServiceNow data tables by combining enumeration techniques with common query filters.

patch presented in the form of binary code

Vulnerability Management

Microsoft fixes 130 bugs, 12 critical, in July Patch Tuesday release

Shaun NicholsJuly 8, 2025

Microsoft has posted one of its heaviest Patch Tuesday security patches in recent memory.

Upcoming Webcasts

Perspectives