Vulnerability ManagementMicrosoft fixes 130 bugs, 12 critical, in July Patch Tuesday releaseShaun NicholsJuly 8, 2025Microsoft has posted one of its heaviest Patch Tuesday security patches in recent memory.
Vulnerability ManagementAI tool predicts 17% increase in CVE disclosures in 2025Laura FrenchJuly 8, 2025CVEForecast leverages historical CVE data to train predictive machine learning models.
Vulnerability ManagementCISA adds four older CVEs to known exploited vulnerabilities listSteve ZurierJuly 8, 2025Security pros advised to patch the bugs as CISA warns that they have been actively exploited.
MalwareNordDragonScan infostealer targets Windows with LOTL methodsLaura FrenchJuly 7, 2025The campaign distracts victims from its malicious nature using benign decoy documents.
Vulnerability ManagementTwo bugs for Linux Sudo utility patched, one rated criticalSteve ZurierJuly 7, 2025Teams told to patch both because each bug could let attackers fully take over an enterprise system.
IdentityAT&T rolls out protections to block SIM-swapping attacksShaun NicholsJuly 3, 2025"Wireless Account Lock" allows customers to prevent the registration of new devices.
Application securityCatWatchful stalkerware breach reveals 62K users, 26K victimsLaura FrenchJuly 3, 2025An SQL injection exploit exposed the users and owner of CatWatchful stalkerware.
Vulnerability ManagementCisco patches critical 10.0 bug in Unified CM systemsSteve ZurierJuly 3, 2025A successful exploit could let an attacker log-in as the root user.
RansomwareUS sanctions ‘bulletproof’ hosting provider Aeza for cybercrime opsShaun NicholsJuly 2, 2025Russia-based bulletproof hosting (BPH) service offers no-questions-asked access to servers.
AI/MLIncorrect links output by LLMs could lead to phishing, researchers sayLaura FrenchJuly 2, 2025AI models may fail to recognize social engineering content in training data and searches.
Infrastructure IS the foundation: Modernizing what serves and secures the American peopleCory SimpsonJuly 7, 2025
