News – July 2025

July 24, 2025

In a groundbreaking development, a team of Carnegie Mellon University researchers has demonstrated that large language models (LLMs) are capable of autonomously planning and executing complex network attacks, shedding light on emerging capabilities of foundation models and their implications for cybersecurity research. The project, led by Ph.D. candidate Brian SingerOpens in new window, a Ph.D. candidate ...

July 24, 2025

An enormous database, containing millions of highly sensitive information on Swedish citizens, was sitting on the open internet, available for anyone who knew where to look. Cybernews researchers recently uncovered a misconfigured Elasticsearch server which they described as a “goldmine of business intelligence data”, containing hundreds of millions of highly detailed records belonging to Swedish individuals ...

July 24, 2025

Cybercriminals are using AI to launch faster, more targeted attacks—impersonating executives, bypassing filters with QR phishing or AI-driven deception techniques, and exploiting human error to cause financial and reputational damage. Traditional defenses can’t keep up. This report explores how AI-powered email security can proactively defend against today’s most pressing threats—like business email compromise (BEC), QR phishing ...

July 24, 2025

Mitel has released security advisories to address vulnerabilities in Mitel MiVoice MX-ONE and MiCollab, which are cloud-based platforms that help manage business communications. The critical vulnerability, which has no CVE identifier at the time of publishing this Cyber Alert, affects Mitel MiVoice MX-One and is an authentication bypass vulnerability with a CVSSv3 score of 9.4. Successful ...

July 23, 2025

Expanded analysis and threat intelligence from Microsoft continued monitoring of exploitation activity by Storm-2603 leading to the deployment of Warlock ransomware. Based on new information, we have updated the Attribution, Indicators of compromise, extended and clarified Mitigation and protection guidance (including raising Step 6: Restart IIS for emphasis), Detections, and Hunting sections. Read more… Source: Microsoft Sign up for ...

July 23, 2025

The Federal Bureau of Investigation (FBI) is providing an update to previously shared guidance regarding Democratic People’s Republic of Korea (North Korea) Information Technology (IT) workers to raise public awareness of the threat posed to U.S. businesses. North Korea is evading U.S. and U.N. sanctions by targeting private companies to illicitly generate substantial revenue for the ...

July 23, 2025

A long-running investigation led by the French Police and Paris Prosecutor, in close cooperation with their Ukrainian counterpart and Europol, has led to the arrest of the suspected administrator of xss.is, one of the world’s most influential Russian-speaking cybercrime platforms. The forum, which had more than 50 000 registered users, served as a key marketplace for ...

July 23, 2025

The Secretariat of the Commission for Combating Online Scams (CCOS) presented the results of an operation to suppress online scam activities across the Kingdom of Cambodia yesterday. After CCOS’s initial meeting on June 27 and Prime Minister Hun Manet’s strict directive on July 15, the Unified Administrative Command in all 25 capital and provincial administrations took ...

July 23, 2025

Security researchers say hackers have breached at least 400 organizations by exploiting a zero-day vulnerability in Microsoft SharePoint, signaling a sharp rise in the number of detected compromises since the bug was discovered last week. Eye Security, a Dutch cybersecurity firm that first identified the vulnerability in SharePoint, a popular server software that companies use to ...

July 22, 2025

Q2 2025 features many of the threat actors Rapid7 observed in Q1, with the top four leak site post groups quite a ways out in front of the rest. Qilin leads the pack by some distance, with SafePay and Akira in second place, and Play in third position. Lynx and INC Ransom lead the charge in ...