July 2025 – Cyber Security News

Digital graphic of a cyber padlock with text highlighting SharePoint exploitation, ToolShell malware, and CVEs 2025-53770 and 2025-53771

ToolShell Exploitation of SharePoint Vulnerabilities: Threat Landscape, Detection, and Mitigation

A critical zero-day exploit chain named ToolShell is actively targeting on-premises SharePoint servers, enabling remote code execution and persistent access.…

World map showing international cyber operation locations, red shield with padlock symbolizing cybersecurity enforcement.

News

Global Cybercrime Crackdown: Operation Eastwood Disrupts NoName057(16) Pro-Russian Network

Jul 18, 2025 G.C.Moresi

Operation Eastwood dismantled NoName057(16), a pro-Russian DDoS network targeting Ukraine and its allies. Coordinated by Europol and Eurojust, the global…

News

Swiss Cyber AI Conference 2026 in Lugano

Jul 17, 2025 G.C.Moresi

Join us at Swiss Cyber AI 2026 in Lugano, where industry leaders will explore the intersection of artificial intelligence and…

Phishing page mimicking Microsoft Excel interface with a fake "Download ALL" button designed to steal credentials

News

New Phishing Technique Exploits “DOWNLOAD All” Excel Interface to Harvest Credentials

Jul 16, 2025 G.C.Moresi

A new phishing technique mimics an Excel file interface with a "Download ALL" button. Users are tricked into entering credentials,…

News

North Korea Expands Software Supply Chain Attacks with 67 Malicious npm Packages

Jul 15, 2025 G.C.Moresi

North Korea’s Lazarus Group escalates its Contagious Interview campaign with XORIndex malware in npm packages, targeting developers and crypto holders…

News

Fortinet Patches Critical SQL Injection Vulnerability in FortiWeb (CVE-2025-25257)

Jul 14, 2025 G.C.Moresi

Fortinet has released a critical security patch for FortiWeb addressing CVE-2025-25257, a high-severity SQL injection vulnerability that allows unauthenticated attackers…

Visual alert showing Google Chrome zero-day vulnerability CVE-2025-6554 with warning messages about active exploitation, V8 engine flaw, and CISA patch deadline.

News

Critical Chrome Zero-Day CVE-2025-6554 Actively Exploited: CISA Issues Urgent Patch Mandate

Jul 4, 2025 G.C.Moresi

Critical Chrome zero-day CVE-2025-6554 actively exploited via V8 engine flaw—impacts all Chromium-based browsers. CISA mandates urgent patching by July 23,…

ToolShell Exploitation of SharePoint Vulnerabilities: Threat Landscape, Detection, and Mitigation

Global Cybercrime Crackdown: Operation Eastwood Disrupts NoName057(16) Pro-Russian Network

Swiss Cyber AI Conference 2026 in Lugano

New Phishing Technique Exploits “DOWNLOAD All” Excel Interface to Harvest Credentials

North Korea Expands Software Supply Chain Attacks with 67 Malicious npm Packages

Fortinet Patches Critical SQL Injection Vulnerability in FortiWeb (CVE-2025-25257)

Critical Chrome Zero-Day CVE-2025-6554 Actively Exploited: CISA Issues Urgent Patch Mandate

You missed

The Hidden Danger of SVG Files with Embedded JavaScript: Zero-Click Execution

Exploit of SVG Files: A Rising Cyber Threat Vector

Bouygues Telecom Confirms Massive Cyberattack Impacting 6.4 Million Customers

The Salesforce Data Breach Tsunami: Pandora, Chanel, and the Rise of OAuth Phishing

Month: July 2025

You missed