• Help Net Security

July turned into a surprisingly busy month. It started slowly with a fairly ‘calm’ Patch Tuesday as I forecasted in my last blog. Although there were 130 new CVEs addressed across all the Microsoft re ... Read more

• europa.eu

Cyber Brief (July 2025)August 4, 2025 - Version: 1TLP:CLEARExecutive summaryWe analysed 287 open source reports for this Cyber Brief1.Relating to cyber policy and law enforcement, the EU, UK, and US h ... Read more

• seclists.org

Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 30 Jul 2025 12:51:16 -0700 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ... Read more

• MacRumors

Wednesday July 30, 2025 5:09 pm PDT by Juli CloverThe iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6 updates that Apple released yesterday address a major zero-day attack that targeted Chrome users, ac ... Read more

• BleepingComputer

Apple has released security updates to address a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users. Tracked as CVE-2025-6558, the security bug is du ... Read more

• The Hacker News

Jul 30, 2025Ravie LakshmananVulnerability / Zero-Day Apple on Tuesday released security updates for its entire software portfolio, including a fix for a vulnerability that Google said was exploited ... Read more

• CybersecurityNews

Google has issued an urgent security update for its Chrome browser, patching several vulnerabilities, including a high-severity vulnerability that could allow attackers to manipulate memory and execut ... Read more

• The Hacker News

Jul 24, 2025Ravie LakshmananVirtualization / Network Security Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espion ... Read more

• The Hacker News

Jul 24, 2025Ravie LakshmananNetwork Security / Vulnerability Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliance ... Read more

• The Hacker News

Jul 24, 2025Ravie LakshmananVulnerability / Ransomware Microsoft has revealed that one of the threat actors behind the active exploitation of SharePoint flaws is deploying Warlock ransomware on targ ... Read more

• CybersecurityNews

CISA has issued an urgent warning about a critical vulnerability in Google Chromium that threat actors are actively exploiting. The vulnerability, designated as CVE-2025-6558, poses a significant secu ... Read more

• The Hacker News

Jul 23, 2025Ravie LakshmananMalware / Cryptocurrency The threat actor behind the exploitation of vulnerable Craft Content Management System (CMS) instances has shifted its tactics to target Magento ... Read more

• The Hacker News

Jul 23, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting SysAid IT support software to its Kn ... Read more

• The Hacker News

Jul 23, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-497 ... Read more

• Daily CyberSecurity

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with four new entries that are currently under active exploitation. These ... Read more

• The Hacker News

Jul 22, 2025Ravie LakshmananVulnerability / Threat Intelligence Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking g ... Read more

• The Hacker News

Jul 22, 2025Ravie LakshmananNetwork Security / Vulnerability Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Iden ... Read more

• The Hacker News

The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The cybersecurity company said ... Read more

• The Hacker News

Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also released details of another vulnerability that it said has been addressed with "more robust ... Read more

• The Hacker News

Jul 21, 2025Ravie LakshmananNetwork Security / Vulnerability Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points tha ... Read more

• CybersecurityNews

It’s been a busy seven days for security alerts. Google is addressing another actively exploited zero-day in Chrome, and VMware has rolled out key patches for its own set of vulnerabilities. We’ll als ... Read more

• The Hacker News

The financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) has been attributed to a new campaign that's targeting Web3 developers to infect them with information stea ... Read more

• The Hacker News

Jul 20, 2025Ravie LakshmananZero-Day / Vulnerability A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an "active, large-scale" exploitation campaign. T ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Update Google Chrome to fix actively exploited zero-day (CVE-2025-6558) For the fifth time this year, ... Read more

• The Hacker News

Jul 20, 2025Ravie LakshmananVulnerability / Threat Intelligence A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifier CVE-2 ... Read more

• TheCyberThrone

Skip to content July 18, 2025SummaryCVE-2025-20337 is a critical remote code execution (RCE) vulnerability affecting Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE- ... Read more

• TheCyberThrone

Skip to content July 17, 2025Threat OverviewCVE-2025-6558 is a high-risk zero-day vulnerability (CVSS score: 8.8) impacting Google Chrome’s graphics rendering pipeline, specifically within the ANGLE ( ... Read more

• Help Net Security

For the fifth time this year, Google has patched a Chrome zero-day vulnerability (CVE-2025-6558) exploited by attackers in the wild. About CVE-2025-6558 CVE-2025-6558 is a high-severity vulnerability ... Read more

• security.nl

Google heeft een beveiligingsupdate uitgebracht voor Chrome. In totaal worden zes kwetsbaarheden verholpen. Google geeft aan dat voor één van de verholpen kwetsbaarheden (CVE-2025-6558) een exploit "i ... Read more

• BleepingComputer

Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser's sandbox protection. The vulnerability is i ... Read more

• The Hacker News

Jul 16, 2025Ravie LakshmananBrowser Security / Zero-Day Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wil ... Read more

• CybersecurityNews

Google has released an emergency security update for Chrome, addressing a critical zero-day vulnerability that attackers are actively exploiting in real-world attacks. The tech giant confirmed that CV ... Read more

• Daily CyberSecurity

Broadcom has issued an urgent advisory addressing four critical vulnerabilities affecting VMware ESXi, Workstation, Fusion, and Tools, with CVSS scores reaching as high as 9.3. These flaws, reported t ... Read more

• Daily CyberSecurity

Google has released a critical Stable Channel update for Chrome Desktop (version 138.0.7204.157/.158), addressing six security vulnerabilities, including one that is already being exploited in the wil ... Read more