US Nuclear Agency Hacked in Microsoft SharePoint Frenzy https://www.darkreading.com/cyberattacks-data-breaches/us-nuclear-agency-hacked-microsoft-sharepoint

The zero-day that could've compromised every Cursor and Windsurf user https://www.bleepingcomputer.com/news/security/the-zero-day-that-couldve-compromised-every-cursor-and-windsurf-user/

Leading After Your Predecessor Fails https://hbr.org/2025/07/leading-after-your-predecessor-fails

Microsoft ends use of China-based engineers to patch DOD systems https://www.defenseone.com/business/2025/07/microsoft-ends-use-china-based-engineers-patch-dod-systems/406853/

Retailer Co-op: Attackers snatched all 6.5M member records https://go.theregister.com/feed/www.theregister.com/2025/07/16/coop_data_stolen/

Have You Built Up Your Conflict Intelligence? https://hbr.org/podcast/2025/07/have-you-built-up-your-conflict-intelligence

HPE warns of hardcoded passwords in Aruba access points https://www.bleepingcomputer.com/news/security/hpe-warns-of-hardcoded-passwords-in-aruba-access-points/

New GhostContainer Malware Hits High-Value MS Exchange Servers in Asia https://hackread.com/new-ghostcontainer-malware-ms-exchange-servers-asia/

File transfer company CrushFTP warns of zero-day exploit seen in the wild https://therecord.media/file-transfer-crushftp-zero-day

Dell scoffs at breach, says miscreants stole ‘fake data' • The Register https://www.theregister.com/2025/07/21/dell_scoffs_at_breach/

Catastrophic cyber event could cause widespread disruptions to global infrastructure, study suggests https://www.cybersecuritydive.com/news/catastrophic-cyber-event-could-cause-widespread-disruptions-to-global-infra/753078/

New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers https://hackread.com/telemessage-sgnl-flaw-actively-exploited-by-attackers/

Cisco warns of another critical RCE flaw in ISE, urges immediate patching https://www.csoonline.com/article/4024887/cisco-warns-of-another-critical-rce-flaw-in-ise-urges-immediate-patching.html

GitHub abused to distribute payloads on behalf of malware-as-a-service https://arstechnica.com/security/2025/07/malware-as-a-service-caught-using-github-to-distribute-its-payloads/

Google Gemini vulnerability enables hidden phishing attacks https://www.csoonline.com/article/4023032/google-gemini-vulnerability-enables-hidden-phishing-attacks.html

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched https://www.securityweek.com/vmware-flaws-that-earned-hackers-340000-at-pwn2own-patched/

VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin https://www.bleepingcomputer.com/news/security/vmware-fixes-four-esxi-zero-day-bugs-exploited-at-pwn2own-berlin/

Attackers Hide JavaScript in SVG Images to Lure Users to Malicious Sites https://hackread.com/attackers-hide-javascript-svg-images-malicious-sites/

How phishers are weaponizing SVG images in zero-click, evasive campaigns https://www.csoonline.com/article/4022432/how-phishers-are-weaponizing-svg-images-in-zero-click-evasive-campaigns.html

United Natural Foods loses up to $400M in sales after cyberattack https://cyberscoop.com/united-natural-foods-cyberattack-400-million/

At Least 750 US Hospitals Faced Disruptions During Last Year’s CrowdStrike Outage, Study Finds https://www.wired.com/story/at-least-750-us-hospitals-faced-disruptions-during-last-years-crowdstrike-outage-study-finds/