The Heat Wasn’t Just Outside: Cyber Attacks Spiked in Summer 2025

Summer 2025 wasn’t just hot; it was relentless. Ransomware hammered hospitals, retail giants suffered data breaches, insurance firms were hit by phishing, and nation-state actors launched disruptive campaigns. From stealthy PowerShell loaders to zero-day SharePoint exploits, attackers kept defenders on their heels. This report breaks down the season’s most high-impact incidents and what security teams […]

Cisco discloses data breach impacting Cisco.com user accounts

Cisco has disclosed that cybercriminals stole the basic profile information of users registered on Cisco.com following a voice phishing (vishing) attack that targeted a company representative. After becoming aware of the incident on July 24th, the networking equipment giant discovered that the attacker tricked an employee and gained access to a third-party cloud-based Customer Relationship […]

SonicWall urges admins to disable SSLVPN amid rising attacks

SonicWall has warned customers to disable SSLVPN services due to ransomware gangs potentially exploiting an unknown security vulnerability in SonicWall Gen 7 firewalls to breach networks over the past few weeks. The warning comes after Arctic Wolf Labs reported on Friday that it had observed multiple Akira ransomware attacks, likely using a SonicWall zero-day vulnerability, since July 15th. “The […]

Android gets patches for Qualcomm flaws exploited in attacks

Google has released security patches for six vulnerabilities in Android’s August 2025 security update, including two Qualcomm flaws exploited in targeted attacks. The two security bugs, tracked as CVE-2025-21479 and CVE-2025-27038, were reported through the Google Android Security team in late January 2025. The first is a Graphics framework incorrect authorization weakness that can lead […]

Microsoft: Outdated Office apps lose access to voice features in January

Microsoft announced that the transcription, dictation, and read aloud features will stop working in older versions of Office 365 applications in late January 2026. Read aloud lets users hear documents and emails read back, transcription converts speech into text in real-time, and the dictation feature allows for voice-to-text input across Office applications. The company advised […]

CTM360 spots Malicious ‘ClickTok’ Campaign Targeting TikTok Shop users

CTM360 has discovered a new global malware campaign dubbed “ClickTok” that spreads the SparkKitty spyware through fake TikTok shops to steal cryptocurrency wallets and drain funds. The unique spyware trojan discovered by CTM360 is specifically engineered to exploit TikTok Shop users across the globe. Dubbed as “ClickTok”, this highly coordinated scam operation employs a hybrid […]

New Plague Linux malware stealthily maintains SSH access

A newly discovered Linux malware, which has evaded detection for over a year, allows attackers to gain persistent SSH access and bypass authentication on compromised systems. Nextron Systems security researchers, who identified the malware and dubbed it “Plague,” describe it as a malicious Pluggable Authentication Module (PAM) that uses layered obfuscation techniques and environment tampering to […]

Ransomware gangs join attacks targeting Microsoft SharePoint servers

Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide. Security researchers at Palo Alto Networks’ Unit 42 have discovered a 4L4MD4R ransomware variant, based on open-source Mauri870 code, while analyzing incidents involving this […]

Mozilla warns of phishing attacks targeting add-on developers

Mozilla has warned browser extension developers of an active phishing campaign targeting accounts on its official AMO (addons.mozilla.org) repository. Mozilla’s add-on platform hosts over 60,000 browser extensions and more than 500,000 themes used by tens of millions of users worldwide. According to Mozilla’s advisory, these phishing emails are impersonating the AMO team and claim that […]