Microsoft July 2025 Patch Tuesday fixes one zero-day, 137 flaws
Today is Microsoft's July 2025 Patch Tuesday, which includes security updates for 137 flaws, including one publicly disclosed zero-day vulnerability in Microsoft SQL Server.
Oligo Security strives to fill application-layer gaps in MITRE ATT&CK framework | CyberScoop
Application Attack Matrix is a community effort designed to help defenders and organizations better understand and define how attackers use and exploit weaknesses in applications.
Iranian ransomware group offers bigger payouts for attacks on Israel, US
The Iran-linked ransomware-as-a-service group Pay2Key.I2P told affiliates that they can keep a larger cut of extortion payments if they attack entities within Iran's adversaries.
Il vend ses accès entreprise pour 2 300 euros : les hackers volent près de 90 millions
Le 4 juillet 2025, un informaticien de la société C&M Software est arrêté par la police de Sao Paulo. L'homme est suspecté d'avoir aidé des cybercriminels à infiltrer les systèmes de l'entreprise pour 15 000 réais, environ 2 300 euros. Le piratage de la société, qui assure l’interconnexion entre les banques et un
Malicious Chrome extensions with 1.7M installs found on Web Store
Almost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses.
New spyware strain steals data from Russian industrial companies
Moscow-based cybersecurity firm Kaspersky said the campaign has already affected over 100 victims across several dozen Russian organizations, but did not disclose the specific targets.
Malicious Chrome extensions with 1.7M installs found on Web Store
Almost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses.
Overcoming Technical Barriers in Desktop and Application Virtualization
Exposed RDP ports are an open door for attackers. TruGrid SecureRDP enforces Zero Trust and MFA, blocks lateral movement, and secures remote access—no open firewall ports required. Learn more and get a free trial.
No thanks: Google lets its Gemini AI access your apps, including messages
Google says it's Gemini AI will soon be able to access your messages, WhatsApp, and utilities on your phone. But we're struggling to see this as a good thing.
Policy-as-Code vs. IaC Security: The Difference | CSA
If you treat Policy-as-Code and Infrastructure-as-Code security as interchangeable, you’re setting yourself up for compliance gaps and security incidents.