A malicious VSCode-compatible extension named Solidity Language distributed via the Cursor AI IDE's Open VSX registry led to the theft of $500,000 in cryptocurrency. The extension impersonated a legitimate Ethereum smart contract syntax highlighter.

A Russian state-linked threat actor, Storm-1516, has launched a sophisticated disinformation campaign across Europe by impersonating legitimate journalists and publishing fabricated stories on spoofed news websites.

Dordt University has notified 34,251 individuals of a data breach stemming from a ransomware attack by the BianLian group. The breach occurred between April 21 and May 16, 2024, but notifications were only issued in July 2025—14 months later.

Indian law enforcement, in collaboration with international agencies, has dismantled a fraudulent tech support call center operation targeting victims in the UK, US, and Australia through fraudulent tech support schemes.

A supply-chain attack has compromised the popular WordPress plugin Gravity Forms, affecting manual and composer installations of versions 2.9.11.1 and 2.9.12 downloaded between July 10 and 11, 2025.

A critical pre-authentication remote code execution (RCE) vulnerability, tracked as CVE-2025-25257, has been disclosed in Fortinet FortiWeb. The flaw allows unauthenticated attackers to execute arbitrary code on vulnerable servers.

A new stealthy PHP malware campaign has been discovered targeting WordPress websites. The malware leverages the `zip://` PHP wrapper to include obfuscated malicious code from a ZIP archive embedded in the WordPress core file `wp-settings.php`.

A critical security issue has been identified in Laravel applications due to leaked APP_KEYs on GitHub, enabling attackers to exploit deserialization vulnerabilities and achieve remote code execution. Over 600 applications are confirmed vulnerable.

By embedding hidden instructions in emails, attackers can manipulate Gemini to generate misleading summaries that direct users to phishing sites—without using traditional indicators like attachments or links.

A critical vulnerability in Kigen's eUICC cards used in eSIM technology exposes billions of IoT devices to potential compromise. As of December 2020, Kigen has enabled over two billion SIMs in IoT devices.