A new spear-phishing campaign is distributing the Noodlophile infostealer by impersonating law firms and sending fake copyright or intellectual property infringement notices. The malware steals sensitive data from infected systems and browsers.

Cybercriminals are actively selling access to active and still-in-use police and government email accounts on the dark web for as little as $40. These accounts originate from agencies in the U.S., U.K, Germany, India, and Brazil.

The Ruder Boškovic Institute (RBI), Croatia’s largest science and technology research institute, has confirmed a ransomware attack on July 31, 2025, exploiting Microsoft SharePoint "ToolShell" vulnerabilities.

Between late 2024 and early 2025, the percentage of customers affected by security incidents nearly tripled, rising from 6% to 17%. Over half of these incidents began at the initial access stage.

A recent assessment of 21 major U.S. energy companies has revealed a significant cybersecurity gap, with nearly 59,000 services exposed to the internet—many of which are vulnerable and potentially invisible to traditional security tools.

Cyware has announced a significant expansion of its Cyware Intelligence Suite, a modular and automated threat intelligence platform designed to streamline the deployment and operation of Cyber Threat Intelligence (CTI) programs.

SonicWall has released a critical security update addressing CVE-2025-40599, a high-severity vulnerability in its SMA 100 series appliances. The flaw allows remote attackers with administrative privileges to upload arbitrary files, leading to RCE.

Maritime ports, which handle approximately 80% of global trade, are increasingly becoming targets of sophisticated cyberattacks. The most commonly affected systems include access control systems and vessel traffic management systems.

A sophisticated phishing campaign is targeting users of the U.S. Department of Education’s G5 portal, a critical platform used by educational institutions and vendors to manage federal education grants and funding.

Attackers are leveraging CVE-2025-53770 to place a backdoor on vulnerable on-premises Microsoft SharePoint Servers and extract the systems’ security keys, allowing for a full takeover of the machines.