Zero-day exploits continue to pose a significant cybersecurity threat, with the recent discovery of the ToolShell (CVE-2025-53770) zero-day targeting over 17,000 Microsoft SharePoint servers. Meanwhile, Russian state-backed group Secret Blizzard is conducting a cyberespionage campaign targeting diplomats and embassies in Moscow using AiTM tactics and custom malware ApolloShadow. Adding to the threat landscape, a novel ‘Man-in-the-Prompt’ attack is exploiting browser extensions to manipulate both public and internal LLMs, risking exposure of sensitive data. Read on for the latest developments in cybersecurity.
01
Over 17,000 Microsoft SharePoint servers were found exposed online, with 840 vulnerable to the ToolShell (CVE-2025-53770) zero-day exploit actively used by Chinese hackers to target 400+ organizations, including U.S. federal agencies.
02
A cyberespionage campaign by the Russian state actor Secret Blizzard is targeting diplomats and foreign embassies in Moscow using AiTM techniques to deploy custom malware ApolloShadow.
03
The Silver Fox gang has been spreading Trojans via phishing and messaging, disguising malware as tools like Google Translate or WPS, using fake Flash update prompts to trick users into downloads.
04
The DoubleTrouble banking trojan has been attacking European users via phishing sites and Discord, abusing Android Accessibility Services to bypass permissions and mimic legitimate apps.
05
Threat actors are using PDFs embedded with legitimate RMM tool links, delivered via social engineering emails and platforms like Zendesk, to target European organizations and enable remote control, privilege escalation, and ransomware deployment.
06
A new attack vector, Man-in-the-Prompt, has been targeting browser extensions, allowing malicious prompts to manipulate both commercial and internal LLMs, potentially compromising sensitive data.
07
Flashpoint’s 2025 Midyear Report revealed an 800% spike in infostealer activity, a 246% rise in vulnerability disclosures, and major surges in ransomware (+179%) and data breaches (+235%), with over 1.8 billion credentials stolen.
08
Honeywell patched critical vulnerabilities in its Experion PKS industrial automation system, which could enable remote code execution, DoS attacks, and manipulation of system communication.
09
Israeli cybersecurity startup Noma Security secured $100 million in a series B funding round led by Evolution Equity Partners, with participation from Ballistic Ventures and Glilot Capital.
10
SAFE, a cyber risk management platform, raised $70M in Series C funding led by Avataar Ventures. Other backers include Susquehanna Asia, NextEquity, Prosperity7, and existing investors.
