The cyber threat landscape continues to evolve, with attackers leveraging trusted platforms to distribute malware at scale. The RedDirection campaign exploited Google and Microsoft extension stores, infecting over 2.3 million users through 18 malicious extensions that hijacked browsers, tracked activity, and triggered harmful redirects. Meanwhile, the Anatsa Android banking trojan has resurfaced, targeting North American users via malicious apps on the Google Play Store. Sonatype’s Q2 2025 Malware Index reported a 188% YOY spike in malicious packages, logging 16,279 new threats—55% involving data exfiltration. Read further for more cybersecurity news.
01
The RedDirection malware campaign exploited Google and Microsoft’s extension stores, infecting over 2.3 million users via 18 extensions that hijacked browsers, tracked activity, and executed malicious redirects.
02
A new campaign involving the Anatsa Android banking trojan is targeting North American users via the Google Play Store.
03
Pakistan-based APT36 is targeting Indian defense personnel with Linux-based malware via phishing attacks, exploiting BOSS Linux systems used by government agencies.
04
Researchers discovered a novel Android attack called TapTrap, which exploits UI animations to bypass permissions and trick users into performing harmful actions, such as granting sensitive access or wiping devices.
05
Sonatype’s Q2 2025 Open Source Malware Index revealed a 188% YOY surge in malicious packages, logging 16,279 new threats, with data exfiltration accounting for 55%, crypto miners 5%, code injection 2%, and data corruption 3%.
06
Microsoft patched 137 flaws, including a zero-day in SQL Server (CVE-2025-49719), enabling remote memory access, and 14 critical bugs—10 RCEs, 1 info disclosure, 2 AMD side-channel issues, and a critical SharePoint RCE (CVE-2025-49704) exploitable by authenticated users.
07
Adobe has issued patches for 58 vulnerabilities across 13 products, including critical flaws in Connect, ColdFusion, and AEM Forms on JEE. The most severe (CVE-2025-49533) could allow arbitrary code execution via deserialization of untrusted data.
08
July’s ICS Patch Tuesday addresses multiple critical flaws in Siemens, Schneider Electric, Phoenix Contact, and Emerson products, posing serious risks like remote code execution, privilege escalation, and data exposure.
09
Leonardo S.p.A., an Italian aerospace and defense conglomerate, has acquired Swedish cybersecurity company Axiomatics AB to strengthen its Zero Trust cybersecurity portfolio.
10
Thrive, a cybersecurity, cloud, and IT managed services provider, announced the acquisition of a Managed Cybersecurity & Compliance Provider (MCCP), Abacode.
