Abacus Market, the Western world’s highest-grossing dark web marketplace, went offline in early July 2025, following user reports of withdrawal issues that began in late June. Experts believe this marks a classic exit scam.

Researchers successfully jailbroke Elon Musk’s Grok-4 AI within 48 hours of its launch. By combining two advanced techniques—Echo Chamber and Crescendo—they bypassed the AI’s security filters and extracted instructions for creating dangerous items.

Researchers identified critical vulnerabilities in Grok 4, particularly when deployed without system-level security prompting. The model was found to be highly susceptible to prompt injection attacks and capable of generating harmful content.

A malicious VSCode-compatible extension named Solidity Language distributed via the Cursor AI IDE's Open VSX registry led to the theft of $500,000 in cryptocurrency. The extension impersonated a legitimate Ethereum smart contract syntax highlighter.

A Russian state-linked threat actor, Storm-1516, has launched a sophisticated disinformation campaign across Europe by impersonating legitimate journalists and publishing fabricated stories on spoofed news websites.

Dordt University has notified 34,251 individuals of a data breach stemming from a ransomware attack by the BianLian group. The breach occurred between April 21 and May 16, 2024, but notifications were only issued in July 2025—14 months later.

Indian law enforcement, in collaboration with international agencies, has dismantled a fraudulent tech support call center operation targeting victims in the UK, US, and Australia through fraudulent tech support schemes.

A supply-chain attack has compromised the popular WordPress plugin Gravity Forms, affecting manual and composer installations of versions 2.9.11.1 and 2.9.12 downloaded between July 10 and 11, 2025.

A critical pre-authentication remote code execution (RCE) vulnerability, tracked as CVE-2025-25257, has been disclosed in Fortinet FortiWeb. The flaw allows unauthenticated attackers to execute arbitrary code on vulnerable servers.

A new stealthy PHP malware campaign has been discovered targeting WordPress websites. The malware leverages the `zip://` PHP wrapper to include obfuscated malicious code from a ZIP archive embedded in the WordPress core file `wp-settings.php`.