The City of Saint Paul, Minnesota, has experienced a significant cyberattack that disrupted critical municipal services, prompting the activation of the Minnesota National Guard to provide cyber protection support.

The FBI has seized approximately 20.29 Bitcoins (valued at over $2.4 million) from a cryptocurrency address linked to a member of the new Chaos ransomware operation. This operation is believed to be a rebrand of the BlackSuit ransomware group.

A critical unauthenticated RCE vulnerability in Cisco ISE has been actively exploited in the wild. The issue was later split into two CVEs: CVE-2025-20281 (command injection) and CVE-2025-20337 (unsafe deserialization).

Between June 26 and July 9, 2025, the official configuration tool for the Endgame Gear OP1w 4k v2 wireless mouse—Endgame_Gear_OP1w_4k_v2_Configuration_Tool_v1_00.exe—was compromised with malware and distributed via Endgame Gear’s official website.

A critical vulnerability in Google's Gemini CLI was discovered just two days later by researchers. The flaw allowed attackers to stealthily execute malicious commands and exfiltrate sensitive data from developers' systems using allowlisted programs.

A critical zero-day vulnerability in the Lovense sex toy app exposes users' private email addresses by leveraging publicly available usernames. The flaw enables attackers to automate email harvesting, posing significant privacy and security risks.

A critical vulnerability in the Post SMTP plugin for WordPress (CVE-2025-24000) exposes over 200,000 websites to potential account hijacking. The plugin has over 400,000 active installations, making the impact of this vulnerability significant.

Suspected to be developed using large language models (LLMs) or automation frameworks, Koske is a sophisticated threat designed to deploy CPU and GPU-optimized cryptominers for 18 different cryptocurrencies.

The BlackSuit ransomware operation, responsible for breaching hundreds of organizations globally, has had its dark web leak sites seized by law enforcement. This action was part of a coordinated international takedown effort, Operation Checkmate.

Aether Forge Studios' early access game "Chemia" on Steam has been compromised by the threat actor EncryptHub (aka Larva-208) to distribute info-stealing malware. Despite the breach, the game remains available on Steam.