Latest

Network Firewalls, Network Access Control

Static Credentials Flaw Patched in Cisco Systems

Prajeet Nair  •  July 3, 2025

Cisco released urgent security updates to fix a critical vulnerability in Unified Communications Manager that could allow unauthenticated attackers gain root access to affected systems. The maximum-severity vulnerability allows unauthenticated remote attackers to log in using static credentials.

Cybercrime

Columbia University Hack Exposes Higher Ed Cyber Gaps

Chris Riotta  •  July 3, 2025

A breach of Columbia University’s IT systems after repeated attacks by U.S. President Donald Trump is highlighting how universities are unprepared for today’s threat landscape. Schools often leave campuses without enough resources for strong cyber defenses.

Cybercrime

Breach Roundup: Phony Chinese Sites Mimic Retail Brands

Anviksha More  •  July 3, 2025

This week, Chinese sites mimicked brands, Spain arrested data leak hackers, Swiss health nonprofit ransomware attack, ICC probed a cyberattack, UNFI restored systems, a flaw in smart tractors, RomCom RAT. A U.K. man sentenced for locking employer out of network. A WordPress hack installs a Trojan.

Fraud Management & Cybercrime

Medical Device Maker Surmodics Recovering From Attack

Marianne Kolbasuk McGee  •  July 3, 2025

A Minnesota maker of catheters notified federal regulators it is recovering from a cyberattack discovered in early June that rendered a portion of its IT systems and data inaccessible. Threat actors gained unauthorized access to some IT systems making certain systems and data unavailable.

Fraud Management & Cybercrime

Ransomware Group Hunters International Announces Exit

Akshaya Asokan  •  July 3, 2025

Hunters International said Thursday it closed shop, provoking skepticism among cybercrime experts who said it's more likely the Russian-speaking hackers behind the ransomware group will start up again under a new brand name. "Ransomware groups often rebrand themselves."

Blockchain & Cryptocurrency

Cryptohack Roundup: Inside the $100M Nobitex Breach

Rashmi Ramesh  •  July 3, 2025

This week, a peek into Iran's largest crypto exchange blending privacy, scale and sanctions evasion, Europol and Spanish police dismantled a crypto fraud network, $9.5M Resupply hack, sentencing in a $40M ponzi scheme and a North Korean crypto theft and employment fraud ring.

Cybercrime

Phishing Scammers Push for Callbacks in Latest Innovation

Mathew J. Schwartz  •  July 3, 2025

The phishing industry is a never ending source of innovation. Cyber fraudsters are determined to sneak their way into your inbox. Recent attacks involve callback phishing, a social engineering tactic designed to break down victims' defenses by spurring them into calling the scammers themselves.

Data Governance

Sovereign by Design: Data Control in a Borderless World

Rahul Neel Mani  •  July 3, 2025

From Schrems II to TikTok fines, data sovereignty is redefining the rules of digital engagement. It is no longer an option for enterprises. CIOs must navigate a maze of data laws and tech strategies to stay compliant and competitive in a world without digital borders.

►

Application Security

When AI Codes in Hours - But Security Fixes Still Take Months

Michael Novinson  •  July 2, 2025

Generative AI can write applications in hours when it once took months, but traditional security approaches can't keep pace. Sohail Iqbal, CISO at Veracode, explains why 40% of AI-generated code contains vulnerabilities and why organizations must rethink their security strategies.

Cyberwarfare / Nation-State Attacks

Chinese Hackers Exploited Ivanti Flaw in France

Akshaya Asokan  •  July 2, 2025

A hacking campaign linked to Chinese threat actors chained zero-days in Ivanti server software to target French government, defense and media entities, the national cyber agency said. The hacker has similarities to a Chinese threat actor tracked as UNC5174.

Data Privacy

Court Approves 23andMe Sale to TTAM Research Institute

Marianne Kolbasuk McGee  •  July 2, 2025

A bankruptcy court gave the green light for TTAM Research Institute - a firm launched by 23andMe's co-founder and former CEO Anne Wojcicki - to buy 23andMe for $305 million. TTAM has promised to uphold the consumer genetics testing firm's current privacy policies and implement more data safeguards.

Cyberwarfare / Nation-State Attacks

Iran's 'Robert' Hack Targets Trump - and Tests US Cyber Gaps

Chris Riotta  •  July 2, 2025

An Iranian hacking group collectively using the pseudonym "Robert" claims to have 100 gigabytes of emails from President Donald Trump's inner circle as Tehran seemingly attempts to project strength in cyberspace in the wake of U.S.-led attacks on three of its key nuclear sites.