Saturday, July 12, 2025

Security Threat Summary - July 12, 2025

         

Security Threat Summary - July 12, 2025

Top 5 Critical Security Alerts

  • Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild — A maximum-severity security flaw in Wing FTP Server is under active exploitation, allowing for remote code execution. Read more
  • Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257) — A critical SQL injection vulnerability in FortiWeb could allow unauthenticated attackers to run arbitrary database commands. Read more
  • CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises — CISA has added a critical security flaw in Citrix NetScaler ADC and Gateway to its KEV catalog, confirming active exploitation. Read more
  • 350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE — Multiple vehicles and devices are vulnerable to remote code execution via the PerfektBlue exploit chain. Read more
  • PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution — Flaws in OpenSynergy's BlueSDK Bluetooth stack could allow remote code execution on millions of vehicles. Read more

Threat Intelligence

  • Pay2Key Ransomware Gang Resurfaces With Incentives to Attack US, Israel — The Iranian-linked Pay2Key ransomware operation is offering increased profit shares for attacks on Western targets. Read more
  • Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals — Pay2Key, linked to Fox Kitten, is offering larger payouts for attacks against Israel and the U.S. Read more
  • Russian basketball player arrested in ransomware case despite being "useless with computers" — A Russian basketball player has been arrested for allegedly acting as a negotiator for a ransomware gang. Read more

Security Breaches & Incidents

  • Paddy Power and BetFair have suffered a data breach — An unauthorized third party gained access to betting account information of up to 800,000 customers. Read more

Security Tools & Best Practices

  • As Cyber-Insurance Premiums Drop, Coverage Is Key to Resilience — Cyber-insurance premiums are declining, but coverage remains crucial for managing risks. Read more
  • Factoring Cybersecurity Into Finance's Digital Strategy — Financial institutions must prioritize cybersecurity to succeed in their digital transformation efforts. Read more

Emerging Security Technologies

  • Securing Data in the AI Era — Enterprises face data loss risks from AI-fueled tools, necessitating a unified, AI-driven approach to data security. Read more

Share: