Black Arrow Cyber Threat Intelligence Briefing 18 July 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
In our briefing this week, and continuing our opening theme from last week, we share research insights that just 10% of employees account for nearly three quarters of all risky behaviour in the workplace, and the need to have cyber security policies that reflect the realities of the workplace and create a security culture. We also report on a new social engineering tactic that encourages employees to run malicious code for the attacker. Other employee risks continue to evolve, including the insider risk of recruiting North Korean IT workers who access sensitive data and extort the employer.
We highlight actions that organisations should focus on now: these include upgrading to Windows 11; managing the risks in their supply chain; and for those organisations in scope, progressing their compliance for DORA. We also highlight the evolving risk of AI cloaking tools, and the surge in ransomware. The consequences of attacks are emphasised by the breach of 6.5m customer records at the UK retailer Co-Op, and a record spike in crypto thefts by North Koreans. Finally, we include news of Russian state and citizen attackers focusing on the UK and Ukraine-aligned countries.
Top Cyber Stories of the Last Week
Most Cyber Security Risk Comes from Just 10% of Employees
A new study by Living Security and the Cyentia Institute has found that just 10% of employees account for nearly three quarters of all risky behaviour in the workplace, challenging assumptions about who poses the greatest cyber risk. Surprisingly, remote and part-time staff are generally less risky than their in-office, full-time colleagues. The report argues for focused action plans and controls for those employees who present the greatest risk.
https://www.helpnetsecurity.com/2025/07/16/human-cybersecurity-risk-employees/
Stop Settling for Check-the-Box Cyber Security Policies
Many organisations still rely on outdated or overly rigid cyber security policies that fail to reflect how work is actually done. This mismatch often drives employees to find workarounds, weakening overall defences. Complex password rules, poorly implemented multi-factor authentication, and generic training programmes are common pitfalls. A recent study found that 65% of office workers admit to bypassing policies, with 70% of IT leaders reporting unauthorised AI use. Effective cyber security requires policies that are practical, tailored to roles, and regularly updated based on real-world feedback, helping foster a security culture rather than just ticking compliance boxes.
https://www.helpnetsecurity.com/2025/07/15/stop-settling-for-check-the-box-cybersecurity-policies/
A New, Silent Social Engineering Attack Is Being Used by Hackers; Your Security Systems Might Not Notice Until It’s Too Late
Researchers have warned of a new social engineering tactic called FileFix, which exploits common user behaviour to silently trigger malicious commands. By encouraging users to paste a copied link into Windows File Explorer, attackers can run hidden code without raising security alerts. Although current tests involve harmless code, threat actors are already using the method in real-world scenarios, indicating likely progression to malware delivery. The technique does not rely on software flaws but manipulates user trust. Organisations are urged to enhance user awareness and review incident response plans to address this fast-evolving threat.
Firms Have a Fake North Korean IT Worker Problem – Here’s How to Stop It
A growing number of organisations are being targeted by fraudulent job applicants, many linked to North Korea, who use fake identities, deepfake videos, and AI-generated responses to secure remote IT roles. These individuals have successfully infiltrated major firms, sometimes gaining access to sensitive data and extorting employers. Some companies have reported hundreds of suspicious applications in just weeks. Key warning signs include impressive CVs with minimal LinkedIn presence, reluctance to attend in-person meetings, and inconsistencies in personal details. Without stronger collaboration between HR, legal, and cyber security teams, businesses remain vulnerable to these evolving and well-resourced threats.
https://www.theregister.com/2025/07/13/fake_it_worker_problem/
Orgs and Individuals Clinging to Windows 10 Face Heightened Risk, Says NCSC
The UK’s NCSC has warned that continued reliance on Windows 10 places organisations and individuals at increasing risk as the system nears end-of-life in October 2025. After this date, Microsoft will no longer provide security updates or support, making unpatched systems prime targets for cyber attacks. Despite being over a decade old, Windows 10 remains widely used, but the NCSC urges a move to Windows 11, which offers stronger built-in protections by default. Organisations delaying the upgrade risk undermining their cyber resilience and may fall short of basic security standards, such as those required under the UK’s Cyber Essentials certification.
Supplier Risk Is Breaking the Size Myth in Cyber
Organisations of all sizes face growing risk from cyber attacks targeting their suppliers, with over half of recent incidents linked to third parties. The number of globally disruptive cyber attacks has nearly doubled since 2020, and nearly half of affected businesses report revenue loss. Smaller firms are not shielded by size, and larger ones cannot rely on internal measures alone. Increasing use of artificial intelligence and global tensions are widening the threat landscape. Businesses are urged to map their supplier dependencies, assess third-party risks, and ensure continuity plans account for supplier failure.
Most European Financial Firms Still Lagging on DORA Compliance
Six months after DORA came into force, most European financial services firms still fall short of compliance, with 96% admitting their current data resilience measures are insufficient. Key challenges include oversight of third-party risks, increased pressure on IT teams, and rising costs from technology providers. One in five firms has yet to secure budget for implementation. Despite this, 94% now rank DORA as a higher organisational priority, with many integrating it into broader resilience plans. Regulators can impose significant fines for non-compliance, highlighting the urgency for firms to accelerate their cyber resilience efforts.
https://www.infosecurity-magazine.com/news/european-financial-dora-compliance/
AI Cloaking Tools Enable Harder-to-Detect Cyber Attacks
Threat actors are now using AI-powered cloaking tools to hide phishing and malware sites from detection, making cyber attacks harder to identify. Services like Hoax Tech and JS Click Cloaker offer cloaking-as-a-service, using machine learning and behavioural profiling to show scam content to real uses while misleading security scanners. These tools assess hundreds of data points in real time and can personalise content to increase success. Experts warn this marks a serious shift in the threat landscape, urging organisations to adopt behaviour-based detection, multi-layered defences and adaptive technologies to stay ahead of these evolving threats.
https://www.infosecurity-magazine.com/news/ai-cloaking-tools-enable-complex/
Ransomware Surges 63% in Q2
Ransomware attacks surged by 63% in the second quarter of 2025, reaching a record 276 publicly disclosed incidents according to BlackFog. Each month in the quarter broke previous records, with June alone seeing a 113% year-on-year increase. Healthcare was the most targeted sector, followed by government and services, while retail also saw its highest ever Q2 attack levels, particularly in the UK. The Qilin ransomware group led activity, responsible for 10% of incidents. Over 80% of ransomware attacks remain undisclosed, with BlackFog estimating more than 1,400 hidden cases this quarter. The report reinforces the urgent need for stronger data protection measures.
https://betanews.com/2025/07/16/ransomware-surges-63-percent-in-q2/
All 6.5m Co-Op Members Had Data Stolen in Recent Cyber Attack, Retailer Admits
The UK retailer Co-op has confirmed that all 6.5 million of its members had their personal data stolen during a cyber attack earlier this year. The breach, which led to the shutdown of parts of its IT systems in April, allowed attackers to access names, addresses and contact details. The organisation's CEO described the impact on members and staff as devastating. This incident highlights the ongoing risk to large member-based organisations and the need for strong cyber security controls to protect personal data and maintain trust in the face of growing threats.
North Korean Hackers Blamed for Record Spike in Crypto Thefts in 2025
A surge in cryptocurrency thefts has seen over $2 billion stolen in the first half of 2025 alone, already exceeding losses for the whole of last year. A major breach at crypto exchange Bybit, reportedly carried out by North Korean hackers, accounted for $1.4 billion of this amount. The stolen funds are believed to be supporting North Korea’s nuclear programme and helping evade international sanctions. Analysts warn this reflects a broader strategy by North Korea, which includes using remote IT workers to infiltrate Western firms, steal intellectual property, and extort payments under threat of data leaks.
Russia Shifts Cyber War Focus from US to UK Following Trump’s Election
UK intelligence agencies have warned of a marked increase in Russian state-backed cyber attacks targeting British infrastructure since the start of 2025. This shift appears to be a deliberate move away from US targets following Donald Trump’s election, as the Kremlin aims to avoid provoking the new administration. The UK is now seen as Russia’s primary adversary, with threats focusing on disruption and chaos, particularly against critical infrastructure such as energy and healthcare. Officials have noted a surge in hybrid operations combining technology, misinformation and proxies, with some attacks traced to highly capable hacker groups operating under Russian direction.
Europol Disrupts Major Network of Russian-Speaking Cyber Criminals Targeting Ukraine and Its Allies
Europol has led a major international operation disrupting the cyber criminal group NoName057(16), known for targeting Ukraine and NATO countries with denial-of-service attacks. Coordinated across 12 nations, the effort dismantled a network of over 100 servers and resulted in arrests, searches, and legal action against key individuals. The group, with over 4,000 supporters, used gamified tactics and cryptocurrency rewards to encourage participation. Authorities say the attacks were ideologically driven and aimed at countries supporting Ukraine. This highlights the growing threat of politically motivated cyber attacks and the scale of coordination required to counter them.
Governance, Risk and Compliance
Most cyber security risk comes from just 10% of employees - Help Net Security
Compliance is evolving — Is your resilience ready? | TechRadar
True cyber resilience comes from culture | BFI
Factoring Cyber Security Into Finance's Digital Strategy
Turning Cyber Risk Into Boardroom Metrics That Matter
How to Calculate Cyber Security ROI for CEOs and Boards | TechTarget
Stop settling for check-the-box cyber security policies - Help Net Security
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware surges 63 percent in Q2 - BetaNews
Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools
Nearly one-third of Irish firms paid a cyber ransom in last year
Wiper Malware: The Threat to Businesses | SC Media UK
French and UK Authorities Arrest Suspects in Ransomware Cases
Interlock ransomware adopts FileFix method to deliver malware
Interlock Ransomware Unleashes New RAT in Widespread Campaign - Infosecurity Magazine
Police disrupt “Diskstation” ransomware gang attacking NAS devices
Anatomy of a Scattered Spider attack: A growing ransomware threat evolves | CSO Online
Retail Ransomware Attacks Jump 58% Globally in Q2 2025 - Infosecurity Magazine
Ryuk ransomware operator extradited to US, faces five years in federal prison | CyberScoop
Microsoft Exposes Scattered Spider’s Latest Tactics - Infosecurity Magazine
Report: Global retail ransomware intrusions surge | SC Media
Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cyber Criminals
Ransomware Victims
Report: Global retail ransomware intrusions surge | SC Media
Four people bailed after arrests over cyber attacks on M&S, Harrods and Co-op - TheIndustry.fashion
Some Glasgow City Council online services still down | Glasgow Times
M&S resumes online recruitment following cyber attack - Retail Gazette
United Natural Foods Expects $400M revenue impact from June cyber attack
Phishing & Email Based Attacks
Microsoft Teams phishing spreads updated Matanbuchus malware loader | SC Media
13 Romanians Arrested for Phishing the UK’s Tax Service - SecurityWeek
Hackers Can Hide Malicious Code in Gemini's Email Summaries
Beware! Research shows Gmail's AI email summaries can be hacked - Android Authority
Preventing Zero-Click AI Threats: Insights from EchoLeak | Trend Micro (US)
Other Social Engineering
How deepfake AI job applicants are stealing remote work
Fake North Korean IT workers: How companies can stop them • The Register
How North Korea infiltrates its IT experts into Western companies
Fraud, Scams and Financial Crime
Over Half of “Finfluencer” Victims Have Lost Money, Says TSB - Infosecurity Magazine
Ex-intelligence officer jailed for stealing bitcoin from Silk Road 2.0 operator - iTnews
Indian Police Raid Tech Support Scam Call Center - Infosecurity Magazine
SIM scammer's sentence increased to 12 years, after failing to pay back victim $20 million
Artificial Intelligence
AI Cloaking Tools Enable Harder-to-Detect Cyber Attacks - Infosecurity Magazine
Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools
One in 12 US/UK Employees Uses Chinese GenAI Tools - Infosecurity Magazine
AI adoption is booming but secure scaling not so much - Help Net Security
Grok-4 Falls to a Jailbreak Two days After Its Release - SecurityWeek
Security Flaws With Bitchat Highlight a ‘Systemic Issue’ With Vibe Coding
90% of Large Organisations Unprepared for AI-Enabled Threats | Security Magazine
Cyber Security Bosses Fretting About AI Attacks and Misuse
Researcher tricks ChatGPT into revealing security keys - by saying "I give up" | TechRadar
For developers and IT pros, AI can be both secret weapon and ticking time bomb | ZDNET
GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs
Beware! Research shows Gmail's AI email summaries can be hacked - Android Authority
From Vibe Coding To Vibe Hacking — AI In A Hoodie
Curl creator mulls nixing bug bounty awards to stop AI slop • The Register
Malware
Microsoft Teams phishing spreads updated Matanbuchus malware loader | SC Media
Hackers hide dangerous Mac trojan in legit apps | Cybernews
WordPress Gravity Forms developer hacked to push backdoored plugins
Hackers Exploit DNS Queries for C2 Operations and Data Exfiltration, Bypassing Traditional Defences
Hackers exploit a blind spot by hiding malware inside DNS records - Ars Technica
Google sues 25 alleged BadBox 2.0 botnet operators • The Register
AsyncRAT Spawns a Labyrinth of Forks
North Korean XORIndex malware hidden in 67 malicious npm packages
Threat hunting case study: Lumma infostealer | Intel 471
Vulnerable firmware for Gigabyte motherboards could allow bootkit installation - Help Net Security
Bots/Botnets
Google sues 25 alleged BadBox 2.0 botnet operators • The Register
Mobile
Spyware on Androids Soars - Security Boulevard
Hackers Love These 7 Screenshots You Keep in Your Gallery
Android Malware Konfety evolves with ZIP manipulation and dynamic loading
Don’t Tap That Notification—This Is How Malware Sneaks Onto Smartphones
SIM scammer's sentence increased to 12 years, after failing to pay back victim $20 million
July 2025 Breaks a Decade of Monthly Android Patches - SecurityWeek
Altered Telegram App Steals Chinese Users' Android Data
Denial of Service/DoS/DDoS
DDoS peaks hit new highs: Cloudflare mitigated massive 7.3 Tbps assault
Averted DDoS attacks spike, report finds | SC Media
Europol disrupts pro-Russian NoName057(16) DDoS hacktivist group
Internet of Things – IoT
Your Mercedes or VW could get hacked via Bluetooth | PCWorld
350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE
Uncovering the Cyber Security Risk in Smart Meter Data Storage | SC Media UK
Neglecting printer security is leaving you wide open to cyber attacks | IT Pro
Printer Security Gaps: A Broad, Leafy Avenue to Compromise
Data Breaches/Leaks
'123456' password exposed chats for 64 million McDonald’s job applicants
US Data Breaches Head for Another Record Year After 11% Surge - Infosecurity Magazine
How top military chief’s role in Afghan data leak was hidden
The Afghan data breach has already cost millions. What happens next?
Louis Vuitton says UK customer data stolen in cyber-attack | Cybercrime | The Guardian
Paddy Power and BetFair have suffered a data breach • Graham Cluley
Waltz brushes off SignalGate questions, points finger at CISA | CyberScoop
Data Breach at Debt Settlement Firm Impacts 160,000 People - SecurityWeek
Why hackers love Europe’s hospitals – POLITICO
Over 5.4 Million Affected in Healthcare Data Breach at Episource - Infosecurity Magazine
Anne Arundel Dermatology Data Breach Impacts 1.9 Million People - SecurityWeek
Organised Crime & Criminal Actors
"Telegram has become the new dark web” - 14.07.2025 | BURSA.RO
Abacus dark web drug market goes offline in suspected exit scam
How Criminal Networks Exploit Insider Vulnerabilities
SIM scammer's sentence increased to 12 years, after failing to pay back victim $20 million
Ryuk ransomware operator extradited to US, faces five years in federal prison | CyberScoop
Cyber crime Victim Suicide: Bengaluru Man Dies After Rs 11 Lakh Digital Scam
Cambodia Makes 1,000 Arrests in Latest Crackdown on Cyber Crime - SecurityWeek
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
North Korean hackers blamed for record spike in crypto thefts in 2025 | TechCrunch
Over Half of “Finfluencer” Victims Have Lost Money, Says TSB - Infosecurity Magazine
Ex-intelligence officer jailed for stealing bitcoin from Silk Road 2.0 operator - iTnews
Millions in savers’ cash goes missing after crypto company collapses
Hacker steals $27 million in BigONE exchange crypto breach
MITRE Launches New Framework to Tackle Crypto Risks - Infosecurity Magazine
Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
Insider Risk and Insider Threats
Most cyber security risk comes from just 10% of employees - Help Net Security
One in 12 US/UK Employees Uses Chinese GenAI Tools - Infosecurity Magazine
How deepfake AI job applicants are stealing remote work
Fake North Korean IT workers: How companies can stop them • The Register
How North Korea infiltrates its IT experts into Western companies
Ex-intelligence officer jailed for stealing bitcoin from Silk Road 2.0 operator - iTnews
How Criminal Networks Exploit Insider Vulnerabilities
US Army soldier pleads guilty to extorting 10 tech, telecom firms
Ex-soldier Googled “can hacking be treason?” pleads guilty • The Register
Insurance
Cyber Insurance Premiums Drop, but Coverage Is Key
Supply Chain and Third Parties
Supplier risk is breaking the size myth in cyber | Insurance Business America
Cloud/SaaS
Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms
Why your Microsoft 365 setup might be more vulnerable than you think - Help Net Security
SaaS Security Adoption Grows Amid Rising Breach Rates - Infosecurity Magazine
Iran seeks three cloud providers to power its government • The Register
Outages
Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack
Encryption
How to Start Preparing for a Post-Quantum Future
How CISOs Can Prepare for the Quantum Cyber Security Threat
Safeguarding data in quantum era | Professional Security Magazine
What EU's PQC roadmap means on the ground - Help Net Security
Passwords, Credential Stuffing & Brute Force Attacks
'123456' password exposed chats for 64 million McDonald’s job applicants
From ‘P@ssw0rd’ to payday: Weak credentials threaten financial systems - Digital Journal
Ranked: The World's Most Common Passwords
98% of passwords can be cracked in seconds, analysis finds | Cybernews
Social Media
Quelle surprise! Twitter faces criminal probe in France • Graham Cluley
Training, Education and Awareness
Most cyber security risk comes from just 10% of employees - Help Net Security
Regulations, Fines and Legislation
Most European Financial Firms Still Lagging on DORA Compliance - Infosecurity Magazine
Cyber security of banks - News - Rádio RSI English - STVR
How financial IT becomes resilient: Implement DORA securely: By Krik Gunning
What EU's PQC roadmap means on the ground - Help Net Security
UK Online Safety Act 'not up to scratch' on misinformation • The Register
US aims to ban China technology in undersea telecoms cables | The Straits Times
Top US cyber agency CISA shrinks under Trump budget, staff cuts
Defense Department to Spend $1B on ‘Offensive Cyber Operations’
Operational risks amid cyber policy uncertainty
Models, Frameworks and Standards
Most European Financial Firms Still Lagging on DORA Compliance - Infosecurity Magazine
How financial IT becomes resilient: Implement DORA securely: By Krik Gunning
MITRE Launches New Framework to Tackle Crypto Risks - Infosecurity Magazine
Data Protection
Buy Now, Pay Later... with your data - Help Net Security
Careers, Working in Cyber and Information Security
Military Veterans May Be What Cyber Security Is Looking For
Why burnout is one of the biggest threats to your security | TechRadar
What Fortune 100s are getting wrong about cyber security hiring - Help Net Security
Cyber Training: Post Challenge, Where Are the Skills Learned? | SC Media UK
Law Enforcement Action and Take Downs
US Army soldier pleads guilty to extorting 10 tech, telecom firms
Europol disrupts pro-Russian NoName057(16) DDoS hacktivist group
Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools
13 Romanians Arrested for Phishing the UK’s Tax Service - SecurityWeek
French and UK Authorities Arrest Suspects in Ransomware Cases
Europol disrupts major network of Russian-speaking cyber criminals targeting Ukraine and its allies
Quelle surprise! Twitter faces criminal probe in France • Graham Cluley
SIM scammer's sentence increased to 12 years, after failing to pay back victim $20 million
Ryuk ransomware operator extradited to US, faces five years in federal prison | CyberScoop
Cambodia Makes 1,000 Arrests in Latest Crackdown on Cyber Crime - SecurityWeek
Indian Police Raid Tech Support Scam Call Center - Infosecurity Magazine
Four people bailed after arrests over cyber attacks on M&S, Harrods and Co-op - TheIndustry.fashion
FBI seized multiple piracy sites distributing pirated video games
Misinformation, Disinformation and Propaganda
UK Online Safety Act 'not up to scratch' on misinformation • The Register
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Russia shifts cyber war focus from US to UK following Trump's election | TechRadar
US aims to ban China technology in undersea telecoms cables | The Straits Times
Submarine Cable Security at Risk Amid Geopolitical Tensions & Limited Repair Capabilities
MPs Warn of “Significant” Iranian Cyber-Threat to UK - Infosecurity Magazine
Cyber attacks are evolving – so too must government response - New Statesman
What Is A Military Cyber Command And What Does It Do?
Defense Department to Spend $1B on ‘Offensive Cyber Operations’
Nation State Actors
Cyber attacks are evolving – so too must government response - New Statesman
Nearly one-third of Irish firms paid a cyber ransom in last year
China
One in 12 US/UK Employees Uses Chinese GenAI Tools - Infosecurity Magazine
China’s cyber sector amplifies Beijing’s hacking of US targets - The Washington Post
What It Takes to Stop the Next Salt Typhoon
US aims to ban China technology in undersea telecoms cables | The Straits Times
Submarine Cable Security at Risk Amid Geopolitical Tensions & Limited Repair Capabilities
Chinese Hackers Still Trying to Break Into Telecoms Across Globe
Altered Telegram App Steals Chinese Users' Android Data
US National Guard unit was 'extensively' hacked by Salt Typhoon in 2024, memo says | Reuters
Spain awarded €12.3 million in contracts to Huawei
Russia
Russia shifts cyber war focus from US to UK following Trump's election | TechRadar
Submarine Cable Security at Risk Amid Geopolitical Tensions & Limited Repair Capabilities
Europol disrupts pro-Russian NoName057(16) DDoS hacktivist group
Nato unit helping combat Putin's 'hybrid warfare' threat on British soil
Europol disrupts major network of Russian-speaking cyber criminals targeting Ukraine and its allies
Ukrainian hackers claim IT attack on Russian drone maker • The Register
Iran
MPs Warn of “Significant” Iranian Cyber-Threat to UK - Infosecurity Magazine
Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cyber Criminals
Iran seeks three cloud providers to power its government • The Register
North Korea
How deepfake AI job applicants are stealing remote work
Fake North Korean IT workers: How companies can stop them • The Register
How North Korea infiltrates its IT experts into Western companies
North Korean hackers blamed for record spike in crypto thefts in 2025 | TechCrunch
North Korean XORIndex malware hidden in 67 malicious npm packages
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Hacktivism Increasingly Targeting Critical Infrastructure | Security Magazine
Tools and Controls
Most cyber security risk comes from just 10% of employees - Help Net Security
AI adoption is booming but secure scaling not so much - Help Net Security
DNS should be your next security priority: Lessons from NIST
SaaS Security Adoption Grows Amid Rising Breach Rates - Infosecurity Magazine
Cyber-Insurance Premiums Drop, but Coverage Is Key
Neglecting printer security is leaving you wide open to cyber attacks | IT Pro
Printer Security Gaps: A Broad, Leafy Avenue to Compromise
Hackers hide dangerous Mac trojan in legit apps | Cybernews
Hackers Exploit DNS Queries for C2 Operations and Data Exfiltration, Bypassing Traditional Defences
Hackers exploit a blind spot by hiding malware inside DNS records - Ars Technica
Police disrupt “Diskstation” ransomware gang attacking NAS devices
Compliance is evolving — Is your resilience ready? | TechRadar
ISC2 Finds Orgs Are Increasingly Leaning on AI
Making security and development co-owners of DevSecOps - Help Net Security
Security Flaws With Bitchat Highlight a ‘Systemic Issue’ With Vibe Coding
For developers and IT pros, AI can be both secret weapon and ticking time bomb | ZDNET
Curl creator mulls nixing bug bounty awards to stop AI slop • The Register
Cyber security executives love AI, cyber security analysts distrust it | TechRadar
Things to think about when deploying AI tools in the cyber security space
UK launches vulnerability research program for external experts
NCSC Launches Vulnerability Research Institute to Boost UK Resilience - Infosecurity Magazine
Other News
Hackers swap biometric data to bypass Windows login | Cybernews
Hacktivism Increasingly Targeting Critical Infrastructure | Security Magazine
Securing vehicles as they become platforms for code and data - Help Net Security
NCA says 'crude' comparison to FBI efficiency 'not credible' • The Register
Cyber Security Isn’t Just For Experts Anymore: Why You Should Care
Banks urged to beef up cyber security amid more incidents of financial phishing | ABS-CBN News
70% of healthcare cyber attacks result in delayed patient care, report finds – DataBreaches.Net
Understanding replay attacks: A hidden threat in cyber security
Why hackers love Europe’s hospitals – POLITICO
Train Brakes Can Be Hacked Over Radio—And the Industry Knew for 20 Years - SecurityWeek
Vulnerability Management
Brits clinging to Windows 10 face heightened risk, says NCSC | Computer Weekly
NCSC Urges Enterprises to Upgrade to Microsoft Windows 11 to Avoid Cyb - Infosecurity Magazine
Microsoft extends updates for old Exchange and Skype servers • The Register
Don't Want to Upgrade to Windows 11? Microsoft Offers Free Windows 10 Security Updates - CNET
Another WannaCry-size cyber event likely, report warns :: Insurance Day
NCSC Launches Vulnerability Research Institute to Boost UK Resilience - Infosecurity Magazine
Vulnerabilities
Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now
CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA - SecurityWeek
Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild
Windows KB5064489 emergency update fixes Azure VM launch issues
Fully Patched SonicWall Gear Under Likely Zero-Day Attack
Critical SharePoint RCE Vulnerability Exploited Using Malicious XML Payload Within Web Part
Chrome fixes 6 security vulnerabilities. Get the update now! | Malwarebytes
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) - Help Net Security
Oracle Patches 200 Vulnerabilities With July 2025 CPU - SecurityWeek
Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code
VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched - SecurityWeek
Cisco Discloses '10' Flaw in ISE, ISE-PIC — Patch Now
July 2025 Breaks a Decade of Monthly Android Patches - SecurityWeek
Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
Vulnerable firmware for Gigabyte motherboards could allow bootkit installation - Help Net Security
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.