Wednesday , July 16 2025

International

Texas-based Tax Credit Consultancy agency exposed PII, ID Numbers, & SSNs

Consultancy agency

Cybersecurity researcher Jeremiah Fowler found an unsecured database with 245,949 records, reported to vpnMentor. It likely belonged to a tax credit consulting agency and contained personal information such as PII, driver’s licenses, military discharge forms, Social Security numbers, and other sensitive documents. The database was unprotected and held 245,949 records …

Read More »

CVE-2025-25257
Fortinet Addresses Major SQL Injection Flaw in FortiWeb

FortiWeb

Fortinet has issued a critical patch for a critical vulnerability in its FortiWeb product, a web application firewall commonly used in enterprises. Identified as CVE-2025-25257, this high-severity issue is an unauthenticated SQL injection flaw that lets remote attackers run unauthorized SQL commands through specially crafted HTTP or HTTPS requests. “An …

Read More »

Microsoft July 2025 Patch Tuesday: One zero-day, 137 flaws

July

Microsoft’s Patch Tuesday in July 2025 is critical, featuring updates for 137 vulnerabilities, including a zero-day in Microsoft SQL Server. The extensive nature of these updates brings relief to defenders and anxiety to users needing to secure their operations. This analysis emphasizes key points, the associated risks, and the implications …

Read More »

Android malware Anatsa infiltrates Google Play targeting banks worldwide

Anatsa

ThreatFabric researchers have discovered a new sophisticated campaign by the Anatsa banking trojan targeting mobile banking users in the U.S. and Canada. This is the malware’s third major attack on North American financial institutions. The latest campaign marks a serious increase in threats, as cybercriminals have breached the official Google …

Read More »

Change Your Password Now
Billions Of Gmail And Outlook Users At Risk

email

eSentire Threat Response Unit confirms that email accounts are heavily targeted. The report states that identity-driven threats rose 156% from 2023 to 2025, now making up 59% of threat cases in Q1 2025. This increase is fueled by Cybercrime-as-a-Service, particularly Phishing-as-a-Service, which attackers can access for as little as $200 …

Read More »

Paraguay 7.4 Million Citizen Records Leaked on Dark Web

Resecurity found 7.4 million records of Paraguayan citizens’ personal information leaked on the dark web today. Last week, cybercriminals attempted to sell this data for $7.4 million, or $1 per citizen. A ransomware group is extorting the country, marking a major cybersecurity event, with a deadline set for Friday, June …

Read More »

Adobe Releases Patch Fixing 254 Vulnerabilities With High-Severity Security Gaps

254 vulnerabilities

On Tuesday, Adobe released security updates for 254 vulnerabilities in its software, mainly affecting Experience Manager (AEM). There are 254 flaws, 225 of which are in AEM, affecting AEM Cloud Service and earlier versions up to 6.5.22. These have been addressed in AEM Cloud Service Release 2025.5 and version 6.5.23. …

Read More »