This is a have a look at cybersecurity tales that moved the needle, raised the alarm, or provided important classes in July 2025
31 Jul 2025
With one other month behind us, it is time for ESET Chief Safety Evangelist Tony Anscombe to have a look at cybersecurity tales that made an affect and provided important classes in July 2025. This is Tony’s rundown of a few of what stood out most over the previous 30 or so days.
- assaults concentrating on on-premises Microsoft SharePoint servers by exploiting the ToolShell zero-day vulnerabilities – and the implications of those assaults for companies,
- Lumma Stealer, beforehand disrupted in a worldwide operation that additionally relied on ESET’s experience, has returned, as additionally confirmed by ESET analysis,
- KNP, a UK transport firm with a historical past of 158 years, has gone out of enterprise after cybercriminals compromised its laptop methods with ransomware in an assault that started by guessing an worker’s password,
- a vulnerability in McHire, McDonald’s chatbot job software platform, that uncovered the chats of greater than 64 million job purposes throughout the US, with the platform’s admin panel utilizing “123456” as each its username and password,
- so-called “PerfektBlue” crucial vulnerabilities in a broadly used Bluetooth stack that might have allowed distant code execution on tens of millions of vehicles,
- the UK authorities’s proposal to ban public sector our bodies and important infrastructure organizations from paying ransoms after ransomware assaults.
Do not forget to take a look at the June 2025 version of Tony’s month-to-month safety information roundup for extra insights.
