July 2025
Scammers are tricking travelers into booking trips that don’t exist
Not long ago, travelers worried about bad weather. Now, they’re worried the rental they booked doesn’t even exist. With AI-generated photos and fake reviews, scammers are …
Microsoft introduces protection against email bombing
By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is …
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)
If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, …
Cloudflare blocks AI crawlers by default, letting sites choose what gets scraped
Cloudflare is now the first major internet infrastructure company to block AI crawlers by default when they try to access website content without permission or payment. …
Google patches actively exploited Chrome (CVE‑2025‑6554)
Google has released a security update for Chrome to address a zero‑day vulnerability (CVE-2025-6554) that its Threat Analysis Group (TAG) discovered and reported last week. …
Scam centers are spreading, and so is the human cost
Human trafficking tied to online scam centers is spreading across the globe, according to a new crime trend update from INTERPOL. Human trafficking victims by country of …
Tracer AI combats fraud, counterfeits and narrative attacks in ChatGPT
Tracer AI launched Tracer Protect for ChatGPT, a solution that protects brands from the reputational harm being propagated at machine scale via AI chatbots by bad actors. The …
Federal Reserve System CISO on aligning cyber risk management with transparency, trust
In this Help Net Security interview, Tammy Hornsby-Fink, CISO at Federal Reserve System, shares how the Fed approaches cyber risk with a scenario-based, intelligence-driven …
How cybercriminals are weaponizing AI and what CISOs should do about it
In a recent case tracked by Flashpoint, a finance worker at a global firm joined a video call that seemed normal. By the end of it, $25 million was gone. Everyone on the call …
DigitalOcean boosts identity management offerings with custom roles
DigitalOcean announced expanded capabilities for its identity management offerings with custom roles, the newest Role-Based Access Control (RBAC) offering for its cloud …
GenAI is everywhere, but security policies haven’t caught up
Nearly three out of four European IT and cybersecurity professionals say staff are already using generative AI at work, up ten points in a year, but just under a third of …
How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
This article shares initial findings from internal Bitdefender Labs research into Living off the Land (LOTL) techniques. Our team at Bitdefender Labs, comprised of hundreds of …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM