CISO Conversations: How IT and OT Security Worlds Are Converging darkreadingKelly Jackson Higgins
July 22, 2025

Dark Reading's Kelly Jackson Higgins interviews Carmine Valente, Deputy CISO at Con Edison, about his role at the New York-based electric utility and the state of IT and OT security. …


Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups The Hacker [email protected] (The Hacker News)
July 22, 2025

Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, …


Dell Breached by Extortion Group, Says Data Stolen Was ‘Fake’ darkreadingElizabeth Montalbano, Contributing Writer
July 22, 2025

The World Leaks group accessed and released data from the company's Customer Solution Center, which is separated from customer and partner systems and stores primarily "synthetic" datasets used for demos …


Critical Infrastructure Security Is a Critical Concern darkreadingAmit Hammer
July 22, 2025

To be truly resilient in the ever-growing threat landscape, organizations need to balance protection with preparation. To be truly resilient in the ever-growing threat landscape, organizations need to balance protection with …


Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access The Hacker [email protected] (The Hacker News)
July 22, 2025

Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) to acknowledge active exploitation. "In July …


Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate The Hacker [email protected] (The Hacker News)
July 22, 2025

Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign.  The activity has been attributed by …


Marine Transportation Final Cyber Rule Goes Into Effect darkreadingKristina Beek
July 22, 2025

The cybersecurity rule has several requirements that must be met and will follow an extended timeline over the next two years. The cybersecurity rule has several requirements that must be met …


CISA Adds Four Known Exploited Vulnerabilities to Catalog AlertsCISA
July 22, 2025

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-54309 CrushFTP Unprotected Alternate Channel Vulnerability CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input …


CISA Adds Two Known Exploited Vulnerabilities to Catalog AlertsCISA
July 22, 2025

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-49704 Microsoft SharePoint Code Injection Vulnerability CVE-2025-49706 Microsoft SharePoint Improper Authentication Vulnerability These types of …


CISA Releases Nine Industrial Control Systems Advisories AlertsCISA
July 22, 2025

CISA released nine Industrial Control Systems (ICS) advisories on July 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-203-01 DuraComm DP-10iN-100-MU ICSA-25-203-02 Lantronix Provisioning …