In partnership with
🚨 Top Stories
1. China-Linked Threat Actors Escalate Attacks on Critical Infrastructure
A joint advisory from CISA, NSA, FBI, and allies in 13 countries reveals that Chinese-state-affiliated threat actors (Salt Typhoon and related groups) have intensified campaigns targeting telecom, lodging, transportation, and utilities worldwide. Attackers are exploiting network edge devices and maintaining persistence.
🔗 Full Advisory PDF (IC3/CSA)
🔗 Coverage at Cybersecurity Dive
💡 Key Takeaway: Prioritize threat hunting on routers, firewalls, and gateways; tighten segmentation; monitor for persistence tactics.
2. Ransomware Surge Hits Healthcare
Healthcare has seen a 63–70% increase in ransomware attacks in Q2 2025, with legacy VPNs and misconfigured remote access the most common initial access vectors.
🔗 BlackFog Report
🔗 Sophos State of Ransomware 2025
💡 Key Takeaway: Patch external-facing services fast and enforce MFA for vendors/third parties.
3. Zscaler Data Breach via Salesloft Drift Compromise
Zscaler confirmed it was compromised after attackers breached Salesloft’s AI-powered chat tool, Drift. Stolen OAuth and refresh tokens were abused to access sensitive customer data, including licensing info, job titles, phone numbers, and support case content.
🔗 TechRadar Coverage
💡 Key Takeaway: Audit third-party SaaS and AI-driven integrations. Revoke unused API tokens and monitor for abnormal token activity.
🛠️ Vulnerability Spotlight
Sitecore CMS Zero-Day (CVE-2025-53690, CVSS 9.0)
Critical deserialization flaw actively exploited via default ASP.NET machine keys in pre-2017 Sitecore setups. Attackers deployed tools like WeepSteel, Earthworm, and Dwagent.
🔗 The Hacker News
💡 Key Takeaway: Patch Sitecore immediately; rotate deprecated machine keys and confirm no remnants of default configuration remain.Git Submodule Vulnerability (CVE-2025-48384)
A critical Git flaw allows attacker-supplied code execution via malicious carriage return characters in submodules. Actively exploited in the wild and recently added to CISA’s KEV catalog, with agencies mandated to patch by Sept 15, 2025.
🔗 TechRadar Report
💡 Key Takeaway: Update Git to v2.43.7+ immediately. Disable recursive submodule cloning from untrusted repos and restrictcore.hooksPathusage.
📊 Trend to Watch
A recent analysis highlights how generative AI is rapidly increasing the sophistication of social engineering attacks. Cybercriminals are now using tools that can replicate voice, tone, language patterns, and believable narratives within minutes—far outpacing human attackers in both speed and realism. This shift means previously detectable cues—awkward language, unnatural phrasing—are largely gone.
🔗 TechRadar on AI-enhanced social engineering attacks
💡 Key Takeaway: Train staff to challenge urgent requests—even familiar voices or emails—and build in verification protocols that don’t rely solely on content, but on verified channels and identity.
🧰 Tool / Resource of the Week
CISA’s Known Exploited Vulnerabilities Catalog
Updated weekly and prioritized by federal mandate, KEV remains one of the most useful patch planning resources.
🔗 CISA KEV Catalog
⚡ Quick Hits
Netskope plans $6.5B IPO — Cloud-native security firm Netskope is prepping for a Nasdaq debut, signaling strong demand in the SASE space.
🔗 Reuters6,700+ private repos exposed in Nx supply chain attack — Stolen credentials led to thousands of private repositories being made public.
🔗 SecurityWeekFederal funding for MS-ISAC at risk — Intel sharing for 19,000+ local government entities could lapse if DHS budget support expires.
🔗 AxiosTenable confirms data breach — Security vendor reports compromise of customer contact information.
🔗 GBHackersAutomakers move to standardize vehicle cybersecurity — Stellantis joins GlobalPlatform consortium to improve car system security.
🔗 Repairer Driven News
🛡️ Actionable Defense Move of the Week
Run a deepfake drill.
Simulate a fraudulent “CEO voice call” scenario with finance and HR teams. Quick tabletop exercises build awareness and resilience against this growing scam.
📬 Final Word
Cyber defense is no longer just about patching — it’s about anticipating how attackers are bending new tools like AI to exploit human and organizational gaps. Stay ahead by training people as well as hardening systems.
Looking for unbiased, fact-based news? Join 1440 today.
Join over 4 million Americans who start their day with 1440 – your daily digest for unbiased, fact-centric news. From politics to sports, we cover it all by analyzing over 100 sources. Our concise, 5-minute read lands in your inbox each morning at no cost. Experience news without the noise; let 1440 help you make up your own mind. Sign up now and invite your friends and family to be part of the informed.