Major Incidents or Breaches

  • Pandora, the Danish jewelry retailer, confirmed a data breach after customer information was stolen in connection with ongoing Salesforce data theft attacks. The company warned customers of potential phishing attempts using their stolen data.
  • Cisco disclosed a data breach affecting Cisco.com user accounts after a voice phishing (vishing) attack targeted a company representative. Stolen data includes names, email addresses, and phone numbers.
  • PBS suffered a data breach resulting in the exposure of corporate contact information for employees and affiliates, which was subsequently leaked on Discord servers.

Newly Discovered Vulnerabilities

  • Google released security updates for Android, addressing six vulnerabilities in its August 2025 update. Two patched Qualcomm vulnerabilities (including an Adreno GPU flaw) were confirmed as actively exploited in the wild.
  • Adobe issued emergency patches for two zero-day vulnerabilities in Adobe Experience Manager (AEM) Forms on JEE. Proof-of-concept exploit chains allowing unauthenticated remote code execution had been published.
  • CISA added three legacy D-Link router vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation.
  • A critical vulnerability (CVE-2025-54136, “MCPoison”) was disclosed in the Cursor AI-powered code editor, enabling persistent remote code execution via malicious MCP file swaps post-approval. This flaw poses a software supply chain risk.
  • SonicWall warned administrators to disable SSLVPN on Gen 7 firewalls amid a surge in ransomware attacks exploiting a suspected zero-day vulnerability. The company is actively investigating.
  • Public exploits for Microsoft SharePoint vulnerabilities (CVE-2025-53770, CVE-2025-53771) have been observed in the wild, with attackers reportedly stealing machine keys.

Notable Threat Actor Activity

  • A widespread phishing campaign is targeting Instagram users with fake notifications about failed login attempts, aiming to harvest credentials.
  • A global campaign leveraging 15,000 fake TikTok Shop domains is distributing malware and stealing cryptocurrency via AI-driven scams. Threat actors are using trojanized apps and credential theft tactics.
  • ClickFix social engineering attacks, which employ CAPTCHAs and sophisticated narratives to evade detection, have seen increased adoption over the past year, facilitating cross-platform malware infections.
  • Ransomware gangs are suspected of exploiting a SonicWall firewall zero-day in recent attacks.
  • The cybercrime underground continues to rely heavily on traditional attack methods, including phishing and social engineering, despite increasing professionalization and organisation.

Trends, Tools, or Tactics of Interest

  • Automated and AI-driven adversarial testing is gaining prominence, with vendors showcasing solutions at Black Hat USA 2025 and commentary on the transformation of penetration testing through AI.
  • Microsoft unveiled Project Ire, an autonomous AI agent capable of reverse engineering software to detect malware.
  • Attackers are increasingly using vishing (voice phishing) to compromise corporate accounts, as demonstrated in the Cisco breach.
  • HTTP request smuggling remains a relevant attack vector, with recent educational content highlighting its exploitation potential.
  • The distinction between misconfigurations and vulnerabilities in SaaS environments is being emphasised, as confusion between the two can result in overlooked security risks.
  • Security operations centers (SOCs) continue to struggle with alert fatigue, with industry discussion focused on strategies to reduce false positives and improve incident detection.
  • The rapid proliferation of AI-assisted development tools is raising concerns about software supply chain security and the challenge of securing code produced by non-traditional developers.

Regulatory or Policy Developments Affecting the Security Industry

  • Microsoft announced an increase in the prize pool for its Zero Day Quest hacking contest to $5 million, incentivizing research into high-impact vulnerabilities, particularly in cloud and AI security.