Author: Staff Writer

Jul 20, 2025Ravie LakshmananZero-Day / Vulnerability A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation campaign. The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49706 (CVSS score: 6.3), a spoofing bug in Microsoft SharePoint Server that was addressed by the tech giant as part of its July 2025 Patch Tuesday updates. “Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network,” Microsoft said in an advisory released on July 19, 2025. The Windows maker…

As the adoption of cloud-based software solutions continues to surge, the threat of SaaS cyber attacks becomes increasingly prevalent. With high-profile data breaches affecting companies like Nissan and Slack, it’s evident that cybercriminals are targeting the vast amounts of valuable information stored in these software-as-a-service applications. Gartner has recognized the growing concern around SaaS security and named SaaS Security Posture Management (SSPM) as one of the top four crucial technologies for cloud security. That was back in September 2021, and since then, the complexity of SaaS security has only continued to grow, with more enterprises turning to automated SSPM solutions…

Welcome to this week’s edition of the Weekly Cybertech Roundup, where we bring you the most significant developments and trends shaping the world of cyber technology. From groundbreaking innovations to critical security updates, our roundup highlights the key stories that are driving the industry forward. Whether you’re a tech enthusiast, a cybersecurity professional, or just curious about the latest advancements, we’ve got you covered with all the insights you need to stay informed. Let’s dive into this week’s highlights! Brand Covered: SentinelOne Headline: SentinelOne Amplifies AI Defense Strategy with Singularity Cloud Security, AI SIEM, and Purple AI Now Available SentinelOne, a global leader…

Bad actors love to deliver threats in files. Persistent and persuasive messages convince unsuspecting victims to accept and open files from unknown sources, executing the first step in a cyber attack.  This continues to happen whether the file is an EXE or a Microsoft Excel document. Far too often, end users have an illusion of security, masked by good faith efforts of other users and (ineffective) security controls. This creates a virality effect for ransomware, malware, spyware, and annoying grayware and adware to be spread easily from user to user and machine to machine. To stop users from saying “I…

Silobreaker, a leading security and threat intelligence technology company trusted by threat analysts, security leaders and risk teams, announced that the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) has published a new policy brief assessing the cybersecurity posture, challenges and best practices of maritime port infrastructure across NATO and partner countries. The research was supported by threat intelligence contributions from Silobreaker, whose data and analysis informed the report’s threat landscape assessment and policy recommendations. Cyber Technology Insights : dt360 and HorizonX Accomplice to Deliver Advanced AI, Quantum, and Cybersecurity Answers The brief, titled “Addressing State-Linked Threats to Critical Maritime Port Infrastructure,”…

Collaboration to launch Aeris IoT Watchtower into the Asia-Pacific region to help close security gap in cellular Internet of Things (IoT) networks Aeris Communications, Inc., a global leader in secure cellular IoT platforms and solutions, and Bridge Alliance, the leading alliance for premier mobile network operators in Asia-Pacific, Europe, the Middle East and Africa, announced they are teaming up to offer Aeris IoT Watchtower, an agentless and frictionless solution that delivers full visibility into the cyber risk of enterprise customers’ IoT devices plus the tools to prevent or limit damage from an attack. The agreement is an extension of an existing…

Top Highlights Zero-Day Vulnerability: CrushFTP’s CVE-2025-54309 allows attackers to gain administrative access via a web interface, first exploited on July 18, 2023. Patch Recommendations: Only versions after CrushFTP v10.8.5 and v11.3.4_23 are secure; users are urged to regularly update their software to avoid exploitation. Indicators of Compromise: Administrators should look for unexpected changes in user configuration files and unknown admin usernames, which signify possible breaches. Risk Mitigation: CrushFTP advises IP whitelisting, using a DMZ for isolation, and enabling automatic updates, while cautioning that a DMZ may not always be reliable for security. Problem Explained CrushFTP has issued a stark warning…

Netskope, a leader in modern security and networking, announced the availability of Netskope One Data Security Posture Management (DSPM) in the new AI Agents and Tools category of AWS Marketplace. Customers can now use AWS Marketplace to easily discover, buy, and deploy AI agents solutions, including Netskope One DSPM using their AWS accounts, accelerating agent and agentic workflow development. Built for AI-native and cloud environments, Netskope One DSPM helps enterprises automatically discover and classify data, provide access governance and monitor risky data use, all from a single, unified console. It plays a critical role in protecting sensitive data used in AI…

HiddenLayer, the leading provider of security solutions for artificial intelligence, is proud to announce the appointment of Chelsea Strong as Chief Revenue Officer (CRO). With over 25 years of experience driving enterprise sales and business development across the cybersecurity and technology landscape, Strong brings a proven track record of scaling revenue operations in high-growth environments. As CRO, Strong will lead HiddenLayer’s global sales strategy, customer success, and go-to-market execution as the company continues to meet surging demand for AI/ML security solutions across industries. Her appointment signals HiddenLayer’s continued commitment to building a world-class executive team with deep experience in navigating rapid expansion…

Cybersecurity veteran to lead and accelerate SonicWall’s network and cloud strategies for MSPs and MSSPs SonicWall announced the addition of Rajnish Mishra as Senior Vice President and Chief Development Officer, who brings deep cloud security expertise to help accelerate the company’s focus on delivering hybrid network solutions with cloud-native capabilities designed for managed service providers (MSPs) and managed security service providers (MSSPs). Mishra has more than two decades of experience leading network and cloud security developments teams, including significant roles at cybersecurity and networking companies Zscaler and Cisco. Most recently, he served as Senior Vice President of Engineering at Zscaler, where he…