Incident: Fortinet FortiWeb Critical SQL Injection Vulnerability Date of Disclosure/Publication (ET): July 11, 2025 Summary: Critical SQL injection flaw in FortiWeb (CVE-2025-25257, CVSS 9.6) allows unauthenticated attackers to execute database commands and affects multiple versions. Source: thehackernews.com/2025/07/f…
Incident: PerfektBlue Bluetooth Vulnerabilities in Vehicles Date of Disclosure/Publication (ET): July 11, 2025 Summary: Four Bluetooth flaws in BlueSDK affect millions of vehicles and enable remote code execution on models from Mercedes-Benz, Volkswagen, and Skoda. Source: thehackernews.com/2025/07/p…
Incident: Wing FTP Server Critical Vulnerability Exploited Date of Disclosure/Publication (ET): July 11, 2025 Summary: Attackers exploit CVE-2025-47812 (CVSS 10.0) in Wing FTP Server for remote code execution via anonymous FTP; patched in version 7.4.4. Source: thehackernews.com/2025/07/c…
Incident: Iranian-Backed Pay2Key Ransomware Resurfaces Date of Disclosure/Publication (ET): July 11, 2025 Summary: Pay2Key.I2P ransomware, linked to Fox Kitten, resurfaces offering 80 percent profit share and targets Israel and United States entities. Source: thehackernews.com/2025/07/i…
Incident: Citrix NetScaler Vulnerability Added to CISA KEV Date of Disclosure/Publication (ET): July 10, 2025 Summary: CVE-2025-5777 (CVSS 9.3) in Citrix NetScaler enables authentication bypass; active exploits target enterprises, added to CISA known exploited vulnerabilities catalog. Source: thehackernews.com/2025/07/c…
Incident: mcp-remote Critical Vulnerability Date of Disclosure/Publication (ET): July 10, 2025 Summary: CVE-2025-6514 (CVSS 9.6) in mcp-remote allows OS command execution and impacts over 437,000 downloads, risking full system compromise. Source: thehackernews.com/2025/07/c…
Incident: UK Arrests in Scattered Spider Ransomware Group Date of Disclosure/Publication (ET): July 10, 2025 Summary: UK arrested four individuals aged 17 to 20 linked to Scattered Spider for data theft and extortion against multiple retailers. Source: krebsonsecurity.com/2025/07/u…