Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’re thrilled to share some exciting news that truly validates our mission to secure the world’s software: Veracode has been recognized as a leading vendor in both Static Analysis (SAST) and Software Composition Analysis (SCA) in the June 2025 VDC Research Vendor Impact Awards! What makes this recognition even more significant is that these awards are based on aggregated ratings from VDC Research’s global “Voice of the Engineer” survey.

Recognizing the need to better protect organizations that rely on operational technology (OT), Trustwave is advancing its OT security services portfolio. Trustwave now delivers end-to-end visibility and threat response across IT and OT environments, enabling better detection, investigation capabilities, and response to threats targeting critical infrastructure by being integrated Trustwave’s Co-Managed SOC and penetration testing services.

We’re excited to announce a major Seemplicity release packed with new AI-driven features that help you fix faster, prioritize better, and streamline remediation at scale. This release introduces breakthrough capabilities that reduce noise, provide clarity, and eliminate bottlenecks between identifying risks and resolving them.

On July 19, 2025, Microsoft disclosed CVE-2025-53770, a critical zero-day Remote Code Execution (RCE) vulnerability. Assigned a CVSS 3.1 base score of 9.8 (Critical), the vulnerability affects SharePoint Server 2016, 2019, and the Subscription Edition, along with unsupported 2010 and 2013 versions. Cloudflare’s WAF Managed Rules now includes 2 emergency releases that mitigate these vulnerabilities for WAF customers.

A serious new vulnerability (CVE-2025-53770, also known as “ToolShell”) is actively being exploited by cybercriminals to hack into on-premises Microsoft SharePoint Servers. The vulnerability, along with CVE-2025-53771 was discovered around July 18, 2025. Bitsight Research classifies CVE-2025-53770 as 10 out of 10 on our Dynamic Vulnerability Exploit (DVE) scale and CVE-2025-53771 as a 5.82 out of 10 indicating severe and moderate urgency respectively.

Acreed, a new malware-as-a-service (MaaS) platform, appears to have taken the top spot in the infostealer ecosystem. We suspect this is due to the takedown of Lumma Stealer (LummaC2) in May 2025. In just its first week, Acreed was observed uploading over 4,000 stolen credential logs to a dark web Russian Market.

Sharing photos is an important part of our lives to share our memories with friends, family, and colleagues. It allows you to stay connected, relive special moments, and strengthen relationships by letting others experience your life visually. However, when sharing photos online, especially on social media, you have to be careful, as photos can disclose information you don’t want others to know, such as your location, where you work, where your kids go to school, or your daily routines.

The cybersecurity industry has long been caught in the pendulum swing between platform consolidation and best-of-breed solutions. According to a recent Team8 CISO Village survey, it seems that pendulum may be swinging from recent years where consolidated platforms led the market back to best-of-breed. The survey reveals that 60% of CISOs now favor best-of-breed technologies over consolidated platforms.

The regulatory landscape is constantly evolving to address new technologies and risks. As a result, organizations must navigate an increasing number of frameworks to protect their systems and data. ‍ Manually managing complex compliance workflows, such as control effectiveness monitoring, can lead to inconsistent documentation, human error, and costly audit failures.

CrowdStrike Falcon Complete Next-Gen MDR has been ranked in the 2025 Frost Radar: Global Managed Detection and Response, securing the top placement among 19 vendors and leading in both Innovation and Growth. This recognition validates CrowdStrike’s leadership in delivering round-the-clock managed detection and response (MDR) protection through the combination of elite expertise and AI-accelerated investigation and response powered by the AI-native CrowdStrike Falcon platform.