Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsof
All Posts (2714)
Sort by
Building Real World Zero Trust
In cybersecurity’s early days, we built defenses like medieval castles big walls (firewalls), a drawbridge (VPNs), and guards at the gates (passwords). Once someone was inside, they could roam freely. But today’s world
CISOPlatform Breach Intelligence July 24, 2025 – SharePoint Zero-Day Exploits, SysAid Vulnerabilities, Aviation Phishing Campaign
Executive Summary
The cybersecurity threat landscape on July 23, 2025, revealed multiple critical security incidents acros
CISOPlatform Breach Intelligence July 23, 2025 – Critical SharePoint Zero-Day Exploitation, Dell Breach by World Leaks, Interlock Ransomware Advisory
Executive Summary
The cybersecurity threat landscape on July 22, 2025 revealed multiple critical secur
Lately, a lot of people have been asking me about what “triggers” threat modeling. The question confused me: you think about threats as part of any design decision! There are lots and lots of design decisions, ranging from tiny to enormous. For each,
Mass Cryptojacking Campaign Targeting 3,500+ Websites
Source: TheHackerNews
Professional visualization of the mass cryptojacking campaign infrastructure
Timeline:
• July 21, 2025: Security researchers discover widespread JavaScript-based cryptomining ca
• July 21, 2025: Security researchers discover widespread JavaScript-based cryptomining ca
Microsoft SharePoint Zero-Day Exploitation Campaign (CVE-2025-53770, CVE-2025-53771)
Source: TheHackerNews, Dark Reading, CSO Magazine, Krebs on Security
Timeline:
• July 18, 2025 (6:00 PM CET): Active exploitation begins
• July 20, 2025: CISA adds C
• July 18, 2025 (6:00 PM CET): Active exploitation begins
• July 20, 2025: CISA adds C
Benchmarking CISO Leadership Performance : A Strategic Guide for New CISOs
In today’s rapidly evolving cybersecurity landscape, Chief Information Security Officers (CISOs) are no longer confined to the role of mere technical guardians of digital asse
The UK government has proposed banning public sector entities — including national healthcare, education institutions, libraries, and other government bodies — from making ransomware payments. This move addresses a core motivator for cybercriminals:
CISOPlatform Breach Intelligence July 21, 2025 – Microsoft SharePoint Zero-Day, CrushFTP Critical Flaw, State Farm Credential Stuffing
Executive Summary
The cybersecurity threat landscape on July 20, 2025 revealed three significant security incidents a
The gambling firms Paddy Power and BetFair have suffered a data breach, after “an unauthorised third party” gained access to “limited betting account information” relating to up to 800,000 of their customers.
What was exposed? Usernames, email addres
In an era where AI tools are transforming software development, CISOs face a pressing challenge: how to harness the speed of AI code generation without compromising on security. In a compelling CISO Talk (Chennai Chapter) hosted by CISO Platform, Ram
Cary, NC, July 10, 2025, CyberNewsire—INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration Testing) certification.
The updated c
CISOPlatform Breach Intelligence July 20, 2025 – Microsoft SharePoint Zero-Day, CoinDCX Crypto Exchange Hack, McDonald's AI Platform Breach
Executive Summary
The cybersecurity threat landscape on July 19, 2025 revealed 3 significant security incidents
CISOPlatform Breach Intelligence July 19, 2025 – Ivanti Zero-Days, NVIDIA Container Escape, CrushFTP Exploitation
Executive Summary
The cybersecurity threat landscape on July 18, 2025 revealed 6 significant security incidents across critical infrastruc
CISOPlatform Breach Intelligence July 18, 2025 – Cisco ISE Critical Flaw, NVIDIA Container Toolkit Vulnerability, MCP-Remote RCE
Executive Summary
The cybersecurity threat landscape on July 17, 2025 revealed 7 significant security incidents across crit
Authorities in the United Kingdom this week arrested four people aged 17 to 20 in connection with recent data theft and extortion attacks against the retailers Marks & Spencer and Harrods, and the British food retailer Co-op Group. The breaches have
CISOPlatform Breach Intelligence July 17, 2025 – Chrome Zero-Day CVE-2025-6558, UNC6148 SonicWall Campaign, AI-Prevented SQLite Exploit
Executive Summary
The cybersecurity threat landscape on July 16, 2025, revealed multiple critical security incidents
By Enrico Milanese
Afew years ago, a casino was breached via a smart fish tank thermometer. Related: NIST’s IoT security standard
It’s a now-famous example of how a single overlooked IoT device can become an entry point for attackers — and a cautio
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
