You can’t keep a good horror series down, and it seems ‘The Purge’ is ready to come out of ready retirement.

Perplexity’s CEO lays out a near-future where entire white-collar roles are automated by a new generation of AI browsers, transforming a week’s worth of work into a single prompt.

Since a sequel is likely years away, ‘Superman’ viewers are getting their Super-fix by revisiting some of his past shows and movies on HBO Max.

Singapore says China-linked group UNC3886 targeted its critical infrastructure by hacking routers and security devices. Singapore accused China-linked APT group UNC3886 of targeting its critical infrastructure. UNC3886 is a sophisticated China-linked cyber espionage group that targets network devices and virtualization technologies using zero-day exploits. Its primary focus is on defense, technology, and telecommunications sectors in […]

CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the new Common Vulnerabilities and Exposures (CVE), CVE-2025-53770, is a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations. This exploitation activity, publicly reported as “ToolShell,” provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network. 

CISA recommends the following actions to reduce the risks associated with the RCE compromise: 

• For information on detection, prevention, and advanced threat hunting measures, see Microsoft’s Customer Guidance for SharePoint Vulnerability and advisory for CVE-2025-49706. Organizations are encouraged to review all articles and security updates published by Microsoft on July 8, 2025, relevant to the SharePoint platform deployed in their environment.
• Monitor for POSTs to /_layouts/15/ToolPane.aspx?DisplayMode=Edit
• Conduct scanning for IPs 107.191.58[.]76, 104.238.159[.]149, and 96.9.125[.]147, particularly between July 18-19, 2025.
• Update intrusion prevention system and web-application firewall rules to block exploit patterns and anomalous behavior. For more information, see CISA’s Guidance on SIEM and SOAR Implementation.
• Implement comprehensive logging to identify exploitation activity. For more information, see CISA’s Best Practices for Event Logging and Threat Detection.
• Audit and minimize layout and admin privileges.

For more information on this vulnerability, please see Eye Security’s reporting and Palo Alto Unit42’s post.

Note: This Alert may be updated to reflect new guidance issued by CISA or other parties.

Organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at Report@cisa.gov or (888) 282-0870.  

Disclaimer:  

The information in this report is being provided “as is” for informational purposes only. CISA does not endorse any commercial entity, product, company, or service, including any entities, products, or services linked within this document. Any reference to specific commercial entities, products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by CISA. 

If you’ve been wanting to see more of the Bad Batch, August’s ‘Sanctuary’ novel will give you your hit of clone misadventures.

The financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) has been attributed to a new campaign that’s targeting Web3 developers to infect them with information stealer malware.
“LARVA-208 has evolved its tactics, using fake AI platforms (e.g., Norlax AI, mimicking Teampilot) to lure victims with job offers or portfolio review requests,” Swiss cybersecurity

A 20-second cuddle at a Coldplay concert turned two anonymous executives into global villains, and a viral cautionary tale about power, privacy, and the wrath of the internet.

There could be life as we know it, or rather as we don’t know it, forming on Saturn’s largest moon.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet FortiWeb flaw, tracked as CVE-2025-25257, to its Known Exploited Vulnerabilities (KEV) catalog. Hackers began exploiting the critical Fortinet FortiWeb flaw CVE-2025-25257 (CVSS score of 9.6) on the same day a proof-of-concept (PoC) exploit […]