July Patch Tuesday offers 127 fixes
The seventh month is always a big one for Microsoft, and this year is no exception
Similar Posts
Runsafe report: Medical device cyberattacks threaten patient care, strain budgets, top concern for healthcare sector
Bys sIndustrial Cyber reports: A new report from Runsafe Security highlights how medical device cybersecurity has shifted from a traditional IT issue to a critical patient safety concern. The survey of 605 healthcare executives reveals that 22 percent of healthcare organizations experienced cyberattacks targeting medical devices, with 75 percent of those incidents directly affecting patient care. About 35 percent now…
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch
Bys sA critical security flaw has been disclosed in Apache Tika that could result in an XML external entity (XXE) injection attack. The vulnerability, tracked as CVE-2025-66516, is rated 10.0 on the CVSS scoring scale, indicating maximum severity. “Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an
In Singapore, 147,000 customer records exposed in Cycle & Carriage data breach
Bys sMalay Mail reports: About 147,000 customer records were compromised in a recent data breach at car distributor Cycle & Carriage in Singapore, the company confirmed today. Responding to media queries, a Cycle & Carriage spokesperson said the firm detected unauthorised access to its customer relationship management system on July 14, where a threat actor downloaded…
In Secret Meeting, China Acknowledged Role in U.S. Infrastructure Hacks
Bys sDustin Volz reports: Chinese officials acknowledged in a secret December meeting that Beijing was behind a widespread series of alarming cyberattacks on U.S. infrastructure, according to people familiar with the matter, underscoring how hostilities between the two superpowers are continuing to escalate. The Chinese delegation linked years of intrusions into computer networks at U.S. ports,…
Integrated Oncology Network victim of phishing attack; multiple locations affected
Bys sHHS added ten listings to its public leak site today, all of which are part of the Integrated Oncology Network (“ION”). According to its substitute notice, on May 9, ION concluded an investigation of a phishing incident that occurred between December 13 and December 16, 2024. The incident resulted in “unauthorized access to patient information…
CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
Bys sIntroduction: Security at a Tipping Point Security Operations Centers (SOCs) were built for a different era, one defined by perimeter-based thinking, known threats, and manageable alert volumes. But today’s threat landscape doesn’t play by those rules. The sheer volume of telemetry, overlapping tools, and automated alerts has pushed traditional SOCs to the edge. Security teams…