Security news weekly round-up – 25th July 2025
We have 5 articles to review in this week’s edition. All 5 articles cover different threats that can affect me and you. Some are popular, e.g. malware, phishing, and vulnerabilities. While others— privacy issues surrounding the use of AI and browser-based cryptojacking attacks— not so much.
For privacy and security, think twice before granting AI access to your personal data
The article title is a clear warning and also advice. If you’re not ready to share some of your data with your favorite AI-powered application, don’t give it access at all.
From the article:
There are serious security and privacy risks associated with using AI assistants that rely on your data. In allowing access, you’re instantly and irreversibly handing over the rights to an entire snapshot of your most personal information as of that moment in time, from your inbox, messages, and calendar entries dating back years, and more.
3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics
It’s never good when your computing resources are hijacked to mine crypto. But, here we are. And all it takes is browsing a compromised website.
From the article:
Attackers now prioritize stealth over brute-force resource theft, using obfuscation, WebSockets, and infrastructure reuse to stay hidden,” c/side said. “The goal isn’t to drain devices instantly, it is to persistently siphon resources over time, like a digital vampire.
What to know about ToolShell, the SharePoint threat under mass exploitation
This is more like an interesting question and answer type of discussion. Meanwhile, it offers insights into the vulnerability that’s currently being exploited.
From the article:
The vulnerability, which is formally tracked as CVE-2025-53770, enables unauthenticated remote code execution on servers running SharePoint. Microsoft said it observed active exploitation for three separate groups, all of which are connected to the Chinese government.
According to numerous technical analyses, the attackers first infect vulnerable systems with a webshell-based backdoor that gains access to some of the most sensitive parts of a SharePoint Server. From there, the webshell extracts tokens and other credentials that allow the attackers to gain administrative privileges.
Phishers Target Aviation Execs to Scam Customers
Nothing new, but it’s worthy of mention because it shows some cybercriminals have no OPSEC and thankfully it helps unmask them or part of their operation, just as Brian Krebs did in this article.
From the article:
A reader who works in the transportation industry sent a tip about a recent successful phishing campaign that tricked an executive at the company into entering their credentials at a fake Microsoft 365 login page.
Speaking on condition of anonymity, the reader said the resulting phishing emails to customers came from a newly registered domain name that was remarkably similar to their employer’s domain, and that at least one of their customers fell for the ruse and paid a phony invoice.
Rogue CAPTCHAs: Look out for phony verification pages spreading malware
You have been warned.
No excerpt for this one.
Read the article, you won’t regret it.
Credits
Cover photo by Debby Hudson on Unsplash.
That’s it for this week, and I’ll see you next time.
