Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Black Hat USA 2025
Black Hat USA 2025 took place at the Mandalay Bay Convention Center in Las Vegas. Explore related news, photos, product releases, and more.
AIBOMs are the new SBOMs: The missing link in AI risk management
In this Help Net Security interview, Marc Frankel, CEO at Manifest Cyber, discusses how overlooked AI-specific risks, like poisoned training data and shadow AI, can lead to security issues that conventional tools fail to detect. He explains how AI Bills of Materials (AIBOMs) extend SBOMs to provide transparency into datasets, model weights, and third-party integrations, improving governance and incident response.
Security tooling pitfalls for small teams: Cost, complexity, and low ROI
In this Help Net Security interview, Aayush Choudhury, CEO at Scrut Automation, discusses why many security tools built for large enterprises don’t work well for leaner, cloud-native teams. He explains how simplicity, integration, and automation are key for SMBs with limited resources.
Beyond PQC: Building adaptive security programs for the unknown
In this Help Net Security interview, Jordan Avnaim, CISO at Entrust, discusses how to communicate the quantum computing threat to executive teams using a risk-based approach. He explains why post-quantum cryptography (PQC) is an urgent and long-term priority.
SonicWall firewalls targeted in ransomware attacks, possibly via zero-day
Attackers wielding the Akira ransomware and possibly a zero-day exploit have been spotted targeting SonicWall firewalls since July 15, 2025.
Project Ire: Microsoft’s autonomous malware detection AI agent
Microsoft is working on a AI agent whose main goal is autonomous malware detection and the prototype – dubbed Project Ire – is showing great potential, the company has announced on Tuesday.
Millions of Dell laptops could be persistently backdoored in ReVault attacks
A set of firmware vulnerabilities affecting 100+ Dell laptop models widely used in government settings and by the cybersecurity industry could allow attackers to achieve persistent access even across Windows reinstalls, Cisco Talos researchers have discovered.
Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987)
Unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting the on-premise version of Trend Micro’s Apex One endpoint security platform are being probed by attackers, the company has warned on Wednesday.
Adobe patches critical Adobe Experience Manager Forms vulnerabilities with public PoC
Adobe has released an emergency security update for Adobe Experience Manager Forms on Java Enterprise Edition (JEE), which fix two critical vulnerabilities (CVE-2025-54253, CVE-2025-54254) with a publicly available proof-of-concept (PoC) exploit.
Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)
The privilege escalation can be performed by exploiting CVE-2025-53786, a newly disclosed vulnerability that stems from Exchange Server and Exchange Online sharing the same service principal – i.e., the Office 365 Exchange Online application – in hybrid configurations. (The app is used to authenticate and secure the communication between Exchange Server and Exchange Online.)
Cybersecurity and the development of software-defined vehicles
In many automotive companies, the same systems-engineering teams are responsible for both safety and security. As a result, cybersecurity is treated as a subset of safety, undergirded by an implicit assumption: “If it’s safe, it must be secure.”
What GPT‑5 means for IT teams, devs, and the future of AI at work
OpenAI has released GPT‑5, the newest version of its large language model. It’s now available to developers and ChatGPT users, and it brings some real changes to how AI can be used in business and IT environments.
August 2025 Patch Tuesday forecast: Try, try again
July started slow with a calm Patch Tuesday, addressing 130 CVEs but only one publicly disclosed, so risk was low. Then two SharePoint CVEs were exploited, heating things up with hotfixes late in the month. Add security issues in Microsoft Exchange and major Google and Apple updates, and July ended very active.
Open-source password recovery utility Hashcat 7.0.0 released
Hashcat is an open-source password recovery tool that supports five attack modes and more than 300 highly optimized hashing algorithms. It runs on CPUs, GPUs, and other hardware accelerators across Linux, Windows, and macOS, and includes features for distributed password cracking at scale.
BloodHound 8.0 debuts with major upgrades in attack path management
SpecterOps has released BloodHound 8.0, the latest iteration of its open-source attack path management platform, featuring major enhancements and expanded capabilities.
Open-source server management platform Proxmox VE 9.0 released
Proxmox Virtual Environment (VE) 9.0 introduces advancements in both storage and networking capabilities, addressing critical enterprise demands.
AI in the SOC: Game-changer or more noise?
In this Help Net Security video, Kev Marriott, Senior Manager of Cyber at Immersive Labs, explores the challenges and opportunities of integrating AI into Security Operations Centers (SOCs).
Third-party partners or ticking time bombs?
In this Help Net Security video, Ngaire Elizabeth Guzzetti, Technical Director Supply Chain at CyXcel, discusses why a third of U.S. organizations don’t trust third-party vendors to manage critical risks and what that means for supply chain security.
What’s keeping risk leaders up at night? AI, tariffs, and cost cuts
Enterprise risk leaders are most concerned about rising tariffs and trade tensions heading into the second half of 2025, according to a new report from Gartner. The firm’s second-quarter Emerging Risk Report, based on a survey of 223 senior risk, audit, and compliance executives, ranks the escalating trade war as the top emerging risk, up from third in the first quarter.
The surprising truth about identity security confidence
Organizations most confident in their identity security are often the least prepared, according to a new report from BeyondID. The study reveals a troubling gap between what organizations believe about their identity security programs and how they actually behave. Surprisingly, those expressing the highest confidence are adopting fewer best practices than their more cautious peers.
Average global data breach cost now $4.44 million
IBM released its Cost of a Data Breach Report, which revealed AI adoption is greatly outpacing AI security and governance. While the overall number of organizations experiencing an AI-related breach is a small representation of the researched population, this is the first time security, governance and access controls for AI have been studied in this report, which suggests AI is already an easy, high value target.
Ransomware groups shift to quadruple extortion to maximize pressure
Threat actors are using a new quadruple extortion tactic in ransomware campaigns, while double extortion remains the most common approach, according to Akamai.
Your employees uploaded over a gig of files to GenAI tools last quarter
In Q2 2025, Harmonic reviewed 1 million GenAI prompts and 20,000 uploaded files across more than 300 GenAI and AI-powered SaaS apps, and the findings confirm that sensitive data is being exposed through GenAI tools, something many security leaders fear but find difficult to measure.
Why 90% of cyber leaders are feeling the heat
90% of cyber leaders find managing cyber risks harder today than five years ago, mainly due to the explosion of AI and expanding attack surfaces, according to BitSight. These threats are also fueling high rates of burnout, with 47% of cybersecurity and cyber risk professionals reporting exhaustion.
CISOs say they’re prepared, their data says otherwise
A new Axonius report, based on a survey of 500 U.S.-based IT and security leaders, shows a disconnect between perceived readiness and actual performance in vulnerability and exposure management. While 90% of respondents said their organization is prepared to act when a threat is found, only 25% said they trust the data in their security tools.
Ransomware is up, zero-days are booming, and your IP camera might be next
Cyber attackers are finding new ways in through the overlooked and unconventional network corners. Forescout’s 2025H1 Threat Review reveals a surge in advanced tactics, with zero-day exploits up 46 percent and ransomware attacks averaging 20 per day.
Energy companies are blind to thousands of exposed services
Many of America’s largest energy providers are exposed to known and exploitable vulnerabilities, and most security teams may not even see them, according to a new report from SixMap.
AI can write your code, but nearly half of it may be insecure
While GenAI excels at producing functional code, it introduces security vulnerabilities in 45 percent of cases, according to Veracode’s 2025 GenAI Code Security Report, which analyzed code produced by over 100 LLMs across 80 real-world coding tasks.
Cybercriminals are getting personal, and it’s working
Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or obfuscated deployments, according to VIPRE Security.
Fraud controls don’t guarantee consumer trust
Over a third of companies say they are using AI, including generative AI, to fight fraud, according to Experian. As fraud threats become more complex, companies are accelerating their investments with over half adopting new analytics and building AI models to enhance customer decision-making.
From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends
Cybercriminals are getting better at lying. That’s the takeaway from a new LevelBlue report, which outlines how attackers are using social engineering and legitimate tools to quietly move through environments before they’re caught.
Back to basics webinar: The ecosystem of CIS Security best practices
Watch this on-demand webinar to understand how you can use an ecosystem of security best practices built by the Center for Internet Security (CIS) to support this mission.
Cybersecurity jobs available right now: August 5, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
New infosec products of the week: August 8, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Black Kite, Descope, Elastic, ExtraHop, LastPass, and Riverbed.
