📰 Headlines
Major Ransomware Leak Site Seized
As part of a coordinated international effort, U.S. Homeland Security Investigations have taken down the BlackSuit cybercriminal group’s extortion sites, including data leak blogs and ransomware negotiation sites. 🔗
Bug Bounty Discourse Storms Social Media
Ethical hacker “Renwa” shared on X that they were paid only $1,000 by Apple for finding a critical Safari browser vulnerability, prompting hundreds of others to suggest they sell their discoveries to the black hat community in the future to secure more fair payment. 🔗
Global Cost Of A Data Breach Drops—But US Total Rises
According to IMB’s 2025 Cost of a Data Breach report, the global average cost of a data breach has decreased by 9% since 2024 to reach a total of $4.44M—but the average cost of a breach in the US has risen to a record $10.22M. 🔗
🎯 Threats And APTs
Russian Airline Cancels 100+ Flights Following Cyberattack
Aeroflot, Russia’s biggest airline, was forced to cancel dozens of flights on Monday after a cyberattack caused the company’s IT systems to fail. Two pro-Ukrainian hacker groups have taken credit for the attack, with one claiming to have stolen Aeroflot’s entire database of flight history, audio recordings, internal calls, and surveillance data. 🔗
Customer Data Stolen In Allianz Life Breach
The US insurance company was breached after a threat actor gained access to a third-party CRM system, enabling them to steal personal customer and employee data Impacted individuals will be notified from August 1st. 🔗
Second Leak Exposes More Dating App Data
Tea, a dating app designed to allow women to safely discuss the men they date, confirmed last Friday that thousands of users’ photos and photo IDs were exposed in a breach. Only days later, users’ DMs have also been leaked. 🔗
Wiz Uncovers Critical Vulnerability Following Acquisition
Following Wiz’s acquisition of vibe coding platform Base44, Wiz researchers discovered a vulnerability in the platform that allows unauthorized access to private applications. Wiz has now rolled out a fix for the vulnerability. 🔗
🚨 Industry News
Palo Alto Networks To Acquire CyberArk
The approx. $25 billion acquisition will enable Palo Alto Networks to establish Identity Security as a new core platform. 🔗
BlinkOps Raises $50 Million
The successful Series B funding round will enable BlinkOps to expand their micro-agent security platform for enterprises and MSSPs. 🔗
Google Introduces Vulnerability Disclosure Project
“Project Zero” aims to close the “upstream patch gap”—the period when vendors have an available fix but others in the supply chain haven’t yet integrated it into their end product—by publicly announcing vulnerabilities within a week of reporting them privately to vendors. 🔗
Microsoft Releases “Copilot Mode” For Edge Browser
The experimental feature transforms the Edge interface into an AI-powered browser with combined search, char, and web navigation functionality. 🔗
Number Of Accidental Phishing Clicks Per Month Revealed
According to Google Search trend analysis by Expert Insights, over 2,400 searches related to accidental phishing link clicks occur each month, with users searching for phrases such as “what to do if i clicked on a phishing link’ after they have clicked a link in an email by mistake. The US accounted for 48.1% of such searches, making it the region most prone to these mistakes. 🔗
🏛️ Government And Policy
Trump’s AI Action Plan Pushes For Deregulation
The US has released an AI Action Plan that rescinds former President Joe Biden’s 2023 executive order on AI. The new Plan aims to support innovation and reduce regulation, stating that “the Federal government should not allow AI-related Federal funding to be directed toward states with burdensome AI regulations that waste these funds.” 🔗
UK Age Verification Law Sparks Controversy
In an attempt to shield minors from harmful content, a new UK law is mandating age verification checks across all sites and apps with adult content—but many UK citizens are calling out for the act to be repealed over privacy concerns. 🔗
Minnesota National Guard Called Upon For Cyber Support
Following a cyberattack that targeted critical systems and digital services within the City of St. Paul, Minnesota Governor Tim Walz has issued an executive order calling upon the Minnesota National Guard to help address this incident and reduce disruption to municipal services. 🔗
💡 Resources
The Mid-Market Company’s Guide to Cybersecurity
Stay ahead of evolving threats with Thrive’s Mid-Market Company’s Cybersecurity Guide. Tailored for growing businesses, this guide covers essential strategies to protect your IT infrastructure, avoid common security missteps, and meet compliance standards
The Ultimate Guide to Bulletproof Password Security for Businesses
Find out about password inefficiencies, vulnerabilities and which Password Management Software provides the best solution for your business
Top Identity & Access Management Solutions: Find The Best IAM Tool For Your Business
We’ve reviewed the top Identity and Access Management (IAM) solutions, assessing features like Single Sign-On (SSO), Multi-Factor Authentication (MFA), and role-based access controls.
🎙️ The Expert Insights Podcast
The Key To Restricting Network Security Vulnerabilities
Suresh Katukam, CPO and Co-Founder at Nile, explains how behavioral analysis can help you understand exactly what’s going on within your network. Listen now.
How To Safely Enhance Productivity With AI Copilots
Gerasim Hovhannisyan, CEO and Co-Founder at EasyDMARC, shares his top tips to help you secure your domain against threats like phishing and brand impersonation, and boost deliverability. Listen now.
