Summary: I analyzed the Vulnerability Summary for the Week of July 21, 2025 published by CISA. This bulletin lists 176 new vulnerabilities discovered that week. In this article, I present all these vulnerabilities in a factual and structured manner, organized by affected product or vendor. For each product, you’ll find the CVE identifier, CVSS severity…
I remember a typical morning in our CERT team: a hundred alerts were already piling up in the SIEM console, my phone was flashing with urgent messages, and a critical incident report still needed to be finalized. Staying focused in this chaos was a constant challenge. It was in this high-pressure context that I decided…
I adapted this article from my LinkedIn newsfeed to highlight not only a new cyber threat but also a brilliant cybersecurity researcher: Ms. Tammy HARPER. She published a detailed article on July 10, 2025, exposing a new exploitation framework named MIKRONET that has been put up for sale on Russian-speaking forums. Sold for $2,800 per…
I am revisiting the advisory published on July 22, 2025, in which several U.S. and North American government agencies issued a joint cybersecurity advisory regarding the Interlock ransomware, specifically targeting businesses and critical infrastructure across North America and Europe. This advisory stems from recent investigations conducted by the Federal Bureau of Investigation (FBI), the Cybersecurity…
A Flagship Forum of Russophone Cybercrime Here is a factual and neutral synthesis based on OSINT sources. The XSS forum (accessible via the domain xss.is) has emerged as one of the world’s leading cybercrime hubs, particularly within the Russian-speaking community. Originally launched in 2004 under the name DaMaGeLaB, this hacker forum has been active for…
I have reviewed the CISA bulletin of newly reported vulnerabilities for the week of July 14, 2025. It is a compilation of recently discovered flaws, mostly classified as critical (CVSS score 7.0–10.0). As a CERT manager, I am providing here a detailed analysis of these vulnerabilities. I have grouped them by vendor, highlighting each flaw…
