China accuses U.S. intelligence agencies of exploiting Microsoft zero-day vulnerability in cyberattack against key Chinense military enterprises.
Posted inCybersecurity News

China accuses U.S. intelligence agencies of exploiting Microsoft zero-day vulnerability in cyberattack against key Chinense military enterprises.

Chinese authorities today publicly accused U.S. intelligence agencies of orchestrating cyberattacks against two of China’s key military enterprises. According to the Cyber Security Association of China, the attacks reportedly exploited a previously unknown "zero-day" vulnerability in Microsoft Exchange email server software.
Widespread PayPal and Venmo outage impacts millions across the U.S.
Posted inCybersecurity News

Widespread PayPal and Venmo outage impacts millions across the U.S.

On the morning of August 1, 2025, millions of users across the United States were affected by a significant service outage impacting both PayPal and Venmo. The disruption began around 8:45–9:00 a.m. Eastern Time and left users temporarily unable to send or receive funds through either platform—two of the most widely used digital payment services in the country.
Microsoft will disable external Excel workbook links to blocked file types by the end of the year.
Posted inCybersecurity News

Microsoft will disable external Excel workbook links to blocked file types by the end of the year.

Microsoft is strengthening security for Excel users with a significant upcoming change: between October 2025 and July 2026, the company will begin disabling external workbook links to blocked file types by default. This measure is part of Microsoft’s ongoing effort to harden Office applications against indirect and potentially malicious file access.
The common thread behind the Qantas, Allianz Life, and LVMH attacks – ShinyHunters.
Posted inCybersecurity News

The common thread behind the Qantas, Allianz Life, and LVMH attacks – ShinyHunters.

In 2025, a sophisticated wave of data breaches shook some of the world’s most recognized companies—Qantas, Allianz Life, and LVMH. Investigations reveal these incidents are connected by a common thread: the ShinyHunters cyber extortion group. These attacks have been notable not only for the caliber of targeted organizations but for their focus on Salesforce-connected customer relationship management (CRM) platforms. Importantly, the breaches did not stem from vulnerabilities in Salesforce’s own infrastructure; rather, they exploited weaknesses at the user and organizational level.