In July 2025, here’s a look at cybersecurity stories that made waves, sounded the alarm, or provided crucial insights.
31 Jul 2025
As we bid farewell to another month, ESET Chief Security Evangelist Tony Anscombe reflects on the cybersecurity stories that left a mark and imparted valuable lessons in July 2025. Let’s dive into some of the key highlights from the past month.
- Notable attacks on on-premises Microsoft SharePoint servers exploiting ToolShell zero-day vulnerabilities and the implications for businesses.
- The resurgence of Lumma Stealer, previously thwarted through a global operation involving ESET’s expertise.
- The unfortunate demise of KNP, a 158-year-old UK transport company, due to a ransomware attack that began with a compromised employee password.
- A security flaw in McHire, McDonald’s chatbot job application platform, exposing the chats of over 64 million job applicants in the US.
- The discovery of critical vulnerabilities in a widely used Bluetooth stack dubbed “PerfektBlue” that posed remote hacking risks for millions of cars.
- The UK government’s proposition to prohibit public sector entities and critical infrastructure organizations from paying ransoms post-ransomware attacks.
For more insights, don’t miss out on Tony’s roundup of security news from June 2025.
Stay connected with us on Facebook, X, LinkedIn, and Instagram.
