Hello
Welcome to this week’s Threat Intelligence Roundup.
Each week, we cover the latest on emerging threats, trends, and top security practices, all tailored just for you. Threat Intel Thursdays are designed to give you a wider perspective and arm you with the knowledge you need to make smart security decisions.
July Month Giveaway for 5 businesses!
To celebrate freedom (and to protect it from hackers), we’re giving away Cybersecurity Awareness Training to 5 companies — on us.
It’s our way of helping businesses stay safe and smart online. companies — on us.
👉 Fill out the form to Get Started
Or forward this to a business friend who could use a little cyber love.
Let’s help your team click smarter, not harder.
Let’s help your team click smarter, not harder.
Or forward this to a business friend who could use a little cyber love.
Let’s help your team click smarter, not harder.
Let’s help your team click smarter, not harder.
Threat Intelligence Email Blast This Week:
Fortinet FortiWeb Web Application Firewall Exploited (CVE-2025-25257)
Fortinet’s FortiWeb web application firewall, identified as CVE-2025-25257, is being actively exploited by attackers. The flaw affects multiple FortiWeb versions (7.6.0–7.6.3, 7.4.0–7.4.7, 7.2.0–7.2.10, and 7.0.0–7.0.10) and allows unauthenticated remote attackers to execute arbitrary code via a SQL injection in the HTTP Authorization header.
This Week’s Roundup:
Cisco 10/10 Vulnerability in ISE Products (CVE‑2025‑20337)
Cisco has disclosed a critical, maximum-severity flaw, tracked as CVE‑2025‑20337, in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE‑PIC), allowing unauthenticated, remote attackers to execute arbitrary code with root privileges by sending crafted API requests.
Windows Server 2025 Golden dMSA Attack
A critical flaw in Windows Server 2025’s delegated Managed Service Accounts (dMSAs), dubbed “Golden dMSA,” has been uncovered.
Chrome Zero-Day Exploited in the Wild (CVE‑2025‑6558)
Google has patched a high-severity sandbox escape zero-day vulnerability in Chrome, tracked as CVE‑2025‑6558, which was actively exploited in the wild by attackers.
SonicWall SMA Appliances Targeted in Malware Attacks
Researchers have identified a new malware campaign by the UNC6148 group targeting SonicWall Secure Mobile Access (SMA) 100‑series appliances, even those fully patched.
eSIM Vulnerabilities Putting IoT Devices at Risk
eSIMs—used in over two billion devices—contain a critical vulnerability in the embedded Universal Integrated Circuit Card (eUICC) software powering Kigen chips.
This week’s incidents reveal several concerning trends in the cybersecurity landscape:
If you need help with any of the above, hit reply or book a call with Rick at https://capital-cyber.com/rick
Securing your business together,
Megan Bennett
