Top Tech Headlines for July 16, 2025

From military hacking scandals to space-powered terabit internet and AI that's outsmarting coders, today’s news is packed with major cybersecurity developments and breakthroughs in tech. Here's what you need to know to stay informed—and secure.

Former U.S. Army Soldier Pleads Guilty to Hacking and Extortion

A 21-year-old ex-U.S. Army soldier admitted to targeting and extorting at least ten U.S. technology and telecom companies. The attacks involved unauthorized access and blackmail attempts. It’s a sobering reminder that insider threats remain a major cybersecurity concern.

Louis Vuitton Breaches in Three Countries Linked to Single Attack

Global fashion house Louis Vuitton confirmed that customer data breaches in the UK, South Korea, and Turkey all stemmed from one coordinated cyberattack. The culprit? Likely the notorious ShinyHunters extortion group. Keep an eye on supply chain security—fashion, luxury, and retail are firmly in the crosshairs.

Cloudflare Explains 1.1.1.1 Outage—Not a Cyberattack

Over the weekend, Cloudflare’s popular 1.1.1.1 DNS resolver went offline briefly, sparking widespread speculation. The cause wasn’t a DDoS or BGP attack, but an internal misconfiguration. Transparency in incident reporting like this helps combat misinformation and ease user concerns.

SonicWall SMA Hacked via 'OVERSTEP' Rootkit

Threat actor UNC6148 exploited previously-patched SonicWall SMA 100 series devices, planting a new malware rootkit dubbed OVERSTEP. The sophisticated attack bypasses defenses by altering the boot process—even on no-longer-supported devices. This one’s high-risk for any orgs still running legacy hardware.

Fortinet FortiWeb Hacked Through Recent RCE Flaw

Hackers leveraged a public exploit for CVE-2025-25257 to compromise Fortinet FortiWeb systems, installing web shells. If you haven’t patched yet—do it now. RCE vulnerabilities like this can give attackers full control.

Europol Disrupts Pro-Russian DDoS Group NoName057(16)

Good news: Europol’s Operation Eastwood took down much of the infrastructure belonging to NoName057(16), a prolific pro-Russian hacktivist gang. The group’s been behind DDoS attacks targeting Western orgs. It's a major win for global cyber defense forces.

Matanbuchus 3.0 Malware Spreads via Microsoft Teams

The Matanbuchus malware loader has evolved again—this time delivered via Microsoft Teams links in convincing social engineering campaigns. Once clicked, it opens doors for broader attacks. It’s a reminder: corporate chat apps are the new phishing frontier.

Google Patches Two Major Chrome Vulnerabilities, Including Zero-Day

Chrome users, update now. Google issued urgent patches for six vulnerabilities, including CVE-2025-6558—a sandbox escape flaw being actively exploited. Another exploit was nipped in the bud by Google AI's “Big Sleep” early-detection system before it made it into the wild.

Critical Windows Server 2025 Flaw Enables Cross-Domain Attacks

A newly exposed “Golden dMSA” vulnerability in Windows Server 2025 could let attackers move laterally across networks by gaining persistent domain access. Enterprises relying on Microsoft infrastructure should deploy mitigations promptly.

Fake CFOs and Deepfake Recruiters Are the New Security Threat

AI-driven impersonation—via deepfakes, synthetic voices, and cloned LinkedIn recruiters—is creating a new class of scams. Companies need to double down on employee training and identity-first security to protect sensitive information from these sophisticated social engineering attacks.

New Android Malware Variant “Konfety” Steals Data via Fake Apps

The latest Konfety strain uses "evil twin" apps and dynamic code loading to evade detection while stealing user data and committing ad fraud. Android users beware: always vet your downloads—even from seemingly legit sources.

Grok 4 AI Model Outshines Rivals in Math, Shines in Coding

Elon Musk’s Grok 4 AI model crushed benchmark tests in math and earned a strong second place in coding—just behind top-performing models like Gemini 2.5 Pro. The leap in reasoning ability and accuracy shows how fast AI tools are advancing in real-world problem-solving.

SK Telecom Releases Mobile-Optimized AI Model on Hugging Face

South Korea’s SK Telecom introduced AX 3.1 Lite, a compact language model with 7 billion parameters—small enough to run on smartphones. It's designed for edge use cases like voice assistants without needing the cloud, giving mobile AI a huge boost.

Uber to Add Thousands of Baidu’s Apollo Go Driverless Cars

In a bold move for rideshare tech, Uber is teaming up with Baidu to integrate thousands of Apollo Go autonomous cars into its platform. It’s one of the most significant expansions of self-driving fleets to date—thanks to cutting-edge Chinese innovation.

Next.js 15.4 Preps Devs for Version 16 with Turbopack Updates

Although it’s a modest release, Next.js 15.4 brings meaningful performance gains by enhancing Turbopack’s compile speed and efficiency. With version 16 on the horizon, web developers are getting the speed boost they need right now.

SpaceX Starlink Gen3 Teases Terabit Speeds

SpaceX is amping up Starlink with Gen3 satellites targeting terabit-per-second speeds and better latency. Designed to bring fiber-level internet to even the most remote users, this could be a game-changer for global connectivity.

AI Agents Acting Like Root-Level Staff? Time to Reevaluate

Generative AI models integrated into workflows may unknowingly act with elevated privileges, exposing critical systems to risk. Experts are warning firms to adopt identity-first security models to restore control over these powerful tools.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.