Top Tech Headlines for July 30, 2025

From advanced cyberattacks and major data breaches to innovations in AI and secure firmware updates, today’s roundup is packed with crucial developments. Whether you're a dev, a sysadmin, or just serious about staying safe in a connected world, here’s what you need to know.

ShinyHunters Hit Qantas, Allianz Life, and LVMH via Salesforce Data Theft

Notorious hacking group ShinyHunters has claimed responsibility for data breaches targeting Qantas, Allianz Life, and luxury brand LVMH. The attackers allegedly exploited Salesforce APIs to siphon off sensitive customer data. This is a sharp reminder that corporate SaaS platforms remain a prime target for sophisticated intrusions.

Python Devs Under Fire: Phishing Campaign Mimics PyPI Site

Python developers are being targeted in a new phishing campaign that uses a nearly identical fake PyPI site to steal credentials. The Python Software Foundation issued a warning urging devs to double-check URLs and consider enabling 2FA. It's a striking example of how trust in open-source resources is being exploited.

Ingram Micro Breach: 3.5TB of Data Held Hostage by SafePay Ransomware

SafePay ransomware operators are threatening to leak 3.5 terabytes of sensitive data from IT giant Ingram Micro. The breach, reportedly stemming from a system compromise earlier this month, could have broad implications for the company’s partners and customers.

WordPress 'Alone' Theme Exploited in Remote Code Attacks

Sites using the 'Alone' WordPress theme are at risk due to a critical unauthenticated RCE vulnerability currently under active exploitation. Attackers can upload arbitrary files and take full control over affected sites. Immediate patching or theme removal is highly recommended.

Bank Attackers Plant 4G-Powered Raspberry Pi in Sophisticated ATM Heist Attempt

A hacking group known as UNC2891 (LightBasin) slipped a 4G-enabled Raspberry Pi into a bank's network to stage a failed ATM attack. It's a real-world example of blending physical and cyber tactics to bypass security. The breach was foiled but raises questions about on-site infrastructure defenses.

Apple Patches Zero-Day That Also Targeted Chrome

Apple has issued emergency security updates fixing CVE-2025-6558, a zero-day vulnerability that was exploited in both Safari and Chrome. Users on macOS and iOS should update immediately to stay protected. This double-exploit highlights the interconnected risk across browser platforms.

Lenovo UEFI Flaws Could Bypass Secure Boot

Lenovo has released UEFI firmware updates to fix critical BIOS flaws that could allow Secure Boot bypass on several PC models. The vulnerabilities affect devices using Insyde firmware and could enable persistent malware installations. Updating firmware is crucial for proper system hardening.

AI Cuts Virtual CISO Workload by 68% According to Report

An insightful report from Cynomi shows a 3x rise in the adoption of AI-driven vCISO services among SMBs, reducing manual security tasks by up to 68%. MSPs and MSSPs are increasingly relying on AI to scale their offerings affordably. Efficiency without sacrificing protection is the trend to watch.

Mark Zuckerberg Envisions 'Personal Superintelligence'

Meta CEO Mark Zuckerberg shared a future vision of AI that empowers users with deeply personalized "superintelligence." While no firm release dates were shared, Meta plans to integrate the tech into its broader ecosystem. Ethics and responsible deployment will be under the microscope as things develop.

IoT Threats Grow in APAC as Aeris Launches Watchtower Platform

Aeris is rolling out its IoT Watchtower platform in the Asia-Pacific region to address rising cellular IoT security threats. As more connected devices go online, especially across smart infrastructure, the stakes continue to climb. Preventive visibility and segmentation are more critical than ever.

Lazarus Group Leverages Open Source for Attacks

North Korea-linked Lazarus Group is ramping up use of open-source platforms like npm and PyPI to hack global supply chains. New research from Sonatype flags these developments as a concerning evolution in modern threat tactics. Open-source vetting and dependency management just became non-optional.

Alibaba’s AI Coding Assistant Raises Western Security Concerns

Alibaba’s new AI-powered coding tool is gaining popularity, but Western cybersecurity experts are concerned it may generate insecure or backdoor-laden code. Transparency and auditability remain top concerns. Developers are advised to be cautious and review all AI-generated outputs.

Hackers Spread JSCEAL Malware via Facebook Ads and Fake Crypto Apps

Cleverly disguised as cryptocurrency trading apps, a malware campaign circulating through Facebook ads is delivering JSCEAL—malware aimed at stealing credentials and wallets. This campaign shows how social platforms can be hijacked to serve malicious code directly to unsuspecting users.

FunkSec Ransomware Decryptor Released to Public

Good news: a free decryptor for the now-dormant FunkSec ransomware has been released. The tool helps over 170 known victims recover their files, making it a win for collaborative cybersecurity. Always back up important data, but now there's a silver lining for those hard-hit.

Pillar Security Unveils End-to-End AI Security Platform

Pillar has launched a full-lifecycle AI security platform designed to cover everything from model design to runtime enforcement. This all-in-one tool aims to help businesses securely deploy AI across their stacks. It's a signal that AI security is maturing beyond reactive measures.

Critical Flaws Let Attackers Hijack Dahua Smart Cameras

Serious zero-day vulnerabilities affect multiple Dahua camera models, allowing threat actors to hijack devices via LAN or the internet. Exploits use ONVIF and file upload flaws. Users are urged to update firmware and consider network segmentation for IoT.

Chinese Firms Linked to Cyber Espionage Filed Patents for Hacking Tools

Security analysts have uncovered over 15 patents from Chinese companies tied to group 'Silk Typhoon', linked to MSS-backed cyber operations. These filings indicate well-funded and long-term cyber espionage goals. The disclosure offers insights for global defense posture improvement.

Google Launches DBSC in Chrome, Improves Patch Transparency

Chrome now includes DBSC in open beta—aimed at improving device-based sign-ins—and Google’s Project Zero is making vulnerability disclosure more transparent. The features bolster account security and pressure vendors to patch faster. It's a solid gain for users and researchers alike.

SAP Flaw Exploited to Install Malware on Linux Systems

Threat actors are leveraging an SAP vulnerability (CVE-2025-31324) to push Auto-Color malware onto Linux systems. A U.S.-based chemicals firm has already been targeted, raising major alarms around ERP security. Patch quickly and verify system integrity if SAP is part of your stack.

Scattered Spider Arrests Slow Attacks—For Now

Authorities have arrested key members of Scattered Spider, the hacking group behind recent high-profile breaches. While attacks have temporarily subsided, experts warn that copycat groups are picking up the pace. Organizations should audit access controls and monitor insider threat vectors.

Want to stay ready for anything? From data recovery to bootable OS installs, our Ultimate USBs have your back. Check out our tools today.