Cyber disruptions to rise as Admin to spend $1B on offensive cyber, cut cyber defense. Should banks do more to fight "Pig Butchering." Cyber crime risks from Agentic AI. Romance scam myths die hard.
Cybersecurity News of the Week & Patch Report, July 20, 2025
This week's essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate.
Sections
Section 1: National and International News
SecureTheVillage: Events. Programs. Guides. Newsletters.
Section 2: Families and Individuals: Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware.
Section 3: Smaller Businesses and Nonprofits: A Discipline of Cybersecurity.
Cybersecurity Nonprofit of the Week
Section 4: Patch and Update Report
Section 1: National and International News
Defense Department to spend $1 billion on ‘offensive’ hacking: What that means—and the major risk involved: The Department of Defense plans to spend $1 billion on “offensive cyber operations” over the next four years, TechCrunch reported. ;;; The funding comes from a provision tucked into President Donald Trump’s massive 940-page One Big Beautiful Bill Act. … According to the report, the bill does not specify what the “offensive cyber operations” are or what software would qualify for funding. However, it does stipulate that the funding will go to enhancing and improving the U.S. Indo-Pacific Command (INDOPACOM) that’s based in Hawaii, which is responsible for defending and promoting U.S. interests in the Pacific and Asia, including China. … Democrat Sen. Ron Wyden of Oregon, who sits on the Senate Select Committee on Intelligence, said that the funding comes at the same time the current administration has cut other defensive cybersecurity programs—including gutting the staff and budget of the nation’s Cybersecurity and Infrastructure Security Agency (CISA)—which leaves the country vulnerable. … “The Trump administration has slashed funding for cybersecurity and government technology and left our country wide open to attack by foreign hackers,” Wyden told Fast Company in a statement. “Vastly expanding U.S. government hacking is going to invite retaliation—not just against federal agencies, but also rural hospitals, local governments, and private companies who don’t stand a chance against nation-state hackers.”
U.S. Rail Systems at Risk After Industry Ignored Decades-Old Cybersecurity Vulnerabilities: U.S. rail system controls are not safe. While industry slept, security researchers discovered decades ago that hackers can remotely access the radio communications equipment that controls a train’s braking systems. On July 10, the Cybersecurity and Infrastructure Security Agency (CISA) issued a public warning about the vulnerability. While the freight rail industry is planning to address these flaws, solutions will not begin rolling out until 2027.
A Little-Known Microsoft Program Could Expose the Defense Department to Chinese Hackers: Microsoft is using engineers in China to help maintain the Defense Department’s computer systems — with minimal supervision by U.S. personnel — leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation has found. … The arrangement, which was critical to Microsoft winning the federal government’s cloud computing business a decade ago, relies on U.S. citizens with security clearances to oversee the work and serve as a barrier against espionage and sabotage. … But these workers, known as “digital escorts,” often lack the technical expertise to police foreign engineers with far more advanced skills, ProPublica found. Some are former military personnel with little coding experience who are paid barely more than minimum wage for the work. … “We’re trusting that what they’re doing isn’t malicious, but we really can’t tell,” said one current escort who agreed to speak on condition of anonymity, fearing professional repercussions.
Pentagon yanks speakers from Aspen Security Forum, blasts its values: The Pentagon abruptly pulled several of its top officials from speaking this week at the Aspen Security Forum in Colorado, saying Monday the forum’s organizers do not share values with the Defense Department. … “Senior Department of Defense officials will no longer be participating at the Aspen Security Forum because their values do not align with the values of the DOD,” Pentagon spokesman Sean Parnell said in a statement to Defense News. … The Aspen Institute, which stages the forum every summer, said in a statement to Defense News that it sought to include top leaders from President Donald Trump’s administration in its discussions on national security, and that the canceled speakers are still welcome there. … The institute describes itself as a nonpartisan, nonprofit organization that aims to create “a free, just and equitable society.”
Millions Stolen, Death Threats: Should Banks Do More to Fight ‘Pig Butchering’?: Scams that trick people into transferring funds fall outside most current fraud protections. Some victims want banks to take responsibility. … For nearly 50 years, Anamarie Hurt trusted her husband, Craig, to manage their finances. And he did a good job of it, making investments that grew into a comfortable nest egg. … Then Craig walked into a bank in Tulsa, Okla., and began moving their retirement funds into cryptocurrency investments that turned out to be fake. A year later, after losing more than $5 million, the Hurts’ life savings were gone. … At first, Anamarie’s anger was directed at Craig. But it soon found another target: the bank that she said helped him send wires as high as $300,000 at a time to scammers.
Cambodia continues raids on scam centers, bringing arrests in past 3 weeks over: PHNOM PENH, Cambodia (AP) — Authorities in Cambodia continued their stepped-up campaign against online scam centers, arresting at least 500 suspects in two provinces on Thursday and Friday, the country’s information minister said. … The arrests in Kandal province on the outskirts of the capital Phnom Penh, and in the northeastern province of Stung Treng, brought to 2,137 the total number detained since June 27, Information Minister Neth Pheaktra said in a statement. … The United Nations and other agencies have estimated that cyberscams, most of them originating from Southeast Asia, earn international criminal gangs billions of dollars annually. The cybercriminals pretend friendship or tout phony investment opportunities to cheat their targets around the world.
ChatGPT Agent shows that there’s a whole new world of AI security threats on the way we need to worry about: Do you really want to give AI your credit card? … ChatGPT Agent is designed to do complex real-world tasks for you. Think about things like planning a wedding, booking your car in for a service, making an app to solve a problem, or planning and booking a holiday. … “One particular thing we’re worried about is a new attack called ‘prompt injections’. Agent might stumble upon a malicious website that asks it to enter your credit card information here because it will help you with your task, and Agent, which is trained to be helpful, might decide that’s a good idea. “
UK retail giant Co-op confirms hackers stole all 6.5 million customer records: The chief executive of U.K. retail conglomerate Co-op on Wednesday said that hackers had stolen the personal data of all of the company’s customers during an April cyberattack. … Co-op Group CEO Shirine Khoury-Haq told BBC News that the hackers copied the company’s member list of 6.5 million members, but that Co-op shut down its network before the hackers could lock up its systems with ransomware.
United Natural Foods loses up to $400M in sales after cyberattack: The food distributor and wholesaler said the cyberattack that prompted the food distributor and wholesaler to completely shut down its network last month resulted in lost sales of up to $400 million.
Healthcare SaaS firm says data breach impacts 5.4 million patients: Episource warns of a data breach after hackers stole health information of over 5 million people in the United States in a January cyberattack. … Episource is an American healthcare services company that provides risk adjustment, medical coding, data analytics, and technology solutions to health plans and providers. They help insurers optimize payments and compliance in government programs like Medicare Advantage.
DragonForce hackers claim responsibility for Belk data breach: The North Carolina-based retailer is the latest known victim in a spree of attacks in the U.K. and U.S. … DragonForce, a cyber criminal group connected to a series of attacks against retail firms in recent months, is claiming credit for an attack on the North Carolina-based department store chain Belk. … The group claimed on its leak site that it has approximately 156 gigabytes of data stolen from the company.
Meta removes 10 million Facebook profiles in effort to combat spam: Meta on Monday said it has removed about 10 million Facebook profiles for impersonating large content producers so far in 2025, in an effort to reduce spam. … This mandate comes at a time when AI is making it easier to mass-produce content throughout social media platforms. … Other platforms are also taking action to combat the increase of spammy, low-quality content on social media, also known as “AI slop.”
SecureTheVillage
Events
August 19: Cybersecurity Connect Discussion Group. Robert Braun, Partner, Jeffer Mangels Butler & Mitchell, Co-Chair of the JMBM Cybersecurity and Privacy Group. Continuing the May discussion: Recent developments in cybersecurity and privacy laws and regulations. August 19, 3:45 - 5:00 PDT.
Programs for smaller businesses, nonprofits, and the MSP / IT service providers who support them.
The Reasonable Cybersecurity Lab™
Guides for families and individuals
How Hackable Are You? Strengthen your cybersecurity and privacy defenses with our free updated 13-step guide.
Guide to Password Managers. What you need to know to get a password manager that's right for you.
After a Disaster: A Guide to Keep Your Phone Secure, Safeguard Your Information, and Avoid Being Scammed. This is a concise guide on how to protect yourself from scams in the aftermath of a local disaster, whether it's an earthquake, major fire, hurricane, or other crisis.
SecureTheVillage FREE Newsletters. Sign up or share with a friend!
Cybersecurity News of the Week & Weekend Patch Report. Our award winning newsletter, now on Substack. Essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned.
Family Protection Newsletter: Our monthly newsletter for non-cyber experts. For your parents, friends, and those who need to protect themselves in a digital world.
Section 2: Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware.
An excellent piece from our friends at FightCybercrime.
The Truth About Romance Scam Myths, It’s Not What You Think: If you’ve ever heard someone say, “that would never happen to me,” when talking about romance scams, you’re not alone. Maybe you’ve even thought about it yourself once. It’s easy to believe we’re somehow safe if we just do the “right” things, if we’re smart enough, young enough, tech savvy enough, or skeptical enough. But here’s the thing, most of the beliefs people hold onto about romance scams are flat out wrong. … If you’re someone who has been affected by a romance scam, directly or indirectly, you probably already know how harmful those myths can be. They can make you feel ashamed, isolated, or judged when what you actually need is understanding, support, and truth. Let’s talk through seven of the most common myths and set the record straight.
T-Mobile continues to “take your privacy seriously.” Forgive me for not believing a word of it.
T-Mobile Adds Two New Privacy Toggles, And They’re On By Default: By now, you’re probably perfectly familiar with how companies absolutely love to hoard your personal data. They use it to profile you for targeted ads, sell it to other companies for marketing purposes, and sometimes end up unintentionally sharing it with bad actors via data breaches. … We previously covered how T-Mobile added a new “AI Profiling” toggle in their “Privacy Center” a little over a year ago. Now, along with the latest update to their Terms & Conditions at the end of June, there’s two new toggles to worry about, and one of them involves financial information. … T-Mobile’s “Privacy Center” contains all the on/off toggles necessary to opt-out of data collection. The toggles control how T-Mobile uses your personal information, and basically all of them are on by default (unless you’ve previously toggled them off). Now there are two new toggles to worry about, and here is what they do.
Section 3: Smaller Businesses and Nonprofits: A Discipline of Cybersecurity.
My Fast Company story of cyber-disruption and how to keep it from happening.
Apathy and indifference almost crippled a $100 million company: Here is the six‑step playbook that keeps it from happening to yours. … Sitting in his office updating next month’s sales plans and with dreams of a big bonus, Paul, the sales director of a small manufacturing company, heard the CFO yell from across the hallway.
Vulnerability management is a key cybersecurity discipline.
Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code: Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could permit an attacker to execute arbitrary code on the underlying operating system with elevated privileges. Tracked as CVE-2025-20337, the shortcoming carries a CVSS score of 10.0 and is similar to CVE-2025-20281, which was patched by the networking equipment major late last month.
CISA Warns of Fortinet FortiWeb SQL Injection Vulnerability Exploited in Attacks: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation of the SQL injection flaw in cyberattacks worldwide. The vulnerability, tracked as CVE-2025-25257, affects Fortinet’s FortiWeb web application firewall and carries a severe CVSS score of 9.6 out of 10.
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers: A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an "active, large-scale" exploitation campaign. … The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49706 (CVSS score: 6.3), a spoofing bug in Microsoft SharePoint Server that was addressed by the tech giant as part of its July 2025 Patch Tuesday updates.
Cybersecurity Nonprofit of the Week … National Cybersecurity Alliance
Kudos this week to the National Cybersecurity Alliance, a non-profit organization on a mission to create a more secure, interconnected world. The Alliance is an advocate for the safe use of technology, educating everyone on how we can protect ourselves, our families, and our organizations from cybercrime. They create strong partnerships between governments and corporations to amplify their message and to foster a greater “digital” good, encouraging everyone to do their part to prevent digital wrongdoing of any kind. As they say, the real solution to cybercrime isn’t technology, it’s all of us doing our part. Like SecureTheVillage, the National Cybersecurity Alliance is a member of Nonprofit Cyber, a coalition of implementation-focused cybersecurity nonprofits.
Section 4: Weekend Patch Report
Keeping your computers, smartphones, notepads and other devices patched and updated is #4 on SecureTheVillage's How Hackable Are You Guide. The following lists current versions of common software programs. Items in Bold have been updated. Updates are usually available from within the program. If not, updates can be downloaded from the company's website. Even as patching is increasingly automated, it's important to double-check that it's being done.
7-Zip updated to 25.00.
Adobe Acrobat Reader 25.001.20566
AVG 25.6.3385.
Apple iOS 18.5
Apple iPadOS 18.5
Apple macOS Sequoia 15.5
Apple macOS Sonoma 14.7.6
Apple macOS Ventura 13.7.6
Apple watchOS 11.5
Apple tvOS 18.5
Apple vision OS 2.5
Apple Safari 18.5
Brave updated to 1.80.122.
CCleaner 6.37.11523.
Chrome updated to 138.0.7204.158.
Discord updated to 1.0.9200.
Dropbox 228.4.5567.
Edge updated to 138.0.3351.95.
Evernote updated to 10.146.1.
ExpressVPN 12.103.0.22
Firefox 140.0.4.
Foxit Reader 2025.1.0.27937.
Google Drive for Desktop updated to 111.0.2.0.
iTunes 12.13.7.1.
KeePass 2 2.59.
Malwarebytes updated to 5.3.4.202.
Microsoft 365 & Office Updated.
Microsoft Windows .
Notepad++ 8.8.3.
OneDrive updated to 25.122.0624.0004.
Opera Chromium updated to 120.0.5543.93.
Spotify updated to 1.2.68.528.
Teams 25163.3611.3774.6315.
TeamViewer 15 15.67.5.
Thunderbird 140.0.1.
Zoom updated to 6.5.6.9328.