Cybersecurity Weekly Recap: July 14–20, 2025

Cl0p Ransomware Hits PokerStars in Massive Data Breach

PokerStars, a giant in online gaming, suffered a major breach after the Cl0p ransomware group exploited a MOVEit zero-day vulnerability. Attackers accessed and leaked the sensitive information of 110,000 customers, including social security numbers, names, and addresses. PokerStars has since ended its use of the compromised file transfer solution and is reaching out to affected users.

Disney Reels from NullBulge Slack Data Leak

Disney is under fire this week as the hacking group NullBulge allegedly accessed and leaked 1.2 terabytes of internal Slack data. Investigations point to sophisticated cookie-hijacking tactics, reigniting discussion around insider communication risks and the need to secure session management practices.

Credential Compilation Leak Exposes 16 Billion Accounts

Security researchers have discovered a massive trove of over 16 billion user credentials now circulating online. These credentials come from years of prior data breaches—a timely reminder of why unique passwords and multi-factor authentication are non-negotiable for personal security.

Surge in Zero-Day Vulnerabilities

This past week brought urgent disclosures of severe vulnerabilities:

• Grafana Zero-Day Flaws: New vulnerabilities in Grafana dashboards may allow attackers to redirect users or execute code. Immediate patching is advised.

• FortiWeb Exploited: Public proof-of-concept code has led to active attacks on unpatched FortiWeb appliances. IT teams are rushing to update software and inspect system logs.

• Microsoft SharePoint (CVE-2025-53770): Live exploits threaten SharePoint deployments as the official patch remains delayed. Security teams are urged to bolster detection and begin threat hunting.

International Crackdown on Ransomware Operations

Authorities announced the arrest of more than a thousand individuals connected to ransomware and DDoS attacks, spanning five jurisdictions. The sweeping operation is expected to disrupt several high-profile ransomware and cybercrime syndicates.

Ongoing Trends and Insights

• AI-Driven Attacks on the Rise: Cybercriminals are leveraging artificial intelligence to create deepfakes and ultra-convincing phishing lures, easily bypassing conventional defenses.

• Zero Trust Security Gains Ground: More organizations are adopting zero trust security frameworks, featuring continuous authentication and restricted access.

• Persistent Cloud and Container Threats: Vulnerabilities due to misconfigured cloud services and weakly secured containers remain a frequent path for attackers, stressing the need for embedded security in DevOps practices.

Notable Incidents Table

Behind every alert, there’s a very real human impact—IT teams scrambling to patch, employees restoring systems, and customers left anxious about their data. One nonprofit director recounted, “We followed our response plan, relied on up-to-date backups, and refused to pay. Preparation made the difference.” Their experience is a testament to how readiness and training are vital protection against devastating attacks.

Tips for Readers

• Update Regularly: Many major breaches this week were preventable with timely patching.

• Strengthen Passwords: Use a password manager to ensure unique, complex credentials. Add multi-factor authentication wherever possible.

• Practice Your Response: Incident response plans are only as good as your training—regularly rehearse them to ensure you’re ready should disaster strike.

This week’s stories showcase the pace of change—new technologies, new risks, but also new collaborations and defenses. Stay vigilant, keep informed, and make cybersecurity part of your everyday routine.

Stay tuned for next week’s recap. Until then, stay secure and make cybersecurity a daily conversation.