SecurityWeek’s cybersecurity news roundup for July 4, 2025 provides a concise compilation of noteworthy stories.

A critical vulnerability (CVE-2025-20309) in Cisco's Unified CM and Unified CM SME communication management software could ...

North Korean hackers are using fake Zoom invites to install ‘NimDoor’ malware — a rare Nim-compiled backdoor targeting macOS ...

Australian airline Qantas says personal information stolen from systems hosting the service records of 6 million customers.

The key tool for surviving ransomware, or any attack scenario, is an incident response (IR) plan that is comprehensive, ...

Forty-one cybersecurity merger and acquisition (M&A) deals were announced in June 2025 and added to SecurityWeek tracker.

A vulnerability in the Forminator WordPress plugin allows attackers to delete arbitrary files and take over impacted websites ...

CISA says two more vulnerabilities in the messaging application TeleMessage TM SGNL have been exploited in the wild.

CISA has informed organizations about critical authentication bypass and remote code execution vulnerabilities in Microsens ...

The US government is again warning about potential Iranian cyberattacks as researchers find that hackers’ favorite ICS ...

Microsoft will preview new Windows endpoint security platform capabilities to help vendors create security solutions that run ...

Many Citrix NetScaler systems are exposed to attacks exploiting the vulnerabilities tracked as CVE-2025-5777 and ...