{"id":20195,"date":"2025-08-11T13:38:05","date_gmt":"2025-08-11T11:38:05","guid":{"rendered":"https:\/\/kordon.app\/?p=20195"},"modified":"2025-08-11T13:38:05","modified_gmt":"2025-08-11T11:38:05","slug":"11-cybersecurity-news-worth-your-attention-this-week-summarised-11-08-2025","status":"publish","type":"post","link":"https:\/\/kordon.app\/et\/11-cybersecurity-news-worth-your-attention-this-week-summarised-11-08-2025\/","title":{"rendered":"11 Cybersecurity News Worth Your Attention this Week Summarised \u201311\/08\/2025"},"content":{"rendered":"<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>This week&#8217;s news were dominated by cool and interesting research from BlackHat USA. I am also happy to see interesting AI developements on the detection and defecne side of things. Agents for the good in cybersecurity for a change! <\/p>\n\n\n\n<p><p style=\"font-size: 0.8em\">P.S. Scroll down to subscribe to this weekly summary as an e-mail. <\/p><\/p>\n\n\n\n<p><p style=\"font-size: 0.8em\"><em>P.P.S. Got some feedback that the last summary was tooooo long, so I&#8217;ll try to wrap it up with up to 15 news items per week from now on. If anyone has any other feedback, please let me now!<\/em><\/p><\/p>\n<\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">1. Researchers Uncover RCE Attack Chains in HashiCorp Vault and CyberArk Conjur<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">Security researchers identified <strong>14 logic flaws in HashiCorp Vault and CyberArk Conjur that allow unauthenticated actors to bypass authentication, impersonate identities, and execute arbitrary code<\/strong>. These vulnerabilities strike at the heart of credential management systems\u2014often called \"the keys to the kingdom\" and could lead to full infrastructure compromise if left unpatched.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cyata discovered attack chains <strong>affect both open-source Vault and Conjur.<\/strong><\/li>\n\n\n\n<li>Vendors have released patches and security bulletins; detailed disclosures are now public.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Immediately <strong>upgrade Vault and Conjur <\/strong>to patched versions.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong> <a href=\"https:\/\/www.csoonline.com\/article\/4035274\/researchers-uncover-rce-attack-chains-in-popular-enterprise-credential-vaults.html\">CSO Online<\/a>, <a href=\"https:\/\/cyata.ai\/vault-fault\">Cyata<\/a>, <a href=\"https:\/\/discuss.hashicorp.com\/t\/hcsec-2025-22-multiple-vulnerabilities-impacting-hashicorp-vault-and-vault-enterprise\/76096\">HashiCorp<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">2. Microsoft Unveils Project Ire for Autonomous Malware Reverse Engineering<\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Microsoft\u2019s Project Ire is an autonomous AI agent that reverse engineers and classifies software threats without prior signatures, achieving 0.98 precision and 0.83 recall on Windows drivers and automatically blocking an APT sample in testing.<\/strong> <br><br>It combines low-level binary analysis tools (angr, Ghidra) with large language models to <strong>generate a human-readable \"chain of evidence\"<\/strong>, aiming to reduce alert fatigue and speed triage. <\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Reconstructed control-flow graphs via angr and Ghidra to analyze binary behavior<\/li>\n\n\n\n<li>Flagged 90% of 4,000 \u201chard-target\u201d malicious files with a 4% false-positive rate<\/li>\n\n\n\n<li>First Microsoft reverse engineer\u2014human or AI\u2014to auto-block a confirmed APT sample<\/li>\n\n\n\n<li>Not available to the public but will be used inside the Microsoft Defender organisation<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong> <a href=\"https:\/\/www.csoonline.com\/article\/4035728\/project-ire-microsofts-autonomous-ai-agent-that-can-reverse-engineer-malware.html\">CSO Online<\/a>, <a href=\"https:\/\/www.microsoft.com\/en-us\/research\/blog\/project-ire-autonomously-identifies-malware-at-scale\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Research Blog<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">3. Active Exploitation of Zero-Day RCE in Trend Micro Apex One<\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Trend Micro<\/strong> warns that a critical command-injection flaw (CVE-2025-54948\/54987) in its Apex One Management Console is being <strong>actively exploited to achieve remote code execution. <\/strong><br><strong>While a full patch is due mid-August, <\/strong>Trend Micro has released<strong> a temporary mitigation tool<\/strong>\u2014at the cost of disabling remote agent installs\u2014and urges tighter console access controls immediately.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The vulnerability allows pre-auth <strong>attackers to run arbitrary code<\/strong> on unpatched Apex One servers.<\/li>\n\n\n\n<li>Trend Micro has observed <strong>at least one live exploitation attempt in customer environments.<\/strong><\/li>\n\n\n\n<li><strong>Temporary mitigation disables the Remote Install Agent feature until the August patch.<\/strong><\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Apply Trend Micro\u2019s mitigation tool to block exploitation attempts.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/trend-micro-warns-of-endpoint-protection-zero-day-exploited-in-attacks\/\">Bleeping Computer<\/a>, <a href=\"https:\/\/success.trendmicro.com\/en-US\/solution\/KA-0020652\">Trend Micro Advisory<\/a>, <a href=\"https:\/\/www.jpcert.or.jp\/english\/at\/2025\/at250016.html\">JPCERT\/CC Alert<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">4. MCPoison Attack Exploits Cursor IDE\u2019s MCP Validation for Persistent Code Execution<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">A critical flaw (CVE-2025-54136) in <strong>Cursor IDE\u2019s Model Context Protocol<\/strong> (MCP) trust model lets attackers swap benign, approved MCP configs for malicious commands without re-prompting users. <strong>This \"MCPoison\" technique enables silent, persistent remote code execution every time the IDE launches.<\/strong> <\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The vulnerability resides in .cursor\/rules\/mcp.json entries, binding trust to MCP names only.<\/li>\n\n\n\n<li><strong>Attackers commit a harmless MCP file, gain one-time user approval, then swap in payloads (e.g., reverse shells) later.<\/strong><\/li>\n\n\n\n<li>Check Point Research demonstrated an auto-executing reverse shell on every IDE launch.<\/li>\n\n\n\n<li>Cursor IDE 1.3 (released July 29, 2025) now prompts for approval on any MCP configuration change.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Upgrade all Cursor IDE instances to version 1.3 or later immediately.<\/li>\n\n\n\n<li>Audit repositories for existing .cursor\/rules\/mcp.json entries and review their approval history.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/cybersecuritynews.com\/mcpoison-attack\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Cybersecurity News<\/a>, <a href=\"https:\/\/research.checkpoint.com\/2025\/cursor-vulnerability-mcpoison\/\">Check Point Research<\/a>, <a href=\"https:\/\/github.com\/cursor\/cursor\/security\/advisories\/GHSA-24mc-g4xr-4395\">Github<\/a><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">5. New \u201cWin-DDoS\u201d Technique Turns Public Domain Controllers Into Unwitting DDoS Botnets via LDAP Referrals<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">SafeBreach researchers have discovered <strong>\u201cWin-DDoS\u201d<\/strong>, a method that abuses Windows RPC and LDAP referral processes to enlist thousands of publicly exposed domain controllers in <strong>volumetric DDoS attacks without credentials or malware. <\/strong><br><br><strong>Four related unauthenticated denial-of-service flaws<\/strong> have also been identified and patched in Windows LSASS, Netlogon, LDAP and Print Spooler components. <\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Win-DDoS leverages an unauthenticated RPC trigger to make DCs issue CLDAP requests, which are redirected via crafted LDAP referrals at the attacker\u2019s server.<\/li>\n\n\n\n<li>Referred servers l<strong>oop through long URL lists, repeatedly querying a target IP and port, generating sustained high-volume traffic.<\/strong><\/li>\n\n\n\n<li>Researchers also detailed \u201cTorpeDoS,\u201d a high-efficiency RPC-based DoS that mimics a DDoS from a single host, and three new zero-click DoS flaws.<\/li>\n\n\n\n<li><strong>Microsoft has released fixes <\/strong>for CVE-2025-26673, CVE-2025-32724, CVE-2025-49716 (all CVSS 7.5), and CVE-2025-49722 (CVSS 5.7) between May and July 2025.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Isolate or remove publicly reachable domain controllers immediately.<\/li>\n\n\n\n<li>Deploy Microsoft\u2019s May\u2013July 2025 security updates for LDAP, LSASS, Netlogon and Print Spooler.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong> <a href=\"https:\/\/thehackernews.com\/2025\/08\/new-win-ddos-flaws-let-attackers-turn.html\">The Hacker News<\/a>, <a href=\"https:\/\/www.safebreach.com\/blog\/win-dos-epidemic-abusing-rpc-for-dos-and-ddos\/\">SafeBreach Blog<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">6. AWS ECS &#8220;ECScape&#8221; Flaw Enables Lateral IAM Role Hijacking<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">At <strong>Black Hat USA 2025,<\/strong> researcher <strong>Naor Haziz<\/strong> revealed <strong>ECScape<\/strong> \u2014 <strong>a new privilege escalation in EC2-backed Amazon ECS that lets a low-privilege container steal IAM credentials<\/strong> from co-located tasks via an undocumented WebSocket channel (ACS) and the EC2 Instance Metadata Service (IMDS).<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Attack steps: <\/strong>read instance role via IMDS \u2192 impersonate ECS agent over ACS WebSocket \u2192 intercept other task IAM creds.<\/li>\n\n\n\n<li><strong>Stolen credentials operate as the victim\u2019s role, so CloudTrail logs show legitimate task activity.<\/strong><\/li>\n\n\n\n<li><strong>Issue affects EC2-backed ECS only;<\/strong> AWS Fargate tasks run in isolated micro-VMs and are not vulnerable.<\/li>\n\n\n\n<li>Sweet Security published PoC on GitHub and demo video; CVE pending.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Restrict or disable IMDS access for untrusted ECS tasks.<\/li>\n\n\n\n<li>Consider migrating critical services to AWS Fargate for stronger isolation.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong> <a href=\"https:\/\/www.csoonline.com\/article\/4036655\/ecscape-new-aws-ecs-flaw-lets-containers-hijack-iam-roles-without-breaking-out.html\">CSO Online<\/a>, <a href=\"https:\/\/www.sweet.security\/blog\/hijacking-privileges-in-the-cloud-breaking-role-boundaries-in-amazon-ecs\">Sweet Security Blog<\/a>, <a href=\"https:\/\/github.com\/naorhaziz\/ecscape\">GitHub<\/a><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">7. Zero-Click Prompt Injection Attacks Compromise Enterprise AI Agents<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">Researchers from Zenity demonstrated<strong> \"AgentFlayer,\" a series of zero- and one-click prompt injection exploits against AI agents<\/strong> \u2014 including ChatGPT, Microsoft Copilot Studio, and Cursor \u2014 <strong>to silently harvest credentials,exfiltrate internal documents, and leak conversation history without user interaction.<\/strong> <\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Impacted platforms include<\/strong> <strong>ChatGPT<\/strong> Connectors, <strong>Copilot<\/strong> Studio custom agents, <strong>Cursor<\/strong> with <strong>Jira<\/strong> <strong>MCP<\/strong>, <strong>Salesforce<\/strong> Einstein, Google <strong>Gemini<\/strong> and Microsoft <strong>Copilot<\/strong>.<\/li>\n\n\n\n<li>Attackers embed hidden prompts in documents or tickets that AI agents execute, <strong>then exfiltrate data via image-loading URLs or automated emails.<\/strong><\/li>\n\n\n\n<li>Zenity bypassed OpenAI\u2019s url_safe filter by leveraging Azure Blob storage and its logging to capture URL parameters carrying API keys.<\/li>\n\n\n\n<li>Proof-of-concept chains also extract active chat history, agent configurations and CRM records without any human click.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Audit AI agent connectors<\/strong> and remove unnecessary third-party integrations.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong> <a href=\"https:\/\/www.csoonline.com\/article\/4036868\/black-hat-researchers-demonstrate-zero-click-prompt-injection-attacks-in-popular-ai-agents.html\">CSO Online<\/a>, <a href=\"https:\/\/labs.zenity.io\/p\/agentflayer-chatgpt-connectors-0click-attack-5b41\">Zenity Labs report<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">8. Bouygues Telecom Data Breach Exposes Personal and IBAN Details of 6.4 Million Customers<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">On August 4,<strong> Bouygues Telecom (France) confirmed attackers accessed contact, contract and IBAN data for 6.4 million customers, <\/strong>though no passwords or credit card numbers were stolen.  The exposure of IBANs increases fraud risk and regulatory scrutiny for the carrier.  <\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Breached data: names, addresses, phone numbers, contract details, IBANs<\/li>\n\n\n\n<li>No login credentials or payment card data compromised<\/li>\n\n\n\n<li>Both consumer and business customer records affected<\/li>\n\n\n\n<li>Company filed complaint in France; perpetrators face up to five years\u2019 jail<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong> <a href=\"https:\/\/www.corporate.bouyguestelecom.fr\/archives-communique-presse\/bouygues-telecom-annonce-avoir-ete-victime-dune-cyberattaque\/\">Bouygues Telecom<\/a>, <a href=\"https:\/\/hackread.com\/bouygues-telecom-cyberattack-6-4m-customers-affected\/\">Hackread.com<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">9. EU&#8217;s Media Freedoms Act Takes Effect with Limited Spyware Safeguards<\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>The European Media Freedoms Act (EMFA)<\/strong> took effect on Friday, <strong>outlawing most forms of state surveillance on journalists\u2019 devices<\/strong>. It\u2019s a landmark move after years of scandals where spyware was used to track reporters, compromise sources, and erode editorial independence. <strong>The fact that EMFA is an EU-wide regulation means it applies instantly and uniformly across all member states.<\/strong> That closes the door on governments stalling or watering it down \u2014 and <strong>countries that ignore it risk court action, heavy fines, and even losing EU funds.<\/strong><\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>EMFA adopted March 2024; <strong>effective as of August 8th across EU.<\/strong><\/li>\n\n\n\n<li>June 2023 European Council amendments allow more spyware use under \u201cessential state functions.\u201d<\/li>\n\n\n\n<li>Press groups warn member states haven\u2019t updated domestic laws to comply.<\/li>\n\n\n\n<li>Recent incidents: Italy\u2019s Paragon spyware targeting journalists; past cases in Spain, Greece, Hungary.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong> <a href=\"https:\/\/therecord.media\/eu-law-to-protect-journalists-from-spyware-takes-effect\">The Record<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">10. Typosquatted PyPI Packages Drain Bittensor Wallets via Malicious Staking Code<\/h2>\n\n\n\n<pre class=\"wp-block-verse\"><strong>Attackers published five lookalike PyPI packages mimicking \"Bittensor\" to intercept staking operations.<\/strong> Injected code in the stake_extrinsic function <strong>forces full-wallet transfers to an attacker-controlled address<\/strong> without user prompts.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Five typosquatted packages to mimmic &#8220;bittensor&#8221; package:<\/strong> bitensor (missing t), bittenso-cli (missing r), qbittensor, bitensor (missing t, extra e), bittenso (missing r) released within 25 minutes on August 6, 2025.<\/li>\n\n\n\n<li><strong>Version numbers<\/strong> 9.9.4 and 9.9.5 <strong>chosen to mirror legitimate Bittensor package releases.<\/strong><\/li>\n\n\n\n<li>Malicious code inserted at line 275 of add.py sets <code>transfer_all=True<\/code> ja <code>prompt=False<\/code>, draining entire wallets.<\/li>\n\n\n\n<li>GitLab\u2019s automated package-monitoring system flagged the campaign and prompted investigation.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Deploy supply-chain scanners to detect typosquatted PyPI packages.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong> <a href=\"https:\/\/cybersecuritynews.com\/typosquatted-pypi-packages-steal-from-bittensor-wallets\/\">CybersecurityNews.com<\/a>, <a href=\"https:\/\/about.gitlab.com\/blog\/gitlab-uncovers-bittensor-theft-campaign-via-pypi\/\">GitLab<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">11. New AD Lateral Movement Techniques Bypass MFA to Compromise Microsoft 365 Services<\/h2>\n\n\n\n<pre class=\"wp-block-verse\">At<strong> Black Hat USA 2025<\/strong>, researchers showed how <strong>attackers with full on-prem Active Directory control<\/strong> can use policy manipulation and Exchange hybrid certs to <strong>gain stealthy, MFA-free access to Microsoft 365<\/strong>. These methods <strong>let them impersonate any user<\/strong>, including Global Admins, <strong>without triggering logs<\/strong>, enabling full compromise of Exchange Online, SharePoint, and Entra ID in hybrid setups.<\/pre>\n\n\n\n<p><strong>Key Details<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OnPremAuthenticationFlowPolicy injection lets adversaries create RC4-encrypted Kerberos tickets that bypass MFA.<\/li>\n\n\n\n<li><strong>Exchange hybrid certificate theft<\/strong>: Exported certs can request unsigned S2S tokens with <em>trustedfordelegation<\/em>, valid for 24h, non-revokable, and invisible to logging.<\/li>\n\n\n\n<li><strong>Issued tokens <\/strong>leverage the <em>trustedfordelegation<\/em><strong> claim to impersonate any user for 24 hours and cannot be revoked.<\/strong><\/li>\n\n\n\n<li>Microsoft blocked some token abuse in Aug 2025; Exchange\/SharePoint impersonation fix expected Oct 2025.<\/li>\n<\/ul>\n\n\n\n<p><strong>Next Steps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Audit OnPremAuthenticationFlowPolicy <\/strong>for unauthorized key entries.<\/li>\n\n\n\n<li><strong>Review Exchange hybrid certificate usage <\/strong>and unexpected S2S token requests.<\/li>\n\n\n\n<li><strong>Enable hard matching in Entra ID Connect<\/strong> to prevent silent account takeovers.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more at<\/strong> <a href=\"https:\/\/cybersecuritynews.com\/active-directory-authentication-bypass\/\" target=\"_blank\" rel=\"noopener\" title=\"\">CybersecurityNews.com<\/a>, <a href=\"https:\/\/www.blackhat.com\/us-25\/briefings\/schedule\/#advanced-active-directory-to-entra-id-lateral-movement-techniques-46500\" target=\"_blank\" rel=\"noopener\" title=\"\">Black Hat USA 2025 Briefing<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Subscribe<\/h2>\n\n\n                <div class=\"ml-embedded\" data-form=\"pKq7EM\"><\/div>\n            \n\n\n\n<p><\/p>","protected":false},"excerpt":{"rendered":"<p>Summary of Latest cybersecurity news first  week of August 2025.<\/p>","protected":false},"author":1,"featured_media":20271,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[],"class_list":["post-20195","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts\/20195","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/comments?post=20195"}],"version-history":[{"count":62,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts\/20195\/revisions"}],"predecessor-version":[{"id":20270,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/posts\/20195\/revisions\/20270"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/media\/20271"}],"wp:attachment":[{"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/media?parent=20195"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/categories?post=20195"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kordon.app\/et\/wp-json\/wp\/v2\/tags?post=20195"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}