.png?width=1816&height=566&name=brandmark-design%20(83).png "Tech Channels - IT News, Resources & Insights")
The crowds might have been smaller and the weather hot at last week’s BlackHat conference in Las Vegas, but the news cycle was hotter.
Exchange Server Flaw Allows Connected Cloud Access Without Leaving a Trace
A Microsoft advisory for a high-severity vulnerability warns that attackers could exploit it to gain elevated privileges to on-premises Exchange Server and “potentially escalate privileges within the organization’s connected cloud environment.” And they’ll be able to do so “without leaving easily detectable and auditable traces." But there are limitations---a miscreant must already have administrative privileges to an Exchange Server. The advisory was revealed during a BlackHat presentation by Outsider Security’s Dirk-jan Mollema, who is credited with reporting CVE-2025-53786, which was given a CVSS score of 8.0.
"If you've previously configured Exchange hybrid or OAuth authentication between Exchange Server and your Exchange Online organization but no longer use it, make sure to reset the service principal's keyCredentials,” the advisory said. The Cybersecurity and Infrastructure Security Agency (CISA) issued a warning of its own, urging “organizations to implement Microsoft’s Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability guidance…or risk leaving the organization vulnerable to a hybrid cloud and on-premises total domain compromise.”
Zero-day in SonicWall Firewalls May Be Behind Spate of Ransomware Attacks
After a numerous security researchers became concerned that a bevy of ransomware attacks beginning in July were the result of a zero-day vulnerability in SonicWall Gen 7 firewalls impacting SSL VPN protocol, SonicWall urged its customers in a blog post to disable encryption services on the firewalls.
The company doesn’t know if a previously disclosed flaw is being exploited by ransomware players or if the culprit is a zero-day vulnerability. But SonicWall said an ongoing investigation has yet to determine if the attacks involve a previously disclosed vulnerability or a zero-day. Bret Fitzgerald, senior director of global communications at SonicWall, told CyberScoop, “If a new vulnerability is confirmed, we will release updated firmware and guidance as quickly as possible.”
ShinyHunters Hits Google Through Salesforce Ploy
Google’s Salesforce instance was the target of ShinyHunters, which used it to nick corporate data. It’s the latest in a string of attacks by what is being referred to as the UNC6040 affiliate of the cybercrime collective aimed at big name companies like Cisco, Louis Vuitton and Addidas and revolving around the Salesforce application. The scheme involves heavy social engineering of employees at those organizations, with the hackers posing as company IT professionals and manipulating them into installing a “Salesforce application,” which turns out to be a Trojan Horse.
While ShinyHunters, which wreaked havoc last year in major companies using a similar ploy involving Snowflake, has distinguished itself with low-tech but impactful attacks, DarkReading pointed out, the collective has undergone an evolution in its tactics, techniques, and procedures (TTPs). And the group shows no sign of letting up. “We believe threat actors using the ‘ShinyHunters’ brand may be preparing to escalate their extortion tactics by launching a data leak site (DLS). These new tactics are likely intended to increase pressure on victims, including those associated with the recent UNC6040 Salesforce-related data breaches,” Security Week quoted Google as saying.
Layoffs across the tech industry hit 100,000 personnel in the first half of 2025
AI is beginning to take its toll on the workforce, responsible in part for a spate of layoffs this year. Intel’s recent plan to cut another 25,000 jobs by the end of 2025 is among the latest in the spate of headlines this year in an industry that had already cut 100,000 jobs by the end of July 2025. Microsoft is following closely behind, cutting 10,000 jobs in 2025, while Meta has sliced 8,000 workers from its roster despite its increasing investment in new data center infrastructure.
Unsurprisingly, advancement in AI technologies is the main driver of this massive global restructuring of the workforce, though not exactly for reasons that many people assume. Far from being a cyclical downturn characterized by increasing automation that eliminates the need for human labor, the layoffs represent a strategic shift away from traditional software roles to an AI-centric talent model. Big tech companies, along with their smaller counterparts, aren’t just shrinking; they’re restructuring by refocusing talent acquisition on AI-specialized roles.
GPT-5 Security Falls Short, Red Teamers Find
It only took security researchers 24 hours to jailbreak GPT-5—that’s half the time it took them to do the same with Grok-4, shining a harsh light on the security shortcoming of popular AI models.
“GPT-5’s raw model is nearly unusable for enterprise out of the box,” a Security Week report cites researchers from SPLX as saying. The same report points to assessments from researchers at NeuralTrust, which explained they “in controlled trials against gpt-5-chat,” they “successfully jailbroke the LLM, guiding it to produce illicit instructions without ever issuing a single overtly malicious prompt.” The researchers noted the “proof-of-concept exposes a critical flaw in safety systems that screen prompts in isolation, revealing how multi-turn attacks can slip past single-prompt filters and intent detectors by leveraging the full conversational context.”
Cybersecurity Budget Growth Slows As Attack Surfaces Expand
Cybersecurity budgets grew only about four percent this year compared to eight percent in 2024, new research shows.
IANS Research in conjunction with executive search firm Artico Search found that the portion of IT budgets spent on cybersecurity also dipped—from 11.9 percent last year to 10.9 percent in 2025. While the percentage drop seems small, it is a pivot from previous years when the portion of IT budgets allocated to cybersecurity has risen. CISOs are feeling the pinch of staff shortages, the study found. A vast majority—89 percent of the 587 CISOs surveyed—don’t have adequate staffing. These shortages and budget growth slowdown come as a Security Boulevard report notes, attack surfaces continue to expand.
