Why DNS Security Is Your First Defense Against Cyber Attacks?

While firewalls and antivirus software remain vital, DNS security is often overlooked—even though it's foundational to nearly every online interaction. The Domain Name System (DNS) acts as the internet's address book, but it was not designed with modern cybersecurity threats in mind. Because DNS queries occur constantly and are rarely encrypted or authenticated, they present an attractive target for attackers.

Common threats include DNS spoofing, hijacking, tunneling, and DDoS attacks—each capable of redirecting users, stealing data, or taking services offline. Securing DNS allows organizations to detect and block threats at the earliest possible stage, acting as both a sensor and a shield.

Providers like ClouDNS offer integrated protections such as DDoS mitigation, DNSSEC, encrypted DNS (DoH/DoT), and email authentication tools (SPF, DKIM, DMARC) to safeguard against these risks. In a landscape where DNS touches every digital transaction, prioritizing its security is no longer optional—it's fundamental.

Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud

Researchers have uncovered 20+ security risks in Salesforce Industry Cloud, including five CVEs tied to misconfigurations in components like FlexCards and Data Mappers. The most severe flaws could expose encrypted data, bypass field-level security, and allow unauthorized access to sensitive records.

Salesforce has released patches and updated documentation, but emphasizes that most issues result from customer-side configurations. Organizations subject to regulations like GDPR or HIPAA face heightened risk if these settings are not properly secured.

Separately, a SOQL injection vulnerability affecting all Salesforce deployments was disclosed and patched, with no signs of exploitation reported.

Together with Romasec
Unstoppable Bots & How We Fight Them

Join Yaniv Menasherov, Founder of Roma Security, as he reveals the battle against automated threats in the eCommerce industry.

In this insightful session, learn how his team tackled sophisticated bot attacks targeting one of Europe’s largest fashion retailers, ASOS.com.

Why are bots so difficult to stop in eCommerce?

The real-world challenges of defending high-traffic online platforms

Cutting-edge strategies used to mitigate automated threats

Whether you’re in cybersecurity, eCommerce, or tech,this session provides valuable insights into the evolving landscape of online fraud and protection.

New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

A new phishing campaign, dubbed SERPENTINE#CLOUD, uses Cloudflare Tunnel subdomains to deliver remote access trojans (RATs) like AsyncRAT and Revenge RAT. Attackers send invoice-themed emails with ZIP files containing malicious Windows shortcut (LNK) files. Once executed, these trigger a multi-stage infection chain involving obfuscated scripts and Python-based loaders that run entirely in memory.

The use of Cloudflare's temporary subdomains makes detection difficult and eliminates the need for attackers to host traditional infrastructure. The campaign targets users across the US, UK, Europe, and Asia.

Separately, another campaign known as Shadow Vector targets Colombian users via malicious SVG files, leading to similar malware infections. Meanwhile, ClickFix tactics—tricking users into clicking CAPTCHAs or "fix" prompts—are fueling a rise in drive-by compromises, proving that social engineering remains a highly effective attack method.

CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog

CISA has added two critical flaws to its Known Exploited Vulnerabilities catalog:

• CVE-2025-32433 (CVSS 10.0): A critical Erlang/OTP SSH flaw allowing unauthenticated remote code execution.

• CVE-2024-42009 (CVSS 9.3): An XSS flaw in Roundcube Webmail enabling attackers to steal emails via crafted messages.

Both are under active exploitation, though specific threat actors remain unconfirmed. Federal agencies must patch by June 30, 2025.

Separately, researchers disclosed an unpatched account takeover flaw (CVE-2025-31022) in the PayU CommercePro WordPress plugin. It affects versions ≤3.8.5 and may allow full site takeover. Users are urged to uninstall the plugin until a fix is released.

Censys reports over 2.4 million Roundcube instances online, highlighting the widespread exposure of vulnerable systems.

Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild

Microsoft’s June 2025 Patch Tuesday includes 67 fixes, with 11 critical vulnerabilities and a WebDAV zero-day (CVE-2025-33053, CVSS 8.8) under active exploitation. The flaw allows unauthenticated remote code execution via a crafted URL and is being used by Stealth Falcon, a threat group linked to past espionage attacks.

The group used phishing emails and shortcut files to deliver a new C++ malware, Horus Agent, leveraging legitimate tools like iediagcmd.exe to evade detection. CISA has added the flaw to its KEV catalog; federal agencies must patch by July 1, 2025.

Other notable vulnerabilities include:

• CVE-2025-47966 (CVSS 9.8): Privilege escalation in Power Automate.

• CVE-2025-33073: Privilege escalation via SMB, exploitable through a reflective Kerberos relay attack.

• CVE-2025-33071: Remote code execution in the KDC Proxy Service.

• CVE-2025-3052: Secure Boot bypass via signed UEFI apps, allowing pre-OS malware execution.

Organizations are urged to apply all updates promptly, especially those affecting authentication, remote access, and system integrity.

Wyze adds major security update to its security cameras after numerous security lapses

Wyze has released a major security update called VerifiedView, aimed at restoring user trust after multiple security lapses, including a 2023 AWS outage that exposed private camera feeds to other users. The new feature embeds a unique user ID into each camera during setup, stamping all captured media. Access is granted only if the viewing device's ID matches the embedded one.

The update is being rolled out to recent Wyze camera models via firmware updates, but older models like Wyze Cam Pan V1/V2 may not receive it due to hardware limitations. Wyze has not yet confirmed which models are included in the update rollout.

Before You Go, Here’s How We Can Collaborate

For Companies - Reach Cloud Security Leaders: Sponsor this newsletter to connect with a targeted audience focused on cloud security. Get Sponsorship Details

For Freelancers & Companies - Custom Partnerships: Explore marketing services, content creation, webinars, and more with SmartClouds. Discuss Collaboration

Contribute & Get Known With Cloud SecWeekly

I want practitioner’s content to be known for everyone, without having to care about social media or anything like that.

If this resonates with you, contact us