In today’s cybersecurity news…
Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks
Europol shut down six DDoS-for-hire services—cfxapi, cfxsecurity, neostress, jetstress, quickdown, and zapcut—linked to global attacks on schools, businesses, and government sites. Polish authorities arrested four suspects, and the U.S. seized nine related domains. These platforms let users launch attacks for as little as €10 via sleek interfaces. QuickDown, one of the services, combined botnets and dedicated servers to scale operations.
CrowdStrike says it will lay off 500 workers
CrowdStrike is laying off 500 employees—about 5% of its workforce—as part of a shift to hit a $10B annual recurring revenue target. CEO George Kurtz told staff the move will help CrowdStrike move faster and maintain its cybersecurity leadership. The company previously faced backlash after a faulty software update disrupted 8.5M Windows devices globally.
Passkeys Set to Protect GOV.UK Accounts Against Cyber-Attacks
The UK will replace SMS-based two-factor authentication with passkeys across GOV.UK services by the end of this year, to boost security and reduce friction for users. The National Cyber Security Centre is rolling out passkey support for its platform, and the NHS already uses them. The move was announced at CYBERUK 2025, and follows the UK joining the FIDO Alliance to support passwordless authentication standards.
Masimo says cyberattack has impacted its ability to fulfill orders
Masimo, maker of patient monitoring devices, is investigating an April cyberattack that disrupted its manufacturing systems and ability to fulfill orders. The company says its on-premises systems were affected, but there’s no evidence the attack reached its cloud infrastructure. Masimo says it’s working with law enforcement and third-party experts and does not expect the incident to impact its 2025 earnings guidance.
Thanks to today’s episode sponsor, ThreatLocker
OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws
Security researcher at Wordfence released details about two vulnerabilities in the OttoKit (formerly SureTriggers) WordPress plugin, which has over 100,000 installs. The main flaw allows unauthenticated attackers to escalate privileges due to missing checks in the code. An analysis by Patchstack found evidence that attempts to exploit the vulnerabilities began within 91 minutes after disclosure (SEE UPDATE BELOW). Wordfence advises users to update to version 1.0.83 immediately to mitigate risks.
UPDATE, JULY 14, 2025: OttoKit released a statement saying there is no evidence of real-world exploitation related to CVE-2025-27007 or CVE-2025-3102, the vulnerabilities mentioned in our coverage above. The issue was responsibly reported, patched within hours, and users were force-updated to version 1.0.83. You can read their full official statement here.
CISA warns of hackers targeting critical oil infrastructure
CISA, along with the FBI, EPA, and DOE, has warned that unsophisticated attackers are targeting industrial control systems in the U.S. oil and natural gas sectors. Agencies have urged infrastructure operators to disconnect public-facing OT systems, use strong credentials, implement VPNs with phishing-resistant MFA, and separate IT/OT networks, also stressing the need for testing manual fail-safes and coordinating with third-party providers for system-specific protections.
Telemessage stores plaintext chat logs per security researchers, Senator demands DOJ investigate, Telemessage suspends services
TeleMessage, a federal contractor that sold a modified version of Signal called TM SGNL to senior US officials, can reportedly access plaintext chat logs—despite marketing claims suggesting end-to-end encryption. Security researcher Micha Lee analyzed the app’s Android source code and found it insecure, confirming TeleMessage’s access. The company was recently hacked twice, leaking sensitive data and prompting it to suspend operations. Senator Ron Wyden has now called for a DOJ investigation, citing the app as a potential national security threat due to its insecure design and foreign ties.
Poland accuses Russia of ‘unprecedented’ interference ahead of presidential election
Poland’s digital affairs minister accused Russia of launching an “unprecedented” campaign to disrupt the country’s upcoming presidential election through disinformation and cyberattacks on critical infrastructure. Minister Krzysztof Gawkowski said attacks have more than doubled this year and warned that Polish citizens who aid Russian efforts will face criminal charges. The warning follows similar concerns in Romania, where pro-Kremlin hackers targeted government sites during a recent election. Russia has denied all allegations of election interference in both countries. Poland’s election is set for May, with a possible runoff June 1.