Good Morning Security Gang!

Coming to you live from Israel, fully caffeinated and fully acclimated, it's Thursday, July 17th, 2025. Today’s episode is a masterclass in just how expensive cybercrime has become — not just in dollars, but in operational downtime, reputational hits, and yes, government embarrassment.

From United Natural Foods losing almost half a billion to Cambodia cracking down on over a thousand cybercriminals in one week, today’s episode pulls no punches.

So grab that espresso (double shot if you’ve got it), and let's get into it.

🔍 Today's Headlines

🥦 United Natural Foods: $400M Loss from Cyberattack

The Whole Foods distributor — and Amazon’s grocery lifeline — revealed that the June 2025 cyberattack is going to cost the company between $350M to $400M in lost net sales. That doesn’t even include potential insurance proceeds. The SEC filing confirms the breach hit their IT systems hard. With 30,000 retail partners and $30B in annual revenue, this breach cost about 1.3% of their annual sales — a gut punch to operations and a wake-up call for boardrooms everywhere.

“Recovery costs are just part of the equation. Losing customers in the downtime? That’s where the real pain lives.” James Azar

🛒 Co-op UK: 6.5M Members’ Data Stolen

DragonForce ransomware hit the UK-based Co-op, exfiltrating personal data for all 6.5 million members. The breach not only exposed names and info but caused visible disruption, with empty shelves across stores. CEO Shirine Khoury-Haq publicly owned the incident — rare and commendable. But the price tag of this event is going to echo for a long time, especially across a cooperative that spans groceries, funerals, insurance, and more.

🇨🇳 China Targets Taiwan’s Chip Supply Chain

Three Chinese state-sponsored threat groups (UNKFistBump, DropPitch, and SparkyCarp — I know, the names get weirder every year) are actively targeting Taiwan’s semiconductor sector. From spear-phishing fake resumes with LNK payloads to deploying malware like Voldemort and CobaltStrike, they’re hitting every node — design, testing, and financial analysis. Why? Because chips are the new oil.

🧠 Cloudflare Outage: Not a Hack

When Cloudflare’s 1.1.1.1 DNS resolver went down, rumors flew. Was it a BGP hijack? China? Hackers? Nope. It was… wait for it… an internal config mistake. A misfire, not a missile. A helpful reminder: not everything is a cyberattack. Sometimes it’s just Bob fat-fingering the command line.

"Never underestimate incompetence. Never underestimate incompetence. Yeah, conspiracy's fun... but incompetence is significant, folks." - James Azar On the Cloudflare outage and attribution assumptions

🏛️ Senate Intelligence Committee Moves to Set Cybersecurity Baselines

In a post-Salt Typhoon world, Congress is starting to get serious. The Senate Intel Committee approved a bill to create baseline security requirements for telecom providers. It also bumps funding across the 18 (yes, 18!) intelligence agencies for cyber-focused initiatives. Now imagine if we just applied these minimums to all critical infrastructure. Trillions in potential savings, folks and selfishly more cybersecurity spending to get it done faster.

🔐 Cisco and Fortinet Slammed with New Critical Flaws

Cisco’s Identity Services Engine (ISE) and Fortinet’s FortiWeb were hit with fresh 10.0 CVEs. Fortinet’s web shells have already infected dozens of systems in the US and abroad. FortiWeb versions 7.x and Cisco ISE 3.3/3.4 are affected. Patch now — or prepare to be botnet real estate.

💽 Oracle Drops 309 Patches — 127 Are Remote Exploits

If you’re running anything Oracle — from MySQL to Fusion Middleware — check your inventory. The July 2025 Critical Patch Update (CPU) dropped with over 309 fixes, including 127 remotely exploitable vulnerabilities. Don’t put this off till next quarter.

👤 Meta Faces $8B Shareholder Lawsuit Over Privacy Failures

Facebook’s 2018 sins with Cambridge Analytica are still haunting them. Shareholders have filed an $8 billion class-action lawsuit against Mark Zuckerberg and the board, citing failure to disclose the true risk and continued violation of FTC consent orders.

Shareholders say Facebook officials repeatedly violated the 2012 FTC consent order. The fallout led to Facebook paying a $5.1 billion FTC penalty and $725 million privacy settlement with users in Europe. Now shareholders want Zuckerberg and others to reimburse Meta for the FTC fight and other legal costs, estimated around $8 billion. 7 Years later and it continues…

🧬 SonicWall Targeted by UNC-6148 with New Malware

Google’s TAG flagged a threat actor using new malware to hit SonicWall Secure Mobile Access appliances. The malware enables data theft, ransomware, and extortion. While attribution is fuzzy, the campaign has been active since October 2024, and it smells very much like a profit-motivated group — or a clever state-op hiding behind one.

🇰🇭 Cambodia Arrests 1,000+ Cybercrime Suspects in a Week

Let’s end on a wild one. After mounting international pressure, Cambodia arrested over 1,000 suspects in a coordinated crackdown on cyber scam rings. Raids spanned five provinces, netting suspects from China, Vietnam, Taiwan, Indonesia, and more.

It shows you that if governments really want to, they can actually fight cybercrime. I guarantee you a bunch of different countries, probably the U.S. and Europe, said "Hey, how would you like us to end all aid and put you on a sanction list with North Korea unless this stops?" And the Cambodians were like "I think there's something we can do about it." Five raids in five provinces led to 1,000 suspects arrested - 200 from Vietnam, 27 Chinese, 75 from Taiwan, 85 Cambodian nationals. Police seized equipment, computers, and hundreds of mobile phones.

Who said law enforcement can’t fight cybercrime when properly motivated?

✅ Action List for Practitioners & Leaders:

• 📉 Use United Natural Foods & Co-op incidents to frame board-level cyber budget talks

• 🧰 Patch Cisco ISE, Fortinet FortiWeb, and Oracle apps immediately

• 🧠 Train teams to recognize phishing with fake resumes & LNK payloads

• 🔍 Audit DNS redundancy — don’t rely on one resolver

• 🧱 Review third-party & supply chain risk, especially in critical infra and semiconductors

• 📑 If you manage Meta user data — assume it’s a compliance grenade

• 🔐 Lock down SonicWall appliances — investigate any anomalous access

• 📞 Watch for telecom-focused threat actor pivoting in your sector

🧠 James Azar's CISO Take

This episode hits differently — because we’re no longer just theorizing about cyber risk; we’re seeing the receipts. United Natural Foods lost $400M in sales. The Co-op had to apologize to 6.5M members. Lawmakers are scrambling to legislate minimum security standards that should’ve existed years ago. CISOs have been trying to quantify for years but never had concrete examples to reference and I think we're finally getting real numbers that will force boardroom conversations.

These numbers are going to be conversation starters in every board meeting going forward, and as practitioners, we need to be prepared to answer "what would our impact be?" The evangelization of cybersecurity requires it to be embedded from the very bottom level of the business all the way to the very top, and now we have the financial justification to make that case.

But here’s what gets me fired up: we finally have real-world, dollar-driven case studies to back our cybersecurity asks. We’ve moved past fear-based budgeting. This is now business reality. If you're in the security leadership seat and not using these stories to build alignment with your exec team and board — you're missing the moment.

✅ Story Links:

https://www.securityweek.com/united-natural-foods-projects-up-to-400m-sales-hit-from-june-cyberattack/

https://www.bleepingcomputer.com/news/security/co-op-confirms-data-of-65-million-members-stolen-in-cyberattack/

https://thehackernews.com/2025/07/chinese-hackers-target-taiwans.html

https://www.bleepingcomputer.com/news/security/cloudflare-says-1111-outage-not-caused-by-attack-or-bgp-hijack/

https://www.securityweek.com/cisco-patches-another-critical-ise-vulnerability/

https://www.bleepingcomputer.com/news/security/new-fortinet-fortiweb-hacks-likely-linked-to-public-rce-exploits/

https://www.securityweek.com/oracle-patches-200-vulnerabilities-with-july-2025-cpu/

https://www.securityweek.com/trial-opens-against-meta-ceo-mark-zuckerberg-and-other-leaders-over-facebook-privacy-violations/

https://www.securityweek.com/sonicwall-sma-appliances-targeted-with-new-overstep-malware/

https://www.securityweek.com/cambodia-makes-1000-arrests-in-latest-crackdown-on-cybercrime/

https://therecord.media/senate-panel-passes-intel-act-salt-typhoon-china

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1

🚨 Important Links to Follow:

👉Website:

CISO Talk by James Azar

The latest news and topics from a cybersecurity practitioners discussing Cybersecurity, Privacy, Technology & Geo-Politics. I am a two times Founder and Chief Information Security Officer. All opinions are my own

👉Listen here: https://linktr.ee/cyberhubpodcast

✅ Stay Connected With Us.

👉Facebook: https://www.facebook.com/CyberHubpodcast/

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/

👉Twitter (X): https://twitter.com/cyberhubpodcast

👉Instagram: https://www.instagram.com/cyberhubpodcast

🤝 For Business Inquiries: info@cyberhubpodcast.com

=============================

🚀 About The CyberHub Podcast.

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.