Weekly threat intelligence digest: July 28 - August 3, 2025

Executive summary

This week tracked 1 curated intelligence items and 0 newly published CVEs. The risk profile remained elevated, with 0 critical and 0 high severity disclosures in public reporting. Priority themes were policy and active exploitation pressure around internet-exposed enterprise software.

Critical & high priority

No critical or high-severity intelligence items were published in this week. Continue normal patch and monitoring cadence, with emphasis on externally reachable systems.

Notable developments

1. Google Cloud Mandates Multi-Factor Authentication for All Accounts

• Google Cloud began enforcing mandatory multi-factor authentication for all user accounts, completing a phased rollout that started in late 2024 and affecting millions of cloud platform users worldwide.

Vulnerability landscape

This week saw 0 newly published CVEs in NVD-aligned tracking for the reporting window.

• Critical: 0
• High: 0
• Medium: 0
• Low: 0

Recommended actions

1. Prioritize internet-facing patching: Resolve critical and high-severity items first, with strict SLA enforcement for edge systems.
2. Harden identity and admin pathways: Require phishing-resistant MFA, reduce standing privileges, and audit privileged sessions.
3. Operationalize detections: Convert this week's CVEs and campaign behaviors into SIEM/SOAR detections and threat hunts.
4. Protect recovery paths: Isolate and test backups, then validate restoration workflows against ransomware and destructive attack scenarios.

Looking ahead

For August 4 - 10, 2025, expect continued exploitation attempts against newly disclosed enterprise software flaws, plus copycat scanning after proof-of-concept publication. Teams should maintain elevated monitoring for externally exposed assets and review compensating controls where patch windows are delayed.