fp-5a
-
Read moreSilver Dragon, a threat group linked to APT41, is targeting government entities using Cobalt Strike, DLL sideloading, DNS tunneling, and Google Drive-based command-and-control techniques. -
Read moreMedusa and DragonForce use SimpleHelp flaws for attacks—learn about the tactics, impacts, and defenses against supply chain ransomware. -
Read moreZoom vulnerabilities allow unauthorized access—learn about the CVEs, risks, and urgent update needs to secure your video calls. -
Read moreCISA warns of CVE-2025-54253 in Adobe Experience Manager, allowing unauthenticated code execution—fix now for versions up to 6.5.23.0. Also, active CVE-2016-7836 in SKYSEA; learn how to secure your systems from these critical vulnerabilities. -
Read more"Trinity of Chaos" group (Muddled Libra, Bling Libra, LAPSUS$) steals 1B Salesforce records targeting retail/hospitality; launches DLS October 3, 2025, with FBI seizure October 9. EaaS model enables fraud—implement zero trust and ISAC intel to defend against data theft. -
Read moreHigh-severity CVE-2025-61884 (CVSS 7.5) in Oracle E-Business Suite's Configurator allows unauthenticated HTTP attacks to access sensitive data (versions 12.2.3-12.2.14). Follows Cl0p-linked CVE-2025-61882 exploits—apply updates, segment networks, and scan for vulnerabilities now. -
Read moreDeepMind's CodeMender uses Gemini models to spot, patch, and rewrite vulnerable code, upstreaming 72 fixes to OSS projects. Google launches AI VRP for threat reports up to $30K and updates SAIF v2 to combat AI risks like prompt injections—empowering developers against cyber threats. -
Read moreCVE-2025-61984 exploits OpenSSH's ProxyCommand by injecting newlines in usernames for RCE, bypassing CVE-2023-51385; targets Bash-like shells in malicious Git submodules during recursive clones. Affects unquoted %r configs (e.g., from Teleport)—upgrade to OpenSSH 10.1, quote '%r', or restrict Git SSH to mitigate. -
Read moreCISA flags CVE-2021-43226 in Windows CLFS Driver for active exploitation, enabling local attackers to gain SYSTEM privileges via buffer overflows. Impacts Win10/11 & Servers 2016-2022; federal deadline Oct 27—apply updates, monitor Event IDs 4656/4658, and scan for vulnerabilities now. -
Read moreCISA details threat actors exploiting CVE-2024-36401 in GeoServer for initial access to a U.S. federal network on July 11, 2024, using webshells, dirtycow escalation, and lateral movement—undetected until July 31. Key lessons: Immediate KEV patching, enhanced IR plans, and continuous EDR monitoring.
