Confucius Shifts from Document Stealers to Python Backdoors
A long-running cyber-espionage group known as Confucius has introduced new techniques in its campaigns against Microsoft Windows users. First…
Rethinking NHI Security: The Essential Shift to Zero Trust Security and Ephemeral Identities
As identity security becomes increasingly critical in cybersecurity, the focus has shifted from safeguarding human identities to…
Free VPN Apps Found Riddled With Security Flaws
A large-scale study of free virtual private network (VPN) apps has uncovered serious privacy and security risks that affect both consumers and…
Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware
Google Mandiant and Google Threat Intelligence Group (GTIG) have disclosed that they are tracking a new cluster of activity possibly linked to…
Forrester: Agentic AI-Powered Breach Will Happen in 2026
An agentic AI deployment will cause a publicly disclosed data breach next year, leading to employee dismissals, Forrester has predicted.…
Small Businesses and Ransomware: Navigating the AI Era Threat
Ransomware has evolved from a niche hacker tactic into a mainstream threat, and small businesses are increasingly in the crosshairs. While…
Phishing Dominates EU-Wide Intrusions, says ENISA
Phishing and vulnerability exploitation accounted for the vast majority of initial access in cyber-attacks against EU organizations over the…
Samsung and OpenAI Announce Strategic Alliance to Build Next-Generation Global AI Infrastructure
Samsung data breach Samsung has announced a strategic partnership with OpenAI to jointly advance the development of global AI infrastructure.…
Qualcomm Wins “Complete Victory” Over Arm in Major Chip Licensing Lawsuit
The long-standing licensing dispute between Qualcomm and Arm has finally reached its conclusion. On October 1, a U.S. District Court formally…
Splunk Fixes Six Flaws, Including Unauthenticated SSRF and XSS Vulnerabilities in Enterprise Platform
Splunk has released a series of advisories addressing six in Splunk Enterprise and Splunk Cloud Platform, ranging from medium to high…
'Delightful' root-access bug in Red Hat OpenShift AI allows full cluster takeover
A 9.9 out of 10 severity bug in Red Hat's OpenShift AI service could allow a remote attacker with minimal authentication to steal data,…
Cyber Brief 25-10 – September 2025
Cyber Brief (September 2025)October 1, 2025 - Version: 1TLP:CLEARExecutive summaryWe analysed 285 open source reports for this Cyber Security…
Navigating Complexity: CISO Strategies for Security Tool Consolidation and Budget Optimization
In the dynamic landscape of modern cybersecurity, Chief Information Security Officers (CISOs) often face a paradoxical challenge: the…
Navigating Holiday Threats: Strengthening PC Resilience with Desktops as a Service (DaaS)
The holiday season, often seen as a time for joy and celebration, has transformed into a crucial period for organizational cybersecurity. With…
Smishing Campaigns Exploit Cellular Routers to Target Belgium
A newly identified wave of smishing attacks has been traced to exploited Milesight Industrial Cellular Routers. According to research by…
CISA Adds Five Actively Exploited Vulnerabilities to KEV Catalog
The threat landscape continues to evolve rapidly and staying ahead of actively exploited vulnerabilities is key to effective cybersecurity…
New Android RAT Klopatra Targets Financial Data
A previously unknown Android Remote Access Trojan (RAT) has been identified by security researchers, marking a significant advancement in the…
CISA Warns of Linux Sudo Vulnerability Actively Exploited in Attacks
CISA has issued an urgent advisory regarding a critical vulnerability in the Linux and Unix sudo utility CVE-2025-32463 that is currently…
Threat Actors Allegedly Listed Veeam RCE Exploit for Sale on Dark Web
Veeam Backup & Replication, a cornerstone of many enterprises’ data protection strategy, has reportedly become the focus of a new…
CISA warns of critical Linux Sudo flaw exploited in attacks
Hackers are actively exploiting a critical vulnerability (CVE-2025-32463) in the sudo package that enables the execution of commands with…
US Cuts Federal Funding for MS-ISAC Cybersecurity Program
The US federal government is cutting support for a major federal cyber threat information-sharing program. In a public statement published on…
Hackers Actively Scanning to Exploit Palo Alto Networks PAN-OS Global Protect Vulnerability
Security researchers are observing a significant increase in internet-wide scans targeting the critical PAN-OS GlobalProtect vulnerability…
Learning from the Inevitable
The talent shortage in cybersecurity continues to persist. Just last year, research showed a cybersecurity market gap of 85 workers…
CIISec Members Say Budgets Are Falling Behind Threats
Cybersecurity budgets in the UK are stagnating, even as job prospects and industry growth improves, a new poll of industry professionals has…
Akira ransomware: From SonicWall VPN login to encryption in under four hours
Four hours or less: that’s how long it takes for Akira affiliates to break into organizations and deploy the ransomware on their…
Inside the Mind of a Threat Actor: What CISOs Must Learn Before the Next Breach
Cybersecurity isn’t a game of defense—it’s a game of anticipation. Yet too many CISOs and security leaders still think in…
Data Is a Dish Best Served Fresh: “In the Wild” Versus Active Exploitation
The term “In the Wild” is broadly used to refer to any activity that has been observed outside of a controlled environment.…
SUSE Rancher Vulnerabilities Let Attackers Lockout the Administrators Account
A critical flaw in SUSE Rancher’s user management module allows privileged users to disrupt administrative access by modifying usernames…
Two-Thirds of Organizations Have Unfilled Cybersecurity Positions
Organizations continue to experience significant cybersecurity skills shortages, with 65% of firms reporting unfilled cyber positions, a new…
SonicWall SSL VPN Attacks Escalate, Bypassing MFA
Security experts have warned of a surge in malicious activity from Akira ransomware actors targeted at victims running SonicWall SSL VPN…
Lesson From Cisco ASA 0-Day RCE Vulnerability That Actively Exploited In The Wild
The cybersecurity landscape experienced a significant escalation in September 2025, when Cisco disclosed multiple critical zero-day…
Harrods Reveals Supply Chain Breach Impacting Online Customers
Luxury London department store Harrods has revealed that some of its e-commerce customers have had their personal information stolen via a…
Notepad++ DLL Hijacking Vulnerability Let Attackers Execute Malicious Code
A newly discovered DLL hijacking vulnerability in Notepad++, the popular source code editor, could allow attackers to execute arbitrary code…
Akira Ransomware Exploits SonicWall VPN Accounts With Lightning-Fast Intrusions
Akira ransomware Leaksite Arctic Wolf has observed a major uptick in Akira ransomware activity since late July 2025, with attackers…
RedNovember: Chinese APT Expands Global Espionage to U.S. Defense, Aerospace, and Tech Firms
A new report from Recorded Future’s Insikt Group reveals that the Chinese state-sponsored threat group RedNovember has significantly…
Morte Botnet Unveiled: A Rapidly Growing Loader-as-a-Service Campaign Exploiting Routers and Enterprise Apps
Researchers at CloudSEK Threat Intelligence (TRIAD) have exposed a sophisticated botnet operation that systematically compromises SOHO…
Cybersecurity Weekly – Chrome 0-Day, 22.2 Tbps DDOS Attack, Kali Linux Release, Cisco IOS 0-Day and More
This week in cybersecurity was marked by a relentless pace of critical disclosures and unprecedented attack volumes, underscoring the…
AsyncRAT Malware Campaign Found Targeting South American Hotels
A new AsyncRAT malware campaign from threat actor TA558 is targeting the South American hospitality industry, demanding the attention of…
The Looming Authorization Crisis: Why Traditional IAM Fails Agentic AI
In today’s enterprise world, AI no longer just answers questions or writes emails, but it takes action. From copilots booking travel to…
Embracing the AI Revolution: How to Incorporate Generative AI into Your SOC 2 Compliance Plan
Generative AI (Gen AI) has emerged as a transformative force. From streamlining operations to enhancing customer experiences, AI-powered…
Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign
RedNovember, a Chinese state-sponsored cyberspy group, targeted government and critical private-sector networks around the globe between June…
Threat Actors Exploiting SonicWall Firewalls to Deploy Akira Ransomware Using Malicious Logins
A new wave of cyberattacks targeting organizations using SonicWall firewalls has been actively deploying Akira ransomware since late July…