Latest Intelligence
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two GeoVision Devices OS Command Injection vulnerabilities to its Known Exploited Vulnerabilities Catalog due to ongoing active exploitation. These vulnerabilities pose significant risks to federal networks, prompting CISA to encourage timely remediation across all organizations.
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
Cybersecurity researchers have identified multiple critical vulnerabilities in the on-premise version of SysAid IT support software that allow for pre-authenticated remote code execution with elevated privileges. These vulnerabilities, categorized as XML External Entity (XXE) injections, pose significant risks to users of the software.
Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack
Meta has successfully won a lawsuit against the Israeli spyware company NSO Group, resulting in a $167 million penalty over the hacking of WhatsApp. This ruling is viewed as a significant advancement in the fight for privacy and security against malicious hacking activities.
Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection
The article discusses the limitations of Security Service Edge (SSE) platforms in adequately protecting user activities occurring in browsers, which is critical for securing hybrid work and SaaS access. This oversight poses significant risks as it leaves a gap in security enforcement where sensitive user interactions take place.
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
Threat actors associated with the Play ransomware exploited a zero-day vulnerability in Microsoft Windows, specifically CVE-2025-29824, to breach a U.S. organization. This privilege escalation flaw in the Common Log File System (CLFS) driver was recently patched, highlighting the ongoing risks posed by unaddressed vulnerabilities.
AppSignal Raises $22 Million for Application Monitoring Solution
AppSignal, a provider of application performance monitoring solutions, has successfully raised $22 million in a Series A funding round led by Elsewhere Partners. This funding aims to enhance their capabilities in the application monitoring space, reflecting the growing importance of performance monitoring in software development.
State of ransomware in 2025
Kaspersky researchers analyze ransomware trends for 2024 and forecast the evolution of this threat into 2025. The significance of understanding these trends lies in the increasing sophistication and prevalence of ransomware attacks, which pose serious risks to organizations and individuals alike.
Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day
At least two ransomware groups have exploited the Windows zero-day vulnerability CVE-2025-29824 before Microsoft issued a patch. This highlights the ongoing risks associated with unpatched vulnerabilities and the need for timely updates in cybersecurity.
Second OttoKit Vulnerability Exploited to Hack WordPress Sites
A critical-severity vulnerability in the OttoKit WordPress plugin is being exploited by threat actors to gain administrative privileges on affected sites. This poses significant risks to WordPress installations using the plugin, highlighting the need for prompt action.
Beware of phone scams demanding money for ‘missed jury duty’
Scammers are making fraudulent phone calls claiming that individuals have missed jury duty and demanding payment, exploiting the legal obligations associated with jury service. This type of scam is significant as it preys on people's fear of legal consequences and can lead to financial loss.
US Warns of Hackers Targeting ICS/SCADA at Oil and Gas Organizations
The US government has issued a warning regarding cyber threats targeting ICS/SCADA systems within the oil and natural gas sectors. This highlights the increasing risk of cyberattacks on critical infrastructure, which could potentially disrupt essential services and pose national security concerns.
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
Researchers have identified a malicious package named discordpydebug on the PyPI repository, which poses as a harmless utility for Discord but contains a remote access trojan. This package has been downloaded over 11,500 times, highlighting the risks associated with downloading unverified software from open-source repositories.
41 Countries Taking Part in NATO’s Locked Shields 2025 Cyber Defense Exercise
The Locked Shields 2025 cyber defense exercise, hosted by the NATO Cooperative Cyber Defence Centre of Excellence in Estonia, will involve participation from 41 countries. This exercise highlights the importance of international collaboration in enhancing cyber defense capabilities amidst growing global cyber threats.
NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware
NSO Group has been ordered to pay approximately $168 million to WhatsApp after a federal jury found that the company violated U.S. laws by using WhatsApp servers to deploy Pegasus spyware against over 1,400 individuals. This case highlights significant concerns regarding the misuse of technology for surveillance and the implications for user privacy.
Researcher Says Patched Commvault Bug Still Exploitable
A researcher has indicated that a patched vulnerability in Commvault, identified as CVE-2025-34028, remains exploitable despite the updates. The Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its catalog, noting that it is currently being actively exploited in the wild.