Latest Intelligence
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks
SonicWall has reported that an unauthorized party accessed firewall configuration backup files for all customers using its cloud backup service. Although the files contain encrypted credentials and configuration data, their possession raises the risk of targeted attacks. Read Original »
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More
Cyber threats are rapidly evolving, utilizing social engineering, AI manipulation, and cloud exploitation to breach secure systems. This bulletin highlights the increasing risks associated with communication platforms and connected devices, emphasizing the need for effective safeguards. Read Original »
CISA Releases Four Industrial Control Systems Advisories
CISA released four advisories on October 9, 2025, addressing security issues and vulnerabilities in various Industrial Control Systems. The advisories aim to inform users and administrators about the current threats and provide guidance on mitigations. Read Original »
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added CVE-2021-43798, a Grafana Path Traversal Vulnerability, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability poses significant risks to federal enterprises, prompting a call for timely remediation by federal agencies and other organizations. Read Original »
Rockwell Automation Lifecycle Services with Cisco
Rockwell Automation has reported a stack-based buffer overflow vulnerability in their Lifecycle Services with Cisco, which could allow low-privileged attackers to cause denial-of-service conditions or high-privileged attackers to execute arbitrary code. The vulnerability affects various products using Cisco IOS XE Software, posing significant security risks to industrial data centers. Read Original »
Rockwell Automation Stratix
Rockwell Automation has reported a stack-based buffer overflow vulnerability in several versions of their Stratix products, which could allow remote attackers to execute arbitrary code or cause a denial-of-service condition. The vulnerability is linked to the Simple Network Management Protocol (SNMP) subsystem in Cisco IOS XE Software used by the affected devices. Read Original »
Hitachi Energy Asset Suite
The Hitachi Energy Asset Suite has a vulnerability related to improper output neutralization for logs, which could allow authenticated users to manipulate log data and potentially execute further malicious attacks. Users are advised to disable performance logging and apply updates as they become available. Read Original »
Realm.Security Raises $15 Million in Series A Funding
Realm.Security, a cybersecurity startup, has successfully raised $15 million in Series A funding. The company plans to utilize this investment to enhance its product development and expand its market presence. Read Original »
SaaS Breaches Start with Tokens - What Security Teams Must Watch
Token theft is a significant factor contributing to breaches in SaaS applications, which are increasingly relied upon by companies. Security teams need to enhance their token hygiene practices to mitigate the risks associated with OAuth and API tokens. Read Original »
GitHub Copilot Chat Flaw Leaked Data From Private Repositories
A flaw in GitHub Copilot Chat allowed hidden comments to manipulate responses, leading to the leakage of sensitive information and source code from private repositories. This vulnerability raises significant concerns regarding data security and privacy for users of the platform. Read Original »
Chaos Ransomware Upgrades With Aggressive New C++ Variant
The article discusses an upgraded variant of Chaos ransomware that now includes new encryption methods, wiper capabilities, and features for stealing cryptocurrency. This evolution makes the ransomware-as-a-service operation significantly more dangerous. Read Original »
Chinese Hackers Breached Law Firm Williams & Connolly via Zero-Day
Chinese hackers successfully breached the law firm Williams & Connolly using a zero-day vulnerability. The firm has stated that there is no evidence of confidential client data being stolen from its systems. Read Original »
From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine
Russian hackers have increasingly utilized artificial intelligence in their cyber attacks against Ukraine, as reported by the State Service for Special Communications and Information Protection. This advancement includes generating more sophisticated phishing messages and malware samples. Read Original »
All SonicWall Cloud Backup Users Had Firewall Configurations Stolen
In early September, hackers compromised the MySonicWall service and stole firewall configuration backup files from users. This incident raises significant concerns about the security of cloud backup services and the potential risks to users' network configurations. Read Original »
Discord Says 70,000 Users Had IDs Exposed in Recent Data Breach
Discord has reported a data breach in which the personal identification documents of approximately 70,000 users were exposed. The hackers claim to have stolen over 2 million photos of government IDs that were submitted for age verification purposes. Read Original »