Latest Intelligence
Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data
CERT/CC has revealed vulnerabilities in a Workhorse Software application that could lead to the exposure of sensitive data. These flaws were disclosed after patches were released, highlighting potential risks for cities and towns using the software. Read Original »
Pharmaceutical Company Inotiv Confirms Ransomware Attack
Inotiv has reported a ransomware attack that compromised and encrypted its internal systems, affecting its business operations. The company has notified the SEC regarding the incident. Read Original »
From Impact to Action: Turning BIA Insights Into Resilient Recovery
Modern businesses are increasingly facing a complex and evolving threat landscape, which necessitates a robust Business Continuity and Disaster Recovery (BCDR) strategy. The article emphasizes the importance of addressing these rising threats to ensure resilient recovery. Read Original »
North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms
North Korean threat actors have conducted a cyber espionage campaign targeting diplomatic missions in South Korea, utilizing spear-phishing emails that impersonate trusted contacts. This activity occurred between March and July 2025, aiming to deceive embassy staff and foreign ministry personnel. Read Original »
High-Severity Vulnerabilities Patched in Chrome, Firefox
Google and Mozilla have addressed multiple high-severity vulnerabilities in their respective browsers, Chrome and Firefox. The patches aim to enhance security and protect users from potential threats. Read Original »
Intel Employee Data Exposed by Vulnerabilities
A researcher discovered vulnerabilities in internal services that led to the exposure of personal information belonging to 270,000 Intel employees. This incident raises concerns about the security of employee data within the company. Read Original »
DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks
Ethan Foltz, a 22-year-old from Oregon, has been charged by the U.S. Department of Justice for allegedly creating and managing a DDoS-for-hire botnet named RapperBot. This botnet has reportedly been involved in approximately 370,000 DDoS attacks. Read Original »
Asian Orgs Shift Cybersecurity Requirements to Suppliers
The increase in cybersecurity breaches in Asia has led a Japanese chipmaker and the Singaporean government to implement new requirements for vendors to undergo cybersecurity checks before conducting business. This shift highlights the growing emphasis on cybersecurity in supply chain management. Read Original »
Russian Hacktivists Take Aim at Polish Power Plant, Again
Russian hacktivists have targeted a Polish power plant, achieving greater success than in a previous attempt. This latest attack resulted in disruptions at the facility. Read Original »
Agentic AI, Apple Intelligence, EV Chargers: Everyday Cybersecurity Peril Abounds for Businesses
The article highlights the pervasive cybersecurity risks that businesses face, as discussed in the coverage of Black Hat USA 2025. It emphasizes that threats can arise from various sources, including emerging technologies like Agentic AI and Apple Intelligence. Read Original »
How to Vibe Code With Security in Mind
The article emphasizes the importance of prioritizing security in the context of vibe coding and AI-assisted coding during application development. As these technologies become more integrated, organizations must remain vigilant about potential security risks. Read Original »
'RingReaper' Sneaks Right Past Linux EDRs
The article discusses 'RingReaper', a sophisticated post-compromise tool that exploits the Linux kernel's io_uring interface to evade detection by endpoint detection and response systems. This highlights a significant security concern for Linux environments. Read Original »
AI Agents Access Everything, Fall to Zero-Click Exploit
The article discusses a significant cybersecurity exploit that affects AI agents, highlighting the increased risks associated with generative AI technology. Michael Bargury, CTO of Zenity, emphasizes the evolving nature of these technologies and the implications for cyber threats. Read Original »
Millions Allegedly Affected in Allianz Insurance Breach
Allianz Insurance has reportedly experienced a data breach affecting millions of life insurance customers. The compromised information includes sensitive personal details such as physical addresses, dates of birth, and phone numbers. Read Original »
Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems
Threat actors are exploiting a nearly two-year-old vulnerability in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy DripDropper malware. Interestingly, the attackers have been observed patching the vulnerability after gaining access to prevent further exploitation by others and to evade detection. Read Original »