Latest Intelligence
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, indicating they are actively exploited. These vulnerabilities, related to N-able N-central, pose significant risks to federal networks and highlight the need for timely remediation. Read Original »
CISA and Partners Release Asset Inventory Guidance for Operational Technology Owners and Operators
CISA and various federal and international partners have released guidance aimed at helping operational technology (OT) owners and operators develop and maintain structured asset inventories and taxonomies. This initiative is intended to enhance cybersecurity measures, improve risk assessment, and ensure continuity of services in critical infrastructure sectors. Read Original »
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code
Fortinet has issued a warning regarding a critical vulnerability in FortiSIEM, identified as CVE-2025-25256, which has an exploit actively being used in the wild. This vulnerability allows unauthenticated attackers to potentially execute OS command injections. Read Original »
AI SOC 101: Key Capabilities Security Leaders Need to Know
Security operations centers (SOCs) face significant challenges as analysts deal with a high volume of alerts, often leading to false positives and requiring the use of multiple tools for context. This repetitive and time-consuming work places SOCs under constant pressure to keep up with emerging threats. Read Original »
Manpower Says Data Breach Stemming From Ransomware Attack Impacts 140,000
Manpower, a staffing and recruiting firm, experienced a data breach due to a ransomware attack by the RansomHub group in January. The breach has impacted approximately 140,000 individuals, highlighting significant cybersecurity concerns in the staffing industry. Read Original »
Webinar: What the Next Wave of AI Cyberattacks Will Look Like — And How to Survive
The article discusses the rapid evolution of AI technology and its implications for cybersecurity, highlighting that while AI enhances productivity, it also equips cybercriminals with advanced tools for attacks. As AI continues to develop, the threat landscape becomes increasingly sophisticated, posing significant risks to organizations. Read Original »
Fortinet, Ivanti Release August 2025 Security Patches
Fortinet and Ivanti have released security patches as part of their August 2025 Patch Tuesday updates. These updates address vulnerabilities that could potentially impact their products and services. Read Original »
Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws
Microsoft has released patches for 111 security vulnerabilities across its software, including a critical zero-day flaw in Kerberos. The vulnerabilities vary in severity, with 16 rated Critical and 92 rated Important. Read Original »
New trends in phishing and scams: how AI and social media are changing the game
The article discusses emerging trends in phishing and scams as of 2025, highlighting the role of AI, deepfakes, and various platforms like Telegram and Google Translate in these malicious activities. It emphasizes the growing sophistication of scams, including biometric data theft and the use of Blob URLs. Read Original »
ICS Patch Tuesday: Major Vendors Address Code Execution Vulnerabilities
The August 2025 ICS Patch Tuesday advisories have been released by major vendors, highlighting the need for updates to address code execution vulnerabilities. This underscores ongoing security challenges in industrial control systems. Read Original »
Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics
A new ransomware family named Charon has been identified targeting the public sector and aviation industry in the Middle East. The threat actor employs advanced evasion tactics similar to those used by APT groups, including DLL side-loading and process injection. Read Original »
Adobe Patches Over 60 Vulnerabilities Across 13 Products
Adobe has released security updates addressing over 60 vulnerabilities across 13 of its products. This includes critical fixes for software such as Commerce, Substance, InDesign, FrameMaker, and Dimension. Read Original »
Microsoft Patches Over 100 Vulnerabilities
Microsoft has released updates addressing over 100 critical vulnerabilities in its software products. These updates are part of the August 2025 Patch Tuesday and cover vulnerabilities in Windows, Office, and Hyper-V. Read Original »
China Questions Security of AI Chips From Nvidia, AMD
The article discusses concerns raised by Chinese sources regarding the security of AI chips from NVIDIA and AMD, particularly in light of a recent US ban on their sales to China. They are calling for NVIDIA to demonstrate that its chips do not contain any backdoors. Read Original »
Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday
Microsoft's August security update addressed a total of 111 unique Common Vulnerabilities and Exposures (CVEs), with a significant focus on elevation-of-privilege vulnerabilities. This highlights ongoing security challenges within Microsoft's software ecosystem. Read Original »