Latest Intelligence
F5 Hack: Attack Linked to China, BIG-IP Flaws Patched, Governments Issue Alerts
The article discusses a cyberattack linked to China that was disclosed by F5, highlighting the attribution and potential risks involved. It also mentions that flaws in the BIG-IP products have been patched and that governments have issued alerts regarding the situation. Read Original »
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack
CISA has identified a critical security flaw in Adobe Experience Manager, designated as CVE-2025-54253, which has a maximum severity score of 10.0. This misconfiguration vulnerability poses a risk of arbitrary code execution and is currently being actively exploited. Read Original »
LevelBlue Announces Plans to Acquire XDR Provider Cybereason
LevelBlue has announced its plans to acquire Cybereason, an extended detection and response (XDR) provider. This acquisition follows LevelBlue's recent purchases of Trustwave and Aon, and aims to enhance their offerings in XDR, managed detection and response (MDR), and forensic services. Read Original »
'Mysterious Elephant' Moves Beyond Recycled Malware
The cyber-espionage group known as 'Mysterious Elephant' has been utilizing advanced custom tools to conduct espionage activities targeting government and diplomatic entities in South Asia since early 2025. This indicates a shift away from previously used recycled malware techniques. Read Original »
F5 BIG-IP Environment Breached by Nation-State Actor
F5 reported a security breach involving zero-day vulnerabilities, source code exposure, and some customer data being compromised. This incident is attributed to a nation-state actor. Read Original »
Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months
A Chinese threat group known as Jewelbug has been linked to a five-month intrusion into a Russian IT service provider, indicating a geographic expansion of its activities. This breach occurred between January and May 2025, showcasing the group's evolving targeting strategies beyond its usual regions. Read Original »
SecurityWeek to Host 2025 ICS Cybersecurity Conference October 27-30 in Atlanta
SecurityWeek is set to host the 2025 ICS Cybersecurity Conference from October 27-30 in Atlanta, featuring over 70 sessions, five training courses, and an ICS Village CTF competition. This event aims to address critical issues in industrial cybersecurity. Read Original »
F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion
F5 has reported a breach in which unidentified nation-state hackers accessed its systems and stole files containing the source code for BIG-IP, along with information on undisclosed vulnerabilities. The attackers are described as highly sophisticated and maintained long-term access to F5's network. Read Original »
Harvard University Breached in Oracle Zero-Day Attack
Harvard University has experienced a data breach attributed to the Clop ransomware group, which claims the attack is part of a larger campaign targeting Oracle customers. This incident highlights the vulnerabilities associated with Oracle's systems. Read Original »
F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data
F5 has reported a breach involving the theft of its source code and vulnerability data, attributing the attack to nation-state hackers, likely from China. The company has not disclosed extensive details about the threat actor. Read Original »
Webinar Today: Fact vs. Fiction – The Truth About API Security
The article discusses a webinar focused on API security, emphasizing the need for practical guidance to protect APIs from current threats posed by attackers. It aims to clarify misconceptions and provide insights into effective security measures. Read Original »
Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks
Research has revealed that over 100 VS Code extensions have leaked access tokens, which could allow malicious actors to update these extensions with harmful content. This situation represents a significant risk to the software supply chain. Read Original »
Customer Service Firm 5CA Denies Responsibility for Discord Data Breach
5CA, a customer service firm, has denied responsibility for a data breach associated with Discord, claiming that none of its systems were involved. This denial follows Discord's identification of 5CA as the third-party responsible for the breach. Read Original »
Maverick: a new banking Trojan abusing WhatsApp in a mass-scale distribution
A new malware campaign in Brazil has been identified, distributing a banking Trojan named Maverick through malicious LNK files via WhatsApp. This Trojan shares code similarities with the previously known Coyote malware. Read Original »
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added a new vulnerability, CVE-2025-54253, related to Adobe Experience Manager Forms, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability poses significant risks to federal enterprises and highlights the importance of timely remediation by federal agencies and organizations alike. Read Original »