Latest Intelligence
What the Coinbase Breach Says About Insider Risk
The Coinbase breach highlights the importance of understanding not only the failures that led to the incident but also the potential preventive measures that could have been implemented. It emphasizes the need for organizations to assess insider risks effectively. Read Original »
Open Source CISA Tool Helps Defenders With Hacker Containment, Eviction
An open-source tool developed by CISA assists organizations in managing the containment and eviction phases of incident response to cybersecurity incidents. This resource aims to enhance the effectiveness of defenders against hacking attempts. Read Original »
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto
The North Korea-linked hacker group UNC4899 has been conducting attacks by targeting employees of organizations through LinkedIn and Telegram, posing as freelance software development opportunities. They used social engineering to persuade victims to run malicious Docker containers, leading to significant cryptocurrency theft. Read Original »
Dark Reading Confidential: Funding the CVE Program of the Future
The article discusses the impending expiration of federal funding for the CVE Program in April 2026 and highlights concerns from experts about the industry's preparedness for this crisis. The experts emphasize the need for a strategic vision to ensure the future effectiveness of the CVE Program. Read Original »
Who’s Really Behind the Mask? Combatting Identity Fraud
The article discusses the evolving challenges of identity fraud in cybersecurity, emphasizing that traditional credential-based security measures are insufficient. It highlights the importance of context, behavioral baselines, and multi-source visibility as essential components of modern identity security. Read Original »
API Security Firm Wallarm Raises $55 Million
Wallarm, a firm specializing in API security, has successfully raised $55 million in a Series C funding round led by Toba Capital. This funding brings the total amount raised by the company to over $70 million, indicating strong investor confidence in its security solutions. Read Original »
Low-Code Tools in Microsoft Azure Allowed Unprivileged Access
A security researcher discovered that using API Connections for Azure Logic Apps allowed unauthenticated users to access sensitive data belonging to other customers. This raises concerns about the security measures in place for low-code tools in Microsoft Azure. Read Original »
Browser Extensions Pose Serious Threat to Gen-AI Tools Handling Sensitive Data
LayerX has revealed a new hacking technique targeting AI chatbots through web browser extensions, termed 'man-in-the-prompt'. This method poses significant risks to generative AI tools that manage sensitive data. Read Original »
Rockwell Automation Lifecycle Services with VMware
Rockwell Automation has reported several critical vulnerabilities in their Lifecycle Services with VMware, which could lead to code execution on the host or memory leakage. The vulnerabilities are associated with out-of-bounds writes and the use of uninitialized resources, affecting various products including Industrial Data Center and Threat Detection Managed Services. Read Original »
CISA Releases Two Industrial Control Systems Advisories
CISA has released two advisories addressing security vulnerabilities in Industrial Control Systems (ICS). These advisories highlight current security issues and encourage users to review them for technical details and mitigations. Read Original »
CISA and USCG Issue Joint Advisory to Strengthen Cyber Hygiene in Critical Infrastructure
CISA and the U.S. Coast Guard have issued a joint Cybersecurity Advisory to enhance cyber hygiene among critical infrastructure organizations. Following a threat hunt at a U.S. facility, they identified cybersecurity risks and provided mitigations to help organizations improve their security measures. Read Original »
CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization
The Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Coast Guard (USCG) conducted a proactive threat hunt at a U.S. critical infrastructure organization, identifying several cybersecurity risks despite finding no evidence of malicious activity. Key issues included insufficient logging, insecure credential storage, and shared local admin credentials, prompting recommendations for improved cybersecurity measures. Read Original »
Güralp Systems Güralp FMUS series
The Güralp FMUS series seismic monitoring devices have a critical vulnerability due to missing authentication for a Telnet-based command line interface, allowing potential attackers to modify configurations or reset devices. Users are advised to take defensive measures to mitigate exploitation risks. Read Original »
Thorium Platform Public Availability
CISA and Sandia National Laboratories have announced the public availability of Thorium, a scalable platform for automated file analysis that enhances cybersecurity teams' capabilities. Thorium integrates various tools for efficient analysis of malware threats and supports high-volume file ingestion and rapid query performance. Read Original »
AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals
The article highlights the increasing volume and complexity of cyber threats, particularly ransomware, which target endpoints as valuable assets. With the rise of AI, it emphasizes the necessity for robust endpoint security solutions that can adapt and respond to the evolving threat landscape. Read Original »