Latest Intelligence
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
CISA has identified two Microsoft SharePoint vulnerabilities, CVE-2025-49704 and CVE-2025-49706, that are actively being exploited by Chinese hackers. Federal agencies are mandated to address these vulnerabilities by July 23, 2025, following their addition to the Known Exploited Vulnerabilities catalog. Read Original »
China Introduces National Cyber ID Amid Privacy Concerns
China has introduced a voluntary Internet identity system aimed at safeguarding citizens' online identities and personal information. However, there are concerns from critics regarding potential privacy issues and increased surveillance. Read Original »
Microsoft Integrates Data Lake with Sentinel SIEM
Microsoft has integrated its Data Lake with Sentinel SIEM to offer cost-effective storage solutions for large volumes of telemetry data. Additionally, threat intelligence will be included with Defender XDR at no extra cost, enhancing the security capabilities of Microsoft's offerings. Read Original »
3 China Nation-State Actors Target SharePoint Bugs
Recent vulnerabilities in on-premises editions of SharePoint Server have led to increased activity from hackers and cybercrime groups. This situation has created a heightened risk for organizations using these affected systems. Read Original »
CISO Conversations: How IT and OT Security Worlds Are Converging
The article discusses an interview with Carmine Valente, Deputy CISO at Con Edison, focusing on the convergence of IT and OT security. Valente addresses current cybersecurity threats such as ransomware and supply chain attacks, along with the influence of AI on both defense mechanisms and emerging threats. Read Original »
Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch
Microsoft has reported that Chinese threat actors, specifically Linen Typhoon, Violet Typhoon, and Storm-2603, have been exploiting zero-day vulnerabilities in ToolShell weeks prior to a patch being released. This highlights the ongoing risks posed by advanced persistent threats (APTs) in cybersecurity. Read Original »
Reclaiming Control: How Enterprises Can Fix Broken Security Operations
The article discusses the increasing complexity of security operations, which has transformed from a manageable function into a challenging battlefield. It emphasizes the need for enterprises to reclaim control over their security operations to address these issues effectively. Read Original »
Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups
Microsoft has linked ongoing exploits of security vulnerabilities in SharePoint Server to two Chinese hacking groups, Linen Typhoon and Violet Typhoon, as well as a third group named Storm-2603. These groups have been observed weaponizing the flaws to gain initial access to systems since July 7, 2025. Read Original »
Dell Says Data Leaked by Hackers Is Fake
Dell has confirmed that a demo environment containing synthetic data was compromised, and the information leaked by hackers is not real. This incident highlights concerns about data security and the authenticity of leaked information. Read Original »
Vulnerabilities Expose Helmholz Industrial Routers to Hacking
Recent vulnerabilities were identified and patched in Helmholz's REX 100 industrial routers, which allow remote access and management. The vulnerabilities were disclosed by Germany’s CERT@VDE, highlighting security risks for organizations using these devices. Read Original »
Dell Breached by Extortion Group, Says Data Stolen Was 'Fake'
Dell reported that the World Leaks group breached its Customer Solution Center and released data that was primarily composed of synthetic datasets used for demonstrations and testing. The company clarified that the stolen data was not real customer information. Read Original »
Critical Infrastructure Security Is a Critical Concern
The article emphasizes the importance of balancing protection and preparation to achieve resilience in the face of increasing threats to critical infrastructure security. Organizations must prioritize both aspects to effectively address the evolving cybersecurity landscape. Read Original »
Darktrace Acquires Mira Security for Network Visibility
Darktrace has acquired Mira Security to enhance its capabilities in network visibility. This acquisition allows Darktrace to gain better insights into encrypted network traffic and improve its decryption capabilities. Read Original »
Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access
Cisco has confirmed that there are active exploits targeting vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). The company reported that the Product Security Incident Response Team became aware of attempts to exploit these vulnerabilities in July 2025. Read Original »
Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate
Mexican organizations are facing a surge in credential theft and remote access threats from a modified version of the AllaKore RAT and SystemBC, attributed to the financially motivated hacking group Greedy Sponge. This group has been active since early 2021, targeting various sectors indiscriminately. Read Original »