editorially independent. We may make money when you click on links
to our partners.
Learn More
Major Threats & Vulnerabilities
Zero-Day Exploits and Critical CVEs
Cisco SD-WAN Zero-Day Grants Root Access has been actively exploited since 2023, allowing attackers to bypass authentication and gain root privileges. Cisco urges administrators to patch immediately, secure management planes, and monitor for rogue peers.
ServiceNow AI Platform Vulnerability could allow unauthenticated remote code execution through web interfaces and APIs. While no exploitation has been observed, organizations should patch promptly and restrict external access.
VMware Aria Vulnerabilities Enable RCE through command injection flaws that could expose telemetry and allow lateral movement across hybrid environments. Broadcom advises immediate patching.
Chrome Fixes Trio of High-Severity Flaws in the Media component, WebGPU shader compiler, and DevTools. These vulnerabilities could lead to remote code execution through memory corruption. Users should update Chrome immediately.
Apache Tomcat Vulnerability Allows Access Control Bypass under certain configurations using legacy HTTP/0.9 requests. Administrators should apply the latest patch to prevent unauthorized access.
AI and Developer-Focused Exploits
Claude Code Bugs Expose API Keys in Anthropic’s AI-assisted coding environment, allowing attackers to execute commands and steal credentials. Developers are urged to scan dependencies and restrict API key exposure.
Malicious Next.js Repositories Target Developers by posing as job assessments, exfiltrating secrets via runtime JavaScript and command-and-control connections. Developers should verify repository authenticity before cloning.
OpenClaw Audit Uncovers Widespread Vulnerabilities in 41.7% of AI skills, including command injection and credential leaks. Organizations should pre-scan AI modules, enforce least privilege, and integrate AI workflows into incident response testing.
Spyware and AI-Driven Attacks
Predator Spyware Suppresses iOS Privacy Indicators by disabling camera and microphone alerts, showing how kernel-level compromise can bypass Apple’s privacy protections.
AI-Powered Attacks Compromise 600+ FortiGate Devices across 55 countries using generative AI tools to exploit weak credentials and target backup systems. AWS Threat Intelligence recommends enforcing strong authentication and monitoring for anomalous access.
Industry News
Data Breaches and Exposures
ManoMano Vendor Breach Exposes 38 Million Users after attackers compromised a third-party support provider. Personal data such as names, emails, and phone numbers were exposed, though passwords remain secure.
ShinyHunters Dumps 12.4M CarGurus Records online, with 70% of the leaked data being newly exposed. The company has yet to issue a formal statement.
Wynn Resorts Employee Data Breach affected over 800,000 records from Oracle PeopleSoft systems. While unauthorized access was confirmed, no misuse has been detected.
Conduent Cyberattack Affects 25 Million individuals, potentially the largest U.S. data breach ever. The company faces lawsuits over delayed disclosure and high remediation costs.
youX Breach Exposes Driver’s License Data for more than 200,000 Australians, raising fraud concerns and highlighting supply-chain weaknesses in fintech operations.
French Bank Registry Breach Exposes 1.2M Accounts after stolen credentials were used to access France’s FICOBA registry. Investigations continue into the scope of exposure.
Ransomware and Cybercrime Operations
Ransomware Attack Hits Semiconductor Supplier Advantest, disrupting operations and potentially exposing sensitive data. The company is investigating with law enforcement.
Mississippi Medical Center Hit by Ransomware forced clinic closures and procedure cancellations. The incident underscores the need for zero trust architectures and offline backups.
Government and Policy Developments
U.S. Treasury Sanctions Russian Zero-Day Broker Sergey Zelenyuk and Matrix LLC under the Protecting American Intellectual Property Act, marking a major escalation against exploit trafficking.
Global Data Rules and Cloud Security tensions continue as nations tighten sovereignty laws. Experts recommend enforcing data residency and zero-trust access to maintain compliance.
Security Tips & Best Practices
Who Controls Your Data Across Borders?
- Enforce data residency and retain encryption key custody within jurisdiction.
- Implement zero trust access controls and monitor cross-border exposure.
- Conduct transfer impact assessments with immutable audit logs.
Are You Exposed in the Cloud?
- Apply least-privilege access with MFA for all users and services.
- Use CSPM and SIEM to detect misconfigurations and suspicious activity.
- Segment workloads and encrypt data in transit and at rest.
Is Your Vendor Risk Under Control?
- Continuously monitor vendor security posture and enforce breach notification clauses.
- Restrict third-party access with least privilege, time-bound permissions, and MFA.
- Align incident response plans with vendors and test joint playbooks regularly.
How Resilient Is Your Organization to Ransomware?
- Implement layered protection with immutable backups and segmentation.
- Use phishing-resistant MFA and EDR for ransomware detection and removal.
- Test incident response plans regularly for rapid containment and recovery.
Embed Security in Software Development
- Integrate threat modeling, code reviews, and automated testing into the SDLC.
- Use composition analysis and secrets scanning to identify vulnerable dependencies.
- Implement CI/CD security gates to block insecure builds before deployment.
Organizations can strengthen their defenses using resources like incident response tools and services to streamline detection and recovery, network monitoring platforms to detect anomalies, and data loss prevention solutions to safeguard sensitive information.
As Agentic AI reshapes enterprise governance, security leaders must treat autonomous systems like privileged infrastructure—enforcing strict autonomy limits, runtime guardrails, and continuous oversight to prevent unintended actions.
If you want to see more from our Newsletter Archive please click here.
