ALL POSTS

Key Findings A critical vulnerability, CVE-2025-8489 (CVSS score of 9.8), has been discovered in the WordPress plugin King Addons for Elementor. The flaw allows unauthenticated users to register and instantly gain admin privileges on WordPress sites. Threat actors are actively exploiting the vulnerability, with the Wordfence Firewall blocking over 48,400 exploit attempts since the issue was disclosed. The vulnerability is a privilege escalation issue in versions 24.12.92 to 5

Key Findings India's Department of Telecommunications (DoT) has ordered messaging apps to work only with active SIM cards linked to users' phone numbers to prevent fraud and misuse. The amendment to the 2024 Telecom Cyber Security Rules aims to curb fraudulent activities such as phishing, scams, and cyber fraud by preventing the misuse of telecom identifiers. Messaging apps have 90 days to implement the changes and 120 days to report compliance. Background The DoT has observe

Key Findings A critical security flaw (CVE-2025-13658, CVSS 9.8) has been discovered in the Longwatch video surveillance and monitoring system developed by Industrial Video & Control (IV&C). The vulnerability allows unauthenticated remote code execution with SYSTEM-level privileges, enabling complete takeover of the affected OT surveillance systems. The flaw resides in the way the Longwatch devices handle incoming web traffic, allowing arbitrary code execution through an expo

Key Findings U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2025-48572: Android Framework Privilege Escalation Vulnerability CVE-2025-48633: Android Framework Information Disclosure Vulnerability Background The two high-severity vulnerabilities are reported to be "under limited, targeted exploitation" in the wild. Google's latest Android update for December 2025

Key Findings 83% of organizations use AI in daily operations Only 13% have strong visibility into how AI systems handle sensitive data AI increasingly behaves as an ungoverned identity, with a non-human user that reads faster, accesses more, and operates continuously 67% have caught AI tools over-accessing sensitive information 23% admit they have no controls for AI prompts or outputs Background The report, produced by Cybersecurity Insiders with research support from Cyera R

Key Findings Frenetik, a Maryland-based cybersecurity startup, has launched with a novel approach to cybersecurity using patented "Deception In-Use" technology. The company's approach aims to exploit information asymmetry, rather than relying on increased computational power and data analytics. Frenetik's technology continuously rotates identities and resources across cloud and on-premises environments, depriving attackers of reliable reconnaissance information. The solution

Key Findings BreachLock named a Leader and Fast Mover in the 2025 GigaOm Radar Report for Penetration Testing as a Service (PTaaS) for the third consecutive year The report evaluated 16 top PTaaS providers based on key feature capabilities, enterprise business requirements, deployment models, and other important decision-making criteria BreachLock scored highly in all evaluated categories, except for crowdsourcing pentesters, which the company does not offer BreachLock's in-h

Key Findings Kevin Lancaster, a leading channel expert and tech entrepreneur, has joined the board of usecure as a Non-Executive Director. Lancaster's appointment is expected to accelerate usecure's growth in the North American channel, building on the company's existing momentum and partnerships. usecure provides human risk management solutions for the channel, helping MSPs and internal IT teams reduce cyber risk through behavior change and data-driven insights. The company

Key Findings Despite being over two decades old, the NTLM authentication protocol remains a critical security liability in 2025. Cybercriminals are actively exploiting newly discovered vulnerabilities to launch sophisticated attacks across the globe. One of the most alarming vulnerabilities is CVE-2024-43451, which allows attackers to steal a user's NTLMv2 hash with virtually no interaction. The vulnerability abuses the MSHTML engine to trigger an NTLM authentication attempt

Key Findings Gartner recognized One Identity as a Visionary in the 2025 Gartner Magic Quadrant for Privileged Access Management (PAM) Placement as a Visionary reflects the company's emphasis on simplified security, accelerated adoption, and intelligence-driven identity protection Visionary classification validates One Identity's strategy of blending AI-driven administration, flexible deployment, and customer-first design Background According to Gartner, Visionaries are "noted

Key Findings Cybersecurity researchers have discovered a malicious Chrome extension named "Crypto Copilot" that injects hidden Solana transfer fees into Raydium swap transactions. The extension silently appends an extra transfer instruction to each swap, siphoning a minimum of 0.0013 SOL or 0.05% of the trade amount to an attacker-controlled wallet. The malicious behavior is concealed through obfuscation techniques, and the extension's user interface only shows the legitimate

Key Findings A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-62593, has been discovered in the Ray framework. The vulnerability allows attackers to execute arbitrary code on a developer's machine via a malicious website or advertisement, targeting users of Safari and Firefox. The attack exploits a flaw in how Ray handles local API requests, bypassing the framework's defense mechanism that relies on checking the User-Agent header. Background Ray is a

Key Findings Microsoft Teams' "Guest Access" feature allows attackers to bypass security controls like Microsoft Defender for Office 365, creating a "protection-free zone" for malware delivery. Attackers can easily create basic Microsoft 365 accounts without security features and use them to send phishing links and malware to guest users. A recent Microsoft feature that allows any Teams user to start a chat with any email address makes it even easier for attackers to lure vic

Key Findings INE, the leading provider of hands-on IT and Cybersecurity training, announced a significant expansion of its learning portfolio. The new content includes courses, hands-on labs, and certification prep resources designed to help professionals cross-skill and upskill. INE's training model emphasizes hands-on learning, scenario-based exercises, and progressive skill-building paths. INE is offering limited-time pricing during the Black Friday period, providing reduc

Key Findings: Detego Global, the company behind the award-winning Unified Digital Forensics Platform, has launched Detego Case Manager for DFIR, a powerful case management platform for digital forensics and incident response (DFIR) teams. The new platform addresses the real-world challenges of managing high-volume, complex digital investigations across multiple locations and touchpoints, whether on-scene or in the laboratory. Detego Case Manager for DFIR delivers full-spectru

Key Findings CISA has issued an alert warning of threat actors actively using commercial spyware and remote access trojans (RATs) to target users of mobile messaging apps like Signal and WhatsApp. The attackers employ sophisticated social engineering and targeting techniques to deliver spyware and gain unauthorized access to victims' messaging apps, enabling further device compromise. The targeting appears opportunistic but often focuses on high-value individuals such as gove

Key Findings Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud infrastructures. The security defects allow attackers to bypass authentication, perform path traversal, achieve remote code execution, cause denial-of-service conditions, and manipulate tags. Successful exploitation of the flaws could enable attackers to disrupt cloud services, manipu

Key Findings Blast Security, a cybersecurity startup, has launched from stealth with a $10 million seed round co-led by 10D and MizMaa Ventures. The company is founded by industry veterans from Solebit (acquired by Mimecast) and elite IDF units. Blast is introducing a new operating model for cloud security with its first-of-its-kind Preemptive Cloud Defense Platform. The platform replaces reactive response with continuous prevention, turning native cloud control into a preven

Key Findings A critical vulnerability, tracked as CVE-2025-11001, has been discovered in the popular file-compression tool 7-Zip. The flaw, which is a Directory Traversal Remote Code Execution (RCE) vulnerability, has a public exploit available. The vulnerability poses a high-risk warning from the UK's NHS England Digital, though active exploitation has not been observed yet. The issue was discovered by researchers at GMO Flatt Security Inc. and revealed by Trend Micro's Zero

Key Findings Grafana has patched a critical vulnerability (CVE-2025-41115) in its SCIM (System for Cross-domain Identity Management) implementation with a CVSS score of 10.0. The flaw could allow a malicious or compromised SCIM client to provision a user with a numeric `externalId`, enabling potential impersonation or privilege escalation under certain configurations. The vulnerability affects Grafana Enterprise versions from 12.0.0 to 12.2.1 and has been addressed in Grafana