AI-Powered Development Tools | Security Vulnerabilities | Supply Chain Risks Cursor AI Code Editor getting hammered through compromised repositories
SAP Software Security | Vulnerability Management SAP S/4HANA vulnerability CVE-2025-42957 actively exploited
Cybersecurity Vulnerabilities | Device Security | Network Protection The US Cybersecurity Agency has highlighted a vulnerability in Wi-Fi range extenders that is currently being exploited.
Container Isolation | Docker Desktop | Security Vulnerability Docker vulnerability (CVE-2025-9074) allows container escape, assigned CVSS of 9.3
Security Vulnerabilities | Software Updates | Targeted Attacks Apple releases fix for CVE-2025-43300 zero-day vulnerability
Pentesting Automation | Real-time Insights | Vulnerability Management Automation is transforming how penetration testing services are provided.
3D Product Configurators | Network Security Risks | State-Sponsored Cyber Threats | Vulnerability Exploitation FBI alleges Russian APT group exploiting old Cisco vulnerability (CVE-2018-0171)
Cisco Products | Mitigation Strategies | Security Vulnerability Cisco Secure Firewall vulnerability enables remote shell command injections
Cybersecurity Threats | Malware Exploitation | Software Vulnerabilities CVE-2025-8088 – WinRAR path traversal vulnerability exploited to run malicious software
Denial of Service | Security Vulnerability | Software Update Apache Tomcat vulnerabilities allow Denial of Service (DoS) attacks
Cybersecurity Threats | DDoS Attacks | HTTP/2 Vulnerabilities MadeYouReset vulnerability in HTTP2 facilitates large-scale DDoS attacks
Authentication Vulnerabilities | Cybersecurity Threats | Phishing Techniques Hackers using specialized phishing tools for downgrade attacks on FIDO authentication
Remote Code Execution | Security Vulnerabilities | Software Updates New Zoom and Xerox security updates address privilege escalation and remote code execution (RCE)
Cybersecurity | Industrial Control Systems | Vulnerability Exploitation Operational Technology (OT) networks are being extensively targeted due to vulnerabilities found in Erlang/OTP.
Cybersecurity Vulnerabilities | Exploitation of Operational Technology | Targeted Industries Researchers have observed a significant increase in remote code execution (RCE) exploits targeting the Erlang/OTP SSH protocol, with 70% of these attacks aimed at operational technology (OT) firewalls.
Cyberespionage | Cybersecurity | Vulnerabilities RomCom hackers are utilizing a zero-day vulnerability in WinRAR to conduct specific targeted attacks.
Remote Procedure Call Security | Spoofing Attacks | Vulnerability Disclosure Researchers have outlined a Windows EPM poisoning exploit sequence that can result in escalated privileges within a domain.
Cloud Security | Cybersecurity | Vulnerability Management Organizations Alerted to Security Flaw in Microsoft Exchange Hybrid Setup
HTTP Vulnerability | Protocol Upgrades | Security Mitigations A critical flaw in HTTP/1.1 has put millions of websites at risk of being seized by malicious actors.
Firmware Vulnerabilities | Keyless Entry Exploits | Vehicle Security The ‘DarkWeb’ firmware for Flipper Zero circumvents rolling code security systems used by several leading car manufacturers.
Cybersecurity Advisory | Hybrid Deployment Mitigation | Microsoft Exchange Vulnerability CISA Issues Urgent Advisory Calling on Federal Agencies to Fix Exchange Server Flaw by Monday.
Customer Guidance | Cybersecurity Vulnerabilities | Ransomware Attacks SonicWall has verified that there are no new zero-day vulnerabilities in SSLVPN, stating that the recent ransomware attack is associated with an older vulnerability.
Cybersecurity Vulnerability | Microsoft Exchange Server | Privilege Escalation A newly discovered vulnerability in Microsoft Exchange Server allows attackers to acquire administrative privileges.
Evasion Techniques | Exploitation of Vulnerabilities | Ransomware Tactics The Akira ransomware employs Windows drivers to evade antivirus and endpoint detection and response systems during attacks on SonicWall.
AI Development Tools | Cybersecurity | Software Vulnerabilities A newly identified MCPoison attack utilizes the Cursor IDE’s MCP validation process to run arbitrary commands within the system.
AI Development Risks | Cybersecurity Vulnerabilities | Remote Code Execution A vulnerability in the Cursor AI Code Editor allows for remote code execution (RCE) by swapping in a malicious MCP file after it has been approved.
Cloud Security Risks | Financial Data Manipulation | Vulnerability Exploitation A newly discovered vulnerability in Streamlit enables cybercriminals to execute cloud account takeover attacks.
Cybersecurity Threats | Mitigation Strategies | Vulnerability Management SonicWall has issued a warning about a rise in cyberattacks aimed at their Generation 7 firewalls over the past 72 hours.
