📢 Cyber budget cuts are slowing down, but that doesn't mean there's light on the horizon for security teams 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
A new ISC2 survey indicates that both layoffs and budget cuts are on the decline.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Cyber budget cuts are slowing down, but that doesn't mean there's light on the horizon for security teams
A new ISC2 survey indicates that both layoffs and budget cuts are on the decline
🦅 The Week in Vulnerabilities: Cyble Urges D-Link, React Server Fixes 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
IT and ICS vulnerabilities " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202512ITandICSvulnerabilities2300x150.webp" datalargefile"httpscyble.comwpcontentuploads202512ITandICSvulnerabilities2.webp" noscript"The Week in Vulnerabilities Cyble Urges DLink, React Server Fixes 1" Cyble Vulnerability Intelligence researchers tracked 591 vulnerabilities in the last week, and more than 30 already have a publicly available ProofofConcept PoC, significantly increasing the likelihood of realworld attacks on those vulnerabilities. A total of 69 vulnerabilities were rated as critical under the CVSS v3.1 scoring system, while 26 received a critical severity rating based on the newer CVSS v4.0 scoring system. Here are some of the more critical IT and ICS vulnerabilities flagged...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
New IT And ICS Vulnerabilities Tracked In Latest Cyble Report
Cyble tracked 591 vulnerabilities this week, including critical IT and ICS vulnerabilities, some with PoCs, raising risk of real-world attacks.
🌊 Beyond Alerts: Why “Detection-as-Code” Is the Missing Link in AI-Driven SOCs 🌊
📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
The industry has embraced AI as the antidote to alert fatigue, suppressing false positives, elevating highconfidence events, and spotting behavioral anomalies. Yet the problem isnt AI accuracy but everything that The post Beyond Alerts Why DetectionasCode Is the Missing Link in AIDriven SOCs appeared first on UnderDefense.📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
UnderDefense
Detection-as-Code: The Missing Link AI-SOCs Need
Learn why AI-driven SOCs still drown teams in alert noise and how Detection-as-Code creates the feedback loop, governance, and precision.
🔥2
🖋️ Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The threat actor known as Storm0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL sideloading, and fileless PowerShell execution to facilitate ransomware attacks. "These methods allow them to bypass defenses, infiltrate networks, maintain persistence, and operate undetected, raising serious concerns for.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 DeadLock Ransomware Uses BYOVD to Evade Security Measures 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Cisco Talos has detected new tactics from a financially motivated actor using DeadLock ransomware.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
DeadLock Ransomware Uses BYOVD to Evade Security Measures
Cisco Talos has detected new tactics from a financially motivated actor using DeadLock ransomware
🖋️ Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Four distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader, strengthening the previous assessment that the tool is offered to other threat actors under a malwareasaservice MaaS model. The threat actor behind CastleLoader has been assigned the name GrayBravo by Recorded Future's Insikt Group, which was previously tracking it as TAG150.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Malicious VS Code Extensions Deploy Advanced Infostealer 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Malicious VS Code Extensions Deploy Advanced Infostealer
Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data
❤1
📔 React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean hackers involvement.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics
Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean hackers’ involvement
📢 Researchers claim Salt Typhoon masterminds learned their trade at Cisco Network Academy 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
The Salt Typhoon hacker group has targeted telecoms operators and US National Guard networks in recent years.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
Researchers claim Salt Typhoon masterminds learned their trade at Cisco Network Academy
The Salt Typhoon hacker group has targeted telecoms operators and US National Guard networks in recent years
📢 The NCSC touts honeypots and ‘cyber deception’ tactics as the key to combating hackers — but they could ‘lead to a false sense of security’ 📢
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
Trials to test the realworld effectiveness of cyber deception solutions have produced positive results so far.📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
IT Pro
The NCSC touts honeypots and ‘cyber deception’ tactics as the key to combating hackers — but they could ‘lead to a false sense…
Trials to test the real-world effectiveness of cyber deception solutions have produced positive results so far
❤1
🦿 Apple Releases macOS Sequoia 15.7.3 Security Update 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
Apple has released macOS Sequoia 15.7.3 with important security fixes. Heres what to know before installing the update. The post Apple Releases macOS Sequoia 15.7.3 Security Update appeared first on TechRepublic.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
Apple Releases macOS Sequoia 15.7.3 Security Update
Apple has released macOS Sequoia 15.7.3 with important security fixes. Here’s what to know before installing the update.
🦿 Are Your AI Assistants Under Attack? 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
Many users utilize an AI assistant to handle their inbox, leaving them vulnerable to attack. The post Are Your AI Assistants Under Attack? appeared first on TechRepublic.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
Are Your AI Assistants Under Attack?
Many users utilize an AI assistant to handle their inbox, leaving them vulnerable to attack.
🦿 ServiceNow Mulls $7B Armis Cybersecurity Acquisition 🦿
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
The deal could be announced within days, according to Bloomberg. The post ServiceNow Mulls 7B Armis Cybersecurity Acquisition appeared first on TechRepublic.📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
TechRepublic
ServiceNow Mulls $7B Armis Cybersecurity Acquisition
The deal could be announced within days, according to Bloomberg.
🖋️ ⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiting critical flaws in the daily software we all rely onand in some cases, they started attacking before a fix was even ready. Below, we list the urgent updates you need to install right now to stop these active threats. Threat of the Week Apple and.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ A Browser Extension Risk Guide After the ShadyPanda Campaign 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge browser extensions on a massive scale. A threat group dubbed ShadyPanda spent seven years playing the long game, publishing or acquiring harmless extensions, letting them run clean for years to build trust and gain millions of installs, then suddenly flipping them into.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🤯1
🖋️ Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images. The activity, codenamed Operation MoneyMountISO by Seqrite Labs, has primarily singled out finance and accounting entities, with those in the procurement, legal, payroll.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The proRussian hacktivist group known as CyberVolk aka GLORIAMIST has resurfaced with a new ransomwareasaservice RaaS offering called VolkLocker that suffers from implementation lapses in test artifacts, allowing users to decrypt files without paying an extortion fee. According to SentinelOne, VolkLocker aka CyberVolk 2.x emerged in August 2025 and is capable of targeting both Windows.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Asahi Groups CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack
Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company
📔 Top 25 Most Dangerous Software Weaknesses of 2025 Revealed 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Top 25 Most Dangerous Software Weaknesses of 2025 Revealed
MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs
📔 NCSC Playbook Embeds Cyber Essentials in Supply Chains 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The UKs National Cyber Security Centre has called on businesses to apply Cyber Essentials to suppliers.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
NCSC Playbook Embeds Cyber Essentials in Supply Chains
The UK’s National Cyber Security Centre has called on businesses to apply Cyber Essentials to suppliers
🖋️ FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Multiple security vulnerabilities have been disclosed in the opensource private branch exchange PBX platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations. The shortcomings, discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025, are listed below CVE202561675 CVSS score 8.6 Numerous.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity