weekly
SIGNALS WEEKLY: Chrome 0-Day in the Wild + December Patch Tuesday Priv-Esc
Chrome 0-day in the wild + Windows priv-esc getting abused + OT VNC still exposed like it’s 2009. 😬🔥
vulnerabilities
forecasts
Will UNC5221 pop a fresh zero-day before Dec 31? Final Forecast!
BRICKSTORM intel just landed: PRC actors camping in vCenter/ESXi + Windows. 🧱🕵️♂️ F5 source-code drama raises the long-run 0-day odds, but the calendar + attribution lag are savage. Our final call: 11% UNC5221 gets publicly tied to a new 0-day before Dec 31. 🎯
weekly
SIGNALS WEEKLY: Android Banking Malware & VS Code Worms Go Mainstream
🚨 CodeRED alerts ransomed. 🐛 Shai Hulud 2.0 looting CI/CD secrets. 📱 107 Android bugs + Albiriox on-device fraud. Signals Weekly on what to fix first.
weekly
SIGNALS WEEKLY: Wormed Repos, Multi-Vector APTs, KEV Identity RCE
Wormed npm repos. Multi-vector APTs. KEV-listed identity RCE. If your CI/CD + SSO aren’t on the same crisis board this week, you’re already late. 😈🚨
weekly
SIGNALS WEEKLY: Keys & Gates — Windows kernel EoP; Cisco RA VPN reloads
Keys. Gates. Windows. Actively exploited Win kernel EoP ✅ (CVE-2025-62215). Cisco RA-VPN bugs can reload unpatched edges. LANDFALL used Samsung’s image bug (CVE-2025-21042). Which breaks first in your shop?
vmware
VMware Vulnerabilities: APT29, APT41, and APT28's Exploitation Tactics
Recent analysis highlights the potential exploitation of VMware vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) by APT29, APT41, and APT28. These groups are known for...
vulnerabilities
Top Vulnerabilities Exploited by Threat Actors: December 2024 Analysis
These vulnerabilities include remote code execution (RCE) flaws in Windows components such as Hyper-V, Remote Desktop Services, and the Local Security Authority Subsystem Service (LSASS)
auto
Emerging Cybersecurity Threats in Software-Defined Vehicles: Trends, Attack Vectors, and Strategic Recommendations
Software-defined vehicles (SDVs) are revolutionizing the automotive industry by integrating advanced software and connectivity features that enhance vehicle functionality and user experience.
threat-actors
Threat Actors LIKELY Targeting CVE-2024-5910: Understanding the Risks in Palo Alto Networks' Expedition Tool
CVE-2024-5910 presents a critical vulnerability within Palo Alto Networks' Expedition tool, arising from missing authentication on a vital function. This flaw opens the door for attackers with network access to seize control over admin accounts.
vulnerabilities
Prioritizing Vulnerability Patching: Key Threats and Actors for October 2024
The vulnerabilities identified include CVE-2024-43572, a Microsoft Management Console RCE vulnerability, and CVE-2024-43573, a Windows MSHTML Platform spoofing vulnerability. Both have been actively exploited in the wild, with threat actors such as APT29, FIN7, APT28...