weekly
SIGNALS WEEKLY: Wormed Repos, Multi-Vector APTs, KEV Identity RCE
Wormed npm repos. Multi-vector APTs. KEV-listed identity RCE. If your CI/CD + SSO aren’t on the same crisis board this week, you’re already late. 😈🚨
vulnerabilities
weekly
SIGNALS WEEKLY: Keys & Gates — Windows kernel EoP; Cisco RA VPN reloads
Keys. Gates. Windows. Actively exploited Win kernel EoP ✅ (CVE-2025-62215). Cisco RA-VPN bugs can reload unpatched edges. LANDFALL used Samsung’s image bug (CVE-2025-21042). Which breaks first in your shop?
vmware
VMware Vulnerabilities: APT29, APT41, and APT28's Exploitation Tactics
Recent analysis highlights the potential exploitation of VMware vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) by APT29, APT41, and APT28. These groups are known for...
vulnerabilities
Top Vulnerabilities Exploited by Threat Actors: December 2024 Analysis
These vulnerabilities include remote code execution (RCE) flaws in Windows components such as Hyper-V, Remote Desktop Services, and the Local Security Authority Subsystem Service (LSASS)
auto
Emerging Cybersecurity Threats in Software-Defined Vehicles: Trends, Attack Vectors, and Strategic Recommendations
Software-defined vehicles (SDVs) are revolutionizing the automotive industry by integrating advanced software and connectivity features that enhance vehicle functionality and user experience.
threat-actors
Threat Actors LIKELY Targeting CVE-2024-5910: Understanding the Risks in Palo Alto Networks' Expedition Tool
CVE-2024-5910 presents a critical vulnerability within Palo Alto Networks' Expedition tool, arising from missing authentication on a vital function. This flaw opens the door for attackers with network access to seize control over admin accounts.
vulnerabilities
Prioritizing Vulnerability Patching: Key Threats and Actors for October 2024
The vulnerabilities identified include CVE-2024-43572, a Microsoft Management Console RCE vulnerability, and CVE-2024-43573, a Windows MSHTML Platform spoofing vulnerability. Both have been actively exploited in the wild, with threat actors such as APT29, FIN7, APT28...