Major Threats & Vulnerabilities
Critical Exploits and Zero-Day Vulnerabilities
CISA warned of active exploitation of a critical Adobe ColdFusion flaw (CVE-2026-48282), urging immediate patching and heightened monitoring for unusual activity across federal systems.
BeyondTrust addressed four vulnerabilities in its Remote Support and Privileged Remote Access platforms, including two authentication bypass flaws. Organizations are advised to upgrade immediately, enforce phishing-resistant MFA, and monitor privileged accounts for anomalies.
The Januscape Linux VM escape flaw broke isolation between virtual machines and host systems on Intel and AMD-based KVM setups. The 16-year-old vulnerability has been patched, but administrators should verify /dev/kvm permissions and apply least privilege principles.
Cursor IDE was found to contain two zero-click remote code execution vulnerabilities that could allow attackers to overwrite system files and escape sandbox environments. Enterprises using AI coding assistants are urged to patch immediately.
OWASP ModSecurity versions up to 3.0.15 were found vulnerable to flaws allowing attackers to bypass web application firewall inspection. Security teams should patch and verify multipart request handling to restore full protection.
Cloud and Access Control Weaknesses
Azure CLI was exploited in a large-scale password spray attack that bypassed Conditional Access policies via the ROPC sign-in flow. Organizations should review Conditional Access coverage and disable unnecessary ROPC usage to prevent similar breaches.
Cisco confirmed active exploitation of an SSRF vulnerability in Unified Communications Manager. The company released a fix and advised disabling the WebDialer service until systems are patched.
Apple’s Hide My Email feature was found to expose real email addresses despite previous fixes. Users are advised to exercise caution with sensitive accounts until a complete patch is released.
Barracuda researchers highlighted ongoing exploitation of weak credentials and exposed remote services, with attacks leveraging LemonDuck malware, GoldBrute botnets, and password spraying against FortiGate VPNs.
Emerging AI-Driven Threats
Researchers observed the first ransomware attack conducted almost entirely by an autonomous AI agent. The JadePuffer ransomware exploited a Langflow vulnerability, performing reconnaissance, credential theft, and encryption autonomously—signaling a new era of AI-enabled cyberattacks.
Advanced Persistent Threats and Espionage
University mail servers across the U.S. and Canada were targeted by a China-aligned campaign exploiting Roundcube vulnerabilities. Attackers used credential theft, webshells, and backdoors to maintain persistent access to research departments.
Novel Attack Techniques
The TrojPix attack demonstrated data exfiltration from air-gapped computers using standard video cables, transmitting information up to 208 meters away. The attack requires only user-level privileges once malware is present, emphasizing the need for physical-layer defenses.
Industry News
Major Data Breaches
AssuranceAmerica suffered a breach compromising nearly 7 million records after an employee account was compromised. The company has contained the incident, reset credentials, and notified affected users.
Moody Bible Institute confirmed a breach impacting 2.3 million records after the ShinyHunters group leaked donor, student, and alumni data. The institute is working with cybersecurity experts to assess the full scope.
The Department of Homeland Security reported a breach of its Homeland Security Information Network (HSIN), which shares sensitive but unclassified data. Attackers targeted HSIN servers and a SharePoint environment; investigations are ongoing.
Corporate and Policy Developments
Accenture confirmed a security incident following claims of a 35 GB data theft. The company advised treating any potential code exposure as a credential compromise and rotating keys immediately.
Alibaba banned the use of Claude Code internally amid backdoor concerns, underscoring the need for transparency and vendor documentation in AI coding tools.
The UK government launched a Cyber Resilience Pledge encouraging organizations to adopt a 30/60/90-day framework for cybersecurity governance and NCSC Early Warning enrollment.
Australia’s age verification system for social media failed enforcement tests, allowing underage users to register without proof of age—raising compliance and privacy concerns.
Law Enforcement and Global Operations
Google disrupted the NetNut botnet, cutting off about two million infected Android devices used for proxy abuse. The company disabled command infrastructure and enhanced Play Protect detections.
Vietnamese authorities dismantled the HiAnime piracy network, arresting seven suspects and seizing assets tied to $12.85 million in ad revenue. The case highlights growing international collaboration against digital piracy.
Security Tips & Best Practices
How Well Are You Governing AI?
- Establish AI governance policies, classify sensitive data, and require human review of AI-generated outputs.
- Protect accounts with phishing-resistant MFA and monitor for unauthorized AI tool usage.
- Implement continuous third-party risk management to assess AI vendors and monitor evolving risks.
How Secure are Your Endpoints?
- Deploy EDR or XDR solutions to detect and respond to suspicious endpoint activity.
- Automate patch management and enforce least privilege with phishing-resistant MFA.
- Adopt a Zero Trust approach with continuous monitoring of device health and user access.
Protect Yourself From Job Scams
- Verify recruiters and job opportunities through official company sites or LinkedIn before applying.
- Inspect links and login prompts carefully to avoid lookalike domains and suspicious payment requests.
- Enable phishing-resistant MFA such as passkeys or security keys to protect accounts even if credentials are stolen.
Protect Against Botnets
- Patch internet-facing systems and disable unnecessary remote access.
- Enable phishing-resistant MFA on all accounts.
- Segment IoT devices onto separate networks to limit lateral movement.
- Monitor for suspicious traffic using EDR/XDR, SIEM, and SASE platforms.
- Use threat intelligence tools to track command-and-control activity.
How Strong Is Your Email Security?
- Implement phishing-resistant MFA and Zero Trust to verify all users and devices.
- Use advanced filtering and secondary verification to block malicious emails.
- Deploy AI-powered email security tools with threat intelligence and sandboxing.
Tools & Resources
Simplify compliance — get ready-to-use security policies to help protect your business without the cost or complexity of an enterprise, all for under $100.
Security teams exploring AI-driven security automation should review guidance on building trust in agentic security to ensure responsible deployment of autonomous systems.
If you want to see more from our Newsletter Archive please click here.





