Our Threat Operations and Intelligence team compiles a daily digest of new cybersecurity threats from around the Internet for internal review. Every Friday we publish the top 10 which are culled from the 40+ relevant stories we review every week.
Weekly Top 10: 11.10.2025: State Actors Exploit Sonic Wall Cloud Backup Settings; Slack Account Compromise Exposes 17,368 Records; LinkedIn Phishing Campaign Targets Executive Credential Theft, and More.
State Actors Exploit Sonic Wall Cloud Backup Settings; Slack Account Compromise Exposes 17,368 Records; LinkedIn Phishing Campaign Targets…
Weekly Top 10: 11.03.2025: Bluenoroff Expands Crypto Heists; $14B Crypto Seizure Tied to Scam Syndicate; Microsoft WSUS: Emergency Mitigation for Active RCE, and More.
Bluenoroff Expands Crypto Heists; $14B Crypto Seizure Tied to Scam Syndicate; Microsoft WSUS: Emergency Mitigation for Active RCE, and 7 More.
Weekly Top 10: 10.27.2025: Medusa Ransomware Leaks Claimed 834 GB After $1.2m Demand; Toolshell’ Exploitation Campaign Hits Multiple Sectors; E-Business Suite SSRF Zero-Day Actively Exploited, and More.
Medusa Ransomware Leaks Claimed 834 GB After $1.2m Demand; Toolshell’ Exploitation Campaign Hits Multiple Sectors; E-Business Suite SSRF…
Weekly Top 10: 10.20.2025: Microsoft Revokes 200+ Certs Used in Fake Teams Installers; Chinese Apt ‘Jewelbug’ Hit Russian It Services Firm; CISA ICS Advisory: Hitachi Energy MACH GWS, and More.
Microsoft Revokes 200+ Certs Used in Fake Teams Installers; Chinese Apt 'Jewelbug’ Hit Russian It Services Firm; CISA ICS Advisory: Hitachi…
Weekly Top 10: 10.13.2025: Ransomware Arrests Tied to Kido Education Attack; Discord Confirms 70,000 Users’ ID Photos Exposed; Azure Outage Tied to Kubernetes Crash at Microsoft Front Door, and More.
Ransomware Arrests Tied to Kido Education Attack; Discord Confirms 70,000 Users’ ID Photos Exposed; Azure Outage Tied to Kubernetes Crash at…
Weekly Top 10: 10.06.2025: Hackers Launch Extortion Campaign Targeting Oracle E-Business Suite Customers; GreyNoise Detects 500% Surge in Scans Targeting Palo Alto Networks Portals; Ransomware Gang Sought BBC Reporter’s Help, and More.
Hackers Launch Extortion Campaign Targeting Oracle E-Business Suite Customers; GreyNoise Detects 500% Surge in Scans Targeting Palo Alto…
Weekly Top 10: 09.29.2025: Emergency Directive on Cisco ASA/FTD Zero-Days; Cloudflare Mitigates 22.2 Tbps DDoS; Workforce PII Stolen in Supplier Ransomware Breach, and More.
Emergency Directive on Cisco ASA/FTD Zero-Days; Cloudflare Mitigates 22.2 Tbps DDoS; Workforce PII Stolen in Supplier Ransomware Breach, and 7 More.
Weekly Top 10: 09.22.2025: Microsoft’s September Updates Break SMBv1 Shares; CISA MAR: Malicious Listener Malware on Ivanti EPMM; Critical Azure Entra ID Flaw Highlights IAM Blast Radius and More.
Microsoft’s September Updates Break SMBv1 Shares; CISA MAR: Malicious Listener Malware on Ivanti EPMM; Critical Azure Entra ID Flaw Highlights…
Weekly Top 10: 09.15.2025: CISA Adds a Newly Exploited CVE to the KEV Catalog; Microsoft Patch Tuesday: 81 Flaws, 2 Zero-Days; Google Chrome: Stable Channel Security Update and More.
CISA Adds a Newly Exploited CVE to the KEV Catalog; Microsoft Patch Tuesday: 81 Flaws, 2 Zero-Days; Google Chrome: Stable Channel Security…
Weekly Top 10: 09.08.2025: ViewState Zero-Day in Sitecore (CVE-2025-53690); Debunking Microsoft 365 & Identity Myths; New AI-Powered HexStrike-AI Tool Exploits Citrix Flaws, and More.
ViewState Zero-Day in Sitecore (CVE-2025-53690); Debunking Microsoft 365 & Identity Myths; New AI-Powered HexStrike-AI Tool Exploits Citrix…
Weekly Top 10: 09.01.2025: Attackers Abuse Velociraptor IR Tool; npm ‘Nx’ Supply-Chain Attack Leaks ~20K Sensitive Files; TransUnion Breach Hits 4.4M People, and More.
Attackers Abuse Velociraptor IR Tool; npm ‘Nx’ Supply-Chain Attack Leaks ~20K Sensitive Files; Transunion Breach Hits 4.4M People; and 7 More.
Weekly Top 10: 08.25.2025: ChatGPT Downgrade Attack Highlights GPT-5 Security Risks; 15,000 Jenkins Servers at Risk from RCE Vulnerability; Cybercriminals Abuse AI Website Creation App for Phishing, and More.
ChatGPT Downgrade Attack Highlights GPT-5 Security Risks; 15,000 Jenkins Servers at Risk from RCE Vulnerability; Cybercriminals Abuse AI Website…