If you can read this, you're in the top 1% of the world.

Another bleeding-edge version of VEDAS is out now 🎉🥳

Many network-exploitable vulnerabilities, such as CVE-2025-47188, remains delayed, poorly documented and lack meaningful enrichment. Despite being actively exploited since May 2025, this vulnerability is still not enriched by NVD, EPSS or proprietary vulnerability databases.

VEDAS can be used for Mining Exploit Intelligence linked to vulnerability identifiers like CVE, EUVD, CNNVD, and BDU and can be helpful in developing custom Nuclei templates and extending its coverage, supporting the growing community of security teams, researchers, and ASM providers.

Read More: https://www.osintteam.com/mining-exploit-intelligence-to-develop-custom-nuclei-templates-for-cve-euvd-cnnvd-bdu/

Anthropic reported that in mid-September 2025 a Chinese state-sponsored group ran a large espionage campaign using AI agents to carry out most of the work. About 30 organizations in tech, finance, manufacturing and government were targeted. The attackers used their AI system with Claude Code to handle reconnaissance, vulnerability finding, credential harvesting, back-door setup, data theft and record keeping, while humans stepped in only a few times per operation.

https://www.anthropic.com/news/disrupting-AI-espionage

Eugenio Benincasa writes that in China’s case, many government disclosures by the U.S. and other Western countries have pointed to APT groups and individual operators allegedly linked to provincial bureaus of the Ministry of State Security (MSS), China’s premier civilian intelligence agency. These bureaus function as the operational nerve centres of China’s cyber apparatus. The MSS is not a monolith: it is highly provincialized, with bureaus that cultivate their own bureaucratic interests, talent pipelines, and trusted ecosystems of companies and individual professionals and researchers.

https://nattothoughts.substack.com/p/the-many-arms-of-the-mss-why-provincial

Vulnerability prioritization frameworks such as KEV and EPSS are fundamentally limited because they rely on mass exploitation telemetry and sensor-network–driven signals that act as lagging indicators and miss emerging, high-impact threats. These systems overemphasize low-effort, automated exploitation activity, lack full-spectrum exploit intelligence, and are unable to reliably interpret exploit artifacts or autonomously map them to CVE, resulting in false negatives and delayed response.

In contrast, ARPSyndicate’s Vulnerability & Exploit Data Aggregation System (VEDAS) (https://vedas.arpsyndicate.io) is an early-warning standard that crawls, comprehends, and clusters real-world exploit artifacts globally, assigns its own identifiers to exploitable vulnerabilities, and prioritizes exploit maturity and discovery over noisy mass-exploitation metrics. This approach enabled VEDAS to consistently outperform EPSS and KEV throughout 2025 by surfacing actionable threats before they appeared on conventional radars.

Today, we introduce the VEDAS-driven autonomous generation of Suricata rules for CVEs on GitHub.

This repository is intended to function as an open, collaborative validation environment for Suricata rules autonomously produced by ARPSyndicate’s Vulnerability & Exploit Data Aggregation System (VEDAS). While VEDAS is often associated with offensive research, its capabilities extend strongly into defensive security as well.

Although AI enables the rapid, large-scale generation of detection rules from vulnerability and exploit intelligence, effective security detection depends on transparency, human oversight, and validation in real-world conditions.

By releasing these AI-generated rules openly, we aim to empower the security community to review, test, and refine detection logic through issues and pull requests.

Our objective is to combine AI-driven automation with open-source collaboration to enhance reliability and accelerate intelligence-led detection engineering for everyone.

https://github.com/ARPSyndicate/suricata-vedas

DomainTools Investigation reveals that tools like ZoomEye and the Critical Infrastructure Target Library give China a global reconnaissance system that catalogs millions of foreign IPs, domains, and organizations mapped by sector, geography, and strategic value. Massive datasets containing real names, ID numbers, mobile phones, emails, and credentials allow Knownsec and its government clients to correlate infrastructure with people, enabling rapid deanonymization, targeting, and social engineering.

https://dti.domaintools.com/the-knownsec-leak-yet-another-leak-of-chinas-contractor-driven-cyber-espionage-ecosystem/

ARPSyndicate is proud to support CSAI’s Cyber Security Centre for Research & Innovations (C3IR) in this initiative.

As part of our involvement with C3IR, we are actively hiring interns for this Offensive Security Research Internship. If you are passionate about CVE analysis, vulnerability research, reverse engineering, embedded security, or low-level software analysis, applications are welcome.

All details are in the link below.

https://www.linkedin.com/posts/nkgoyals_cybersecurity-internship-cybersecurityinternship-share-7469639258463473664-MoiW

𝗧𝗵𝗲 𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝘁𝗼 𝗻𝗮𝘃𝗶𝗴𝗮𝘁𝗲 𝘂𝗻𝗰𝗲𝗿𝘁𝗮𝗶𝗻𝘁𝘆 𝗶𝘀 𝗶𝗻 𝗼𝘂𝗿 𝗴𝗲𝗻𝗲𝘀. 𝗔𝗻𝗱 𝘀𝗼 𝗶𝘀 𝘁𝗵𝗲 𝘄𝗶𝗹𝗹 𝘁𝗼 𝘀𝗲𝗰𝘂𝗿𝗲 𝘄𝗵𝗮𝘁 𝘄𝗲'𝘃𝗲 𝗯𝘂𝗶𝗹𝘁.

Industry. Academia. Defence. One resilient unit. This week's National Conference on Telecom Security in the Era of AI & Quantum Computing, convened by Cyber Security Association of India, brought together some of India's most consequential voices in national security including Mr. Narendra Nath Gangavarapu (Joint Secretary, NSCS), Lt. Gen (Dr.) Rajesh Pant (Former National Cyber Security Coordinator), and Lt. Gen. Vivek Dogra (Signal Officer-in-Chief) shaped a conversation that went far beyond policy.

𝗧𝗵𝗲 𝘁𝗵𝗿𝗲𝗮𝘁 𝗹𝗮𝗻𝗱𝘀𝗰𝗮𝗽𝗲 𝗵𝗮𝘀 𝗳𝘂𝗻𝗱𝗮𝗺𝗲𝗻𝘁𝗮𝗹𝗹𝘆 𝗰𝗵𝗮𝗻𝗴𝗲𝗱.
National security no longer ends at land, air, and sea. It extends into every network, every chip, every line of code running critical infrastructure. Of India's 8 critical sectors, 2 are super-critical: Power and Telecom. Everything else runs on top of these two.

𝗪𝗲 𝗺𝘂𝘀𝘁 𝗿𝗶𝘀𝗲 𝗮𝗯𝗼𝘃𝗲 𝘇𝗲𝗿𝗼-𝗱𝗮𝘆𝘀, 𝗮𝗻𝗱 𝗽𝗿𝗲𝗽𝗮𝗿𝗲 𝗳𝗼𝗿 𝗤-𝗱𝗮𝘆.
The quantum threat is not theoretical. It is a countdown. The National Quantum Mission carries a ₹6,000 crore mandate, but security, beyond just cyber, was absent from its original design. That gap must be closed before the clock runs out.

𝗧𝗲𝗰𝗵𝗻𝗼𝗹𝗼𝗴𝘆 𝗮𝗹𝗼𝗻𝗲 𝗶𝘀 𝗻𝗼𝘁 𝘁𝗵𝗲 𝗮𝗻𝘀𝘄𝗲𝗿. 𝗜𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗮𝘁𝗶𝗼𝗻 𝗶𝘀.
Bad implementation of great products is itself an attack surface. The guidelines and documentation exist. What is missing is execution, governance frameworks that convert capability into protection. Policy scaffolding is not bureaucracy. It is the difference between a tool and a weapon pointed the right way. The National Cyber Range, built in partnership with Russia, begins operations in July. But a range is only as powerful as the scenarios run on it.

𝗦𝗼𝘃𝗲𝗿𝗲𝗶𝗴𝗻𝘁𝘆 𝗯𝗲𝗴𝗶𝗻𝘀 𝗮𝘁 𝘁𝗵𝗲 𝗰𝗶𝗿𝗰𝘂𝗶𝘁 𝗯𝗼𝗮𝗿𝗱.
PCB design must happen in India, built on Indian components. Equipment that cannot be verified cannot be trusted. The design of our machines is as strategic as the doctrine that deploys them.

𝗧𝗵𝗲 𝗵𝘂𝗺𝗮𝗻 𝗯𝗲𝗵𝗶𝗻𝗱 𝘁𝗵𝗲 𝗺𝗮𝗰𝗵𝗶𝗻𝗲 𝗶𝘀 𝘀𝘁𝗶𝗹𝗹 𝗶𝗿𝗿𝗲𝗽𝗹𝗮𝗰𝗲𝗮𝗯𝗹𝗲.
AI must maximise speed and scale: but ultimate decisions must remain in the hands of a scientist or a general. We must invest in problem-solvers anchored in one sector, trained deeply, trusted fully. GoI is spending thousands of crores on this. That investment must produce long-tenure, sector-dedicated expertise and not generalists cycling across verticals.

These conversations don't happen by accident. Thank you Prof NK Goyal for creating the space and for making sure the right people were in it.