π¦
The Week in Vulnerabilities: Apple, Citrix Flaws Draw Threat Actor Interest π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
IT Vulnerabilities Recorded by Cyble " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202509ITVulnerabilitiesRecordedbyCyble300x150.webp" datalargefile"httpscyble.comwpcontentuploads202509ITVulnerabilitiesRecordedbyCyble.webp" title"The Week in Vulnerabilities Apple, Citrix Flaws Draw Threat Actor Interest 1" Cyble Vulnerability Intelligence researchers tracked 787 vulnerabilities in the last week, and more than 229 of the disclosed vulnerabilities already have publicly available ProofsofConcept PoCs. The exploitation rate just under 30 is at the high end of the 2030 range observed by Cyble in recent weeks. A total of 56 vulnerabilities were rated as critical under CVSS v3.1, while 43 received a critical severity rating based on the newer CVSS v4.0 scoring system....π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Top IT Vulnerabilities Tracked By Cyble This Week
Cyble tracked 787 IT vulnerabilities this week, including 229 with public PoCs. Learn about critical threats, active exploits, and urgent patch priorities.
ποΈ VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have flagged a new malware campaign that has leveraged Scalable Vector Graphics SVG files as part of phishing attacks impersonating the Colombian judicial system. The SVG files, according to VirusTotal, are distributed via email and designed to execute an embedded JavaScript payload, which then decodes and injects a Base64encoded HTML phishing page masquerading as a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
ποΈ Automation Is Redefining Pentest Delivery ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Pentesting remains one of the most effective ways to identify realworld security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn't kept pace. Most organizations still rely on traditional reporting methodsstatic PDFs, emailed documents, and spreadsheetbased tracking. The problem? These outdated workflows introduce delays,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π 61% of US Companies Hit by Insider Data Breaches π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The OPSWAT report found that insider breaches cost impacted firms 2.7m on average due to factors such as regulatory fines and diminished productivity.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
61% of US Companies Hit by Insider Data Breaches
The OPSWAT report found that insider breaches cost impacted firms $2.7m on average due to factors such as regulatory fines and diminished productivity
β€1
π US and 14 Allies Release Joint Guidance on Software Bill of Materials π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The joint guidance is a welcome first step towards a common, global adoption of SBOMs, experts argued.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ποΈ SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A critical security vulnerability impacting SAP S4HANA, an Enterprise Resource Planning ERP software, has come under active exploitation in the wild. The command injection vulnerability, tracked as CVE202542957 CVSS score 9.9, was fixed by SAP as part of its monthly updates last month. "SAP S4HANA allows an attacker with user privileges to exploit a vulnerability in the function module.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¨ NCSC statement: Incident impacting Jaguar Land Rover π¨
π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
Statement from the NCSC regarding the cyber incident affecting Jaguar Land Rover.π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
National Cyber Security Centre
NCSC statement: Incident impacting Jaguar Land Rover
Statement from the NCSC regarding the cyber incident affecting Jaguar Land Rover.
π macOS Stealer Campaign Uses βCrackedβ App Lures to Bypass Apple Security π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Trend Micro observed the attackers using terminalbased installation methods for the AMOS malware, luring macOS users into installing cracked versions of apps.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
macOS Stealer Campaign Uses βCrackedβ App Lures to Bypass Apple Security
Trend Micro observed the attackers using terminal-based installation methods for the AMOS malware, luring macOS users into installing cracked versions of apps
π Dropzone AI Against 11 Rivals: AI SOC Showdown 2025 π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Running a Tesla on autopilot in LA is fine. In a warzone, though? Youd not give it a chance. Yet some companies switch cybersecurity onto autopilot with AI SOC, reducing human oversight to zero. One of those AI SOC startups is Dropzone AI, but rivals are lining up. Lets see which Dropzone AI competitors are The post Dropzone AI Against 11 Rivals AI SOC Showdown 2025 appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Top 11 Dropzone AI Competitors & Alternatives in the AI SOC Market (2025)
Compare Dropzone AI company with top AI SOC competitors in 2025. Learn strengths, limits, and why hybrid SOCs beat full-autonomy.
π’ Letβs talk about digital sovereignty π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
In the age of AI and cloud, where data resides is a key consideration.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Letβs talk about digital sovereignty
In the age of AI and cloud, where data resides is a key consideration
π’ Lack of visibility creates "cascade" of security risk, says Kiteworks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Organizations that don't keep track of data breaches, shadow AI, and thirdparty counts face dramatically worse outcomes across every metric.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Lack of visibility creates "cascade" of security risk, says Kiteworks
Organizations that don't keep track of data breaches, shadow AI, and third-party counts face dramatically worse outcomes across every metric
π South Carolina School District Data Breach Affects 31,000 People π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
An investigation has revealed that files were stolen in a data breach affecting a South Carolina school district.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
South Carolina School District Data Breach Affects 31,000 People
An investigation has revealed that files were stolen in a data breach affecting a South Carolina school district
π¦Ώ Cybercriminals βGrokβ Their Way Past Xβs Defenses to Spread Malware π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Hackers exploit Xs Grok AI to spread malware via promoted ads, exposing millions to malicious links in a scheme researchers call Grokking.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Cybercriminals βGrokβ Their Way Past Xβs Defenses to Spread Malware
Hackers exploit Xβs Grok AI to spread malware via promoted ads, exposing millions to malicious links in a scheme researchers call βGrokking.β
π€1
ποΈ TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actor behind the malwareasaservice MaaS framework and loader called CastleLoader has also developed a remote access trojan known as CastleRAT. "Available in both Python and C variants, CastleRAT's core functionality consists of collecting system information, downloading and executing additional payloads, and executing commands via CMD and PowerShell," Recorded Future Insikt Group.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
π Bridgestone Confirms "Limited Cyber Incident" Impacting Facilities in North America π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Bridgestone Americas confirmed the incident but has not detailed the scope of the attack.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Bridgestone Confirms "Limited Cyber Incident" Impacting Facilities in North America
Bridgestone Americas confirmed the incident but has not detailed the scope of the attack
ποΈ CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Federal Civilian Executive Branch FCEB agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active exploitation in the wild. The vulnerability, tracked as CVE202553690, carries a CVSS score of 9.0 out of a maximum of 10.0, indicating critical severity. "Sitecore Experience Manager XM, Experience.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
βοΈ GOP Cries Censorship Over Spam Filters That Work βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
The chairman of the Federal Trade Commission FTC last week sent a letter to Google's CEO demanding to know why Gmail was blocking messages from Republican senders while allegedly failing to block similar missives supporting Democrats. The letter followed media reports accusing Gmail of disproportionately flagging messages from the GOP fundraising platform WinRed and sending them to the spam folder. But according to experts who track daily spam volumes worldwide, WinRed's messages are getting blocked more because its methods of blasting email are increasingly way more spammy than that of ActBlue, the fundraising platform for Democrats.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
GOP Cries Censorship Over Spam Filters That Work
The chairman of the Federal Trade Commission (FTC) last week sent a letter to Google's CEO demanding to know why Gmail was blocking messages from Republican senders while allegedly failing to block similar missives supporting Democrats. The letter followedβ¦
ποΈ Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active since at least April 2025. "The campaign is targeted towards employees of KazMunaiGas or KMG where the threat entity.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers. "The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secretly exfiltrating private keys and mnemonic seeds to a Telegram bot controlled by the threat actor," Socket researcher.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π NPM Supply Chain Attack That Shook Devs (But Barely Paid Hackersβ Bills) π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
If youve been anywhere near developer Twitter sorry, X this week, youve probably seen the headlines Largest NPM supply chain hack in history. Sounds apocalyptic, right? Millions of developers at risk, billions of downloads compromised and yet the attackers managed to steal less money than your average Starbucks order. Lets break this down. What Happened The post NPM Supply Chain Attack That Shook Devs But Barely Paid Hackers Bills appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Largest NPM Supply Chain Attack : Billions of Downloads
Largest NPM Supply Chain Hack: Hackers compromised 18 NPM packages. Hereβs what happened, why it matters, and how to protect your code.
β€2
βοΈ Microsoft Patch Tuesday, September 2025 Edition βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zeroday" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft's mostdire "critical" label. Meanwhile, both Apple and Google recently released updates to fix zeroday bugs in their devices.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Microsoft Patch Tuesday, September 2025 Edition
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includesβ¦