π 6 Blumira Alternatives: 2025βs Dive into AI SOCs π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Blumira SIEMXDR sits in that good enough ground for IT managers without a fullblown SOC team. But if youve outgrown simple setups or are finally budgeting for real breach prevention, youve got options. Here well unpack 6 Blumira alternatives what they get right, where they fall short, and when youll need more than just automation. The post 6 Blumira Alternatives 2025s Dive into AI SOCs appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Top 6 Blumira Alternatives & AI SOC Competitors in 2025
Compare Blumira with 6 leading AI SOC platforms in 2025. Explore strengths, blind spots, costs, and why human-led MDR still beats autonomous SOCs.
π The SLA in Cybersecurity: Defining Your SOCβs Accountability π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
247 monitoring and glossy dashboards give you visibility, but they arent a substitute for a legally enforceable Service Level Agreement SLA. A wellwritten SLA in cybersecurity does three things it clarifies whos responsible for what, so theres no fingerpointing during an incident it converts vendor capabilities into testable, auditable commitments and it gives your procurement The post The SLA in Cybersecurity Defining Your SOCs Accountability appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
SOC Vendor SLA: What to Insist On Before You Outsource Security
Learn exactly what to demand from a SOC vendor SLAβmeasurable KPIs, response targets, penalties, and reporting.
π Risks of AI Integration: Real-world Exploits and Mitigation Steps π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
AI integration into enterprise products and services boosts content generation, data analysis, process automation, and customer interaction. However, it also introduces new risks that dont follow the old rules of web or APIbased security. As more users interact with LLMenhanced systems, the risk of misuse and data leaks grows. The cybersecurity community has already uncovered The post Risks of AI Integration Realworld Exploits and Mitigation Steps appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Real-world examples of AI integration security issues and practical recommendations.
Discover real AI integration cyber attack incidents involving LLMs. Learn how attackers exploit these systems and how to design AI-powered features securely.
π¦
Australian Cyber Authorities Warn of Active Exploitation of SonicWall SSL Vulnerability (CVE-2024-40766) π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
CVE202440766 " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202509CVE202440766300x150.webp" datalargefile"httpscyble.comwpcontentuploads202509CVE202440766.webp" title"Australian Cyber Authorities Warn of Active Exploitation of SonicWall SSL Vulnerability CVE202440766 1" The Australian Signals Directorates Australian Cyber Security Centre ASDs ACSC has issued an urgent warning following the active exploitation of a critical vulnerability affecting SonicWall SSL VPN appliances across Australia. The flaw, CVE202440766, is being leveraged by threat actors, including those deploying Akira ransomware, to gain unauthorized access to networks and, in some instances, cause firewall crashes. This vulnerability, first disclosed in August 2024 under advisory ID SNWLID2024001...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
ACSC Warns Of SonicWall SSL VPN Exploit (CVE-2024-40766)
ASDβs ACSC confirms active exploitation of CVE-2024-40766 in SonicWall SSL VPNs. Urges urgent patching, MFA, and access controls for Aussie orgs.
π¦
Canadian Governmentβs IT Arm Flags Digital Risks, Cyber Threats, and Strategic Priorities π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
SSC " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202509SSC300x150.webp" datalargefile"httpscyble.comwpcontentuploads202509SSC.webp" title"Canadian Governments IT Arm Flags Digital Risks, Cyber Threats, and Strategic Priorities 2" Shared Services Canada SSC, the federal agency responsible for delivering digital services and IT infrastructure across the Government of Canada GC, has issued a comprehensive update on the state of cybersecurity and digital transformation within the federal public service. In a recent ministerial transition briefing, SSC detailed both pressing challenges and strategic advancements, with a focus on enhancing the resilience of GC systems against digital threats. The report, addressed to the newly appointed Minister of Government Transform...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
π Fileless Malware Deploys Advanced RAT via Legitimate Tools π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A sophisticated fileless malware campaign has been observed using legitimate tools to deliver AsyncRAT executed in memory.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Fileless Malware Deploys Advanced RAT via Legitimate Tools
A sophisticated fileless malware campaign has been observed using legitimate tools to deliver AsyncRAT executed in memory
ποΈ Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google on Tuesday announced that its new Google Pixel 10 phones support the Coalition for Content Provenance and Authenticity C2PA standard out of the box to verify the origin and history of digital content. To that end, support for C2PA's Content Credentials has been added to Pixel Camera and Google Photos apps for Android. The move, Google said, is designed to further digital media.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
U.S. Senator Ron Wyden has called on the Federal Trade Commission FTC to probe Microsoft and hold it responsible for what he called "gross cybersecurity negligence" that enabled ransomware attacks on U.S. critical infrastructure, including against healthcare networks. "Without timely action, Microsoft's culture of negligent cybersecurity, combined with its de facto monopolization of the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π CISA Launches Roadmap for the CVE Program π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US cybersecurity agency called for the CVE program to remain publicly maintained and vendorneutral while emphasizing the need for broader engagement.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CISA Launches Roadmap for the CVE Program
The US cybersecurity agency called for the CVE program to remain publicly maintained and vendor-neutral while emphasizing the need for broader engagement
βοΈ Bulletproof Host Stark Industries Evades EU Sanctions βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
In May 2025, the European Union levied financial sanctions on the owners of Stark Industries Solutions Ltd., a bulletproof hosting provider that materialized two weeks before Russia invaded Ukraine and quickly became a top source of Kremlinlinked cyberattacks and disinformation campaigns. But new data shows those sanctions have done little to stop Stark from simply rebranding and transferring their assets to other corporate entities controlled by its original hosting providers.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Bulletproof Host Stark Industries Evades EU Sanctions
In May 2025, the European Union levied financial sanctions on the owners of Stark Industries Solutions Ltd., a bulletproof hosting provider that materialized two weeks before Russia invaded Ukraine and quickly became a top source of Kremlin-linked cyberattacksβ¦
π Are cybercriminals hacking your systems β or just logging in? π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
As bad actors often simply waltz through companies digital front doors with a key, heres how to keep your own door firmly locked tight.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Are cybercriminals hacking your systems β or just logging in?
As bad actors often simply waltz through companiesβ digital front doors with a key, hereβs how to keep your own door firmly locked tight.
ποΈ Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A security weakness has been disclosed in the artificial intelligence AIpowered code editor Cursor that could trigger code execution when a maliciously crafted repository is opened using the program. The issue stems from the fact that an outofthebox security setting is disabled by default, opening the door for attackers to run arbitrary code on users' computers with their privileges. ".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ How to check if youβve been affected by Salesforce attacks β and stop hackers dead in their tracks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The FBI has issued a fresh advisory over the threat posed to Salesforce customers by two threat groups. Here's how you can stay safe and mitigate any risks.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
How to check if youβve been affected by Salesforce attacks β and stop hackers dead in their tracks
The FBI has detailed steps enterprises can take to prevent falling victim to Salesforce attacks
ποΈ 6 Browser-Based Attacks Security Teams Need to Prepare For Right Now ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Attacks that target users in their web browsers have seen an unprecedented rise in recent years. In this article, well explore what a browserbased attack is, and why theyre proving to be so effective. What is a browserbased attack? First, its important to establish what a browserbased attack is. In most scenarios, attackers dont think of themselves as attacking your web browser.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ β‘ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
In a world where threats are persistent, the modern CISOs real job isn't just to secure technologyit's to preserve institutional trust and ensure business continuity. This week, we saw a clear pattern adversaries are targeting the complex relationships that hold businesses together, from supply chains to strategic partnerships. With new regulations and the rise of AIdriven attacks, the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new artificial intelligence AIpowered penetration testing tool linked to a Chinabased company has attracted nearly 11,000 downloads on the Python Package Index PyPI repository, raising concerns that it could be repurposed by cybercriminals for malicious purposes. Dubbed Villager, the framework is assessed to be the work of Cyberspike, which has positioned the tools as a red teaming.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Chinesespeaking users are the target of a search engine optimization SEO poisoning campaign that uses fake software sites to distribute malware. "The attackers manipulated search rankings with SEO plugins and registered lookalike domains that closely mimicked legitimate software sites," Fortinet FortiGuard Labs researcher Pei Han Liao said. "By using convincing language and small character.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π AI-Forged Military IDs Used in North Korean Phishing Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Genians observed the Kimsuky group impersonate a defense institution in a spearphishing attack, leveraging ChatGPT to create fake military ID cards.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
AI-Forged Military IDs Used in North Korean Phishing Attack
Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards
π CISA at Risk After OIG Accuses it of Wasting Federal Funds π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
US Department of Homeland Security OIG claims CISA mismanaged a key cyber retention incentive program.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CISA at Risk After OIG Accuses it of Wasting Federal Funds
US Department of Homeland Security OIG claims CISA mismanaged a key cyber retention incentive program
π Phishing Campaigns Drop RMM Tools for Remote Access π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Threat actors are using multiple lures to trick users into installing RMM tools.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Phishing Campaigns Drop RMM Tools for Remote Access
Threat actors are using multiple lures to trick users into installing RMM tools
π¦
Inside MaranhΓ£o Stealer: Node.js-Powered InfoStealer Using Reflective DLL Injection π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Executive Summary CRIL identified an active Maranho Stealer campaign that is being distributed through social engineering websites hosted on cloud platforms. Current intelligence indicates that the malware has been active since May 2025 and is actively being developed. Available intelligence shows the malware has been active since May 2025 and is undergoing ongoing development. The threat actors primarily target gaming users by distributing gamingrelated links, cheats, and pirated software downloads. e.g., hxxpsderelictsgame.inDerelictSetup.zip. The ZIP archives include an Inno Setup installer, which launches a Node.jscompiled binary responsible for exfiltrating credentials. Key takeaways Maranho Stealer is actively spreading through social engineering websites that distribut...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Inside MaranhΓ£o Stealer: Node.js-Powered InfoStealer
Cyble Research & Intelligence Labs detected MaranhΓ£o Stealer, a Node.jsβbased credential stealer leveraging reflective DLL injection.