Security Intelligence

Cisco patches max-severity flaw in Identity Services Engine

Cisco patches critical ISE flaws (CVEs 2025-20281, -20282) allowing RCE as root. No workarounds—urgent updates required...

Security Intelligence

Citrix fixes another critical flaw, already exploited

Citrix fixes critical NetScaler flaw (CVE-2025-6543) under active attack; patch now to prevent remote DoS on...

Security Intelligence

Citrix addresses NetScaler vulnerabilities

Citrix patches critical NetScaler flaws, including CVE-2025-5777—akin to CitrixBleed—that could expose memory and...

Security Intelligence

Cybersecurity threats amid Middle East escalation

U.S.-Iran tensions raise cyber risks. Field Effect assesses threat level, risk to clients, and how MDR helps reduce...

Security Intelligence

Zoom & doom: BlueNoroff call opens the door

Field Effect Analysis team investigates a targeted campaign using spoofed domains, social engineering, and malware tied...

Security Intelligence

Two public exploits for Linux, one observed in the wild

Exploits for three Linux vulnerabilities give attackers root access. One is active in the wild—patch now and audit...

Security Intelligence

Veeam addresses flaws in backup servers

Veeam patches critical flaws in backup software. Exploits risk data theft, privilege abuse. Update now and harden...

Security Intelligence

Malicious package disguised as a helper module for Chimera Sandbox

A malicious npm package mimicking Chimera Sandbox exposes risks in open-source supply chains—stealing cloud creds,...

Security Intelligence

Mitel MiCollab critical advisory; POC for flaws in Mitel SIP phones

Researchers published a POC exploit for critical Mitel SIP flaw; a second MiCollab flaw allows remote, unauthenticated...

Security Intelligence

Weekly threat roundup: M365 Copilot, ConnectWise, SAP, & more

Our weekly roundup of cyber threats. This week, we cover critical vulnerabilities in Microsoft, ConnectWise, SAP...

Security Intelligence

Weekly threat roundup: TA397, also known as Bitter

Our weekly roundup of cyber intel related to threat actors. This week, we look at recent activity from TA397 aka Bitter.

Security Intelligence

Critical vulnerability in Microsoft 365 Copilot

New attack method, EchoLeak, exploits a zero-click AI flaw in M365 Copilot. No action needed, but the threat reveals a...