BELLINGHAM, Wash., Aug. 4, 2025 /PRNewswire/ — Edelson Lechtzin LLP, a law firm based in suburban Philadelphia, is conducting an investigation into data privacy concerns following a data breach involving Northwest Radiologists, Inc. and Mount Baker Imaging, collectively referred to…
On July 22, 2025, Cisco updated its advisory regarding several recently disclosed security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), confirming that they are being actively exploited. Cisco’s Product Security Incident Response Team (PSIRT) reported awareness of attempts to exploit these vulnerabilities in real-world scenarios. However, the company did not specify which vulnerabilities are being targeted, the identity of the attacking entities, or the scale of these activities. Cisco ISE is crucial for network access control, determining which users and devices can access corporate networks and under what conditions. A breach at this level could allow attackers unrestricted access to internal systems, effectively bypassing authentication and logging controls and transforming a key policy engine into an unguarded entry point. The alert emphasizes that the identified vulnerabilities are classified as critical.
Cisco Confirms Ongoing Exploitation of ISE Vulnerabilities Leading to Unauthenticated Root Access On July 22, 2025, Cisco updated its advisory regarding recently unveiled vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), admitting that active exploitation…
⚡ THN Weekly Update: Key Cybersecurity Threats, Tools, and Strategies [Jan 6]
Jan 06, 2025
Every action we take online—each tap, click, and swipe—shapes our digital experience, but it also opens up opportunities for unintended risks. Trusted extensions, helpful assistants, and even QR codes are becoming avenues for cybercriminals. The boundary between convenience and risk has never been more precarious. This week, we explore the hidden dangers, unexpected vulnerabilities, and the cunning tactics that hackers are employing to outmaneuver the systems we rely on. Join us as we delve into the realities behind the screens and learn how to stay one step ahead.
⚡ Threat of the Week
Dozens of Google Chrome Extensions Discovered Stealing Sensitive Data — The ongoing challenges of securing the software supply chain were highlighted once again when about thirty Chrome extensions were found covertly extracting sensitive information from approximately 2.6 million devices over several months in two interconnected campaigns. This alarming discovery came to light thanks to insights from data loss prevention service Cyberhaven.
THN Weekly Recap: Examining Recent Cybersecurity Threats and Essential Insights Published January 6, 2025 In our increasingly digital world, each online interaction—from simple taps to complex swipes—helps define our digital existence. However, these actions can inadvertently expose us to risks…
Critical Infrastructure Security, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Threat Actor Maintains Long-Term Stealthy Access Prajeet Nair (@prajeetspeaks) • August 4, 2025 Image: Shutterstock A recent cybersecurity analysis reveals that Chinese nation-state hackers have infiltrated mobile telecommunications networks…
Highlands Oncology Data Breach: Lawsuit Investigation Attorneys affiliated with ClassAction.org are currently investigating the potential for a class action lawsuit in response to the Highlands Oncology data breach. This inquiry focuses on gathering information from individuals who have received notifications…
Date: July 22, 2025
Category: Vulnerability / Threat Intelligence
Microsoft has officially connected the exploitation of vulnerabilities in internet-facing SharePoint Server instances to two Chinese hacker groups, Linen Typhoon and Violet Typhoon, as early as July 7, 2025, confirming earlier claims. Additionally, the company has identified a third threat actor from China, tracked as Storm-2603, also leveraging these vulnerabilities to gain initial access to target organizations. Microsoft stated in a report released today that, “Given the swift adoption of these exploits, we are highly confident that threat actors will continue to incorporate them into their attacks on unpatched on-premises SharePoint systems.” Below is a brief overview of the threat activity clusters:
Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacking Groups July 22, 2025 In a recent announcement, Microsoft has officially connected the exploitation of vulnerabilities in SharePoint Server instances to two Chinese cybercriminal organizations known as Linen Typhoon and Violet…
CISA: No Broader Federal Impact from Treasury Cyber Incident; Investigation Continues
Jan 07, 2025
Critical Infrastructure / Cyber Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced on Monday that there are no signs indicating the recent cyber attack on the Treasury Department has affected other federal agencies. CISA is collaborating closely with the Treasury Department and BeyondTrust to fully understand the breach and reduce its effects. CISA emphasized, “The security of federal systems and the data they safeguard is crucial to our national security. We are taking proactive measures to prevent any further repercussions and will provide updates as needed.” This statement follows the Treasury Department’s disclosure of being targeted in a “major cybersecurity incident” involving Chinese state-sponsored actors, which enabled remote access to certain computers and unclassified documents. The incident, revealed in early December 2024, stemmed from a breach in BeyondTrust’s systems, allowing adversaries to gain sensitive access.
CISA Reports No Broader Federal Impact from Treasury Cyber Attack; Investigation Continues On January 7, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) announced that the recent cyber breach affecting the Treasury Department does not appear to have compromised other…
AI search engine Perplexity is under scrutiny for allegedly utilizing stealth bots to circumvent website restrictions against web crawling. This claim, if verified, would breach established Internet practices that have been upheld for over thirty years, as articulated by cybersecurity…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Xu Zewei, Suspected Silk Typhoon Hacker, Will Remain in Custody in Italy Akshaya Asokan (asokan_akshaya) • August 4, 2025 Xu Zewei’s arrival at Milan’s Malpensa Airport may now lead to significant legal…
Alleged Aeroflot Data Breach Raises Concerns Over Cybersecurity Vulnerabilities Recent reports have surfaced regarding a significant data breach affecting Aeroflot, Russia’s flagship airline. This incident has raised alarms, particularly among cybersecurity professionals and business leaders, as it highlights ongoing vulnerabilities…
