This article covers vital topics in cybersecurity, including Application Security, Cyberwarfare / Nation-State Attacks, and Fraud Management & Cybercrime. Also: Software Supply Chain Risks, Cato’s AI Security Acquisition Anna Delaney (annamadeline) • September 6, 2025 Clockwise, from top left: Anna Delaney, Tony Morbin, Michael Novinson, and Chris Riotta This week,…
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a medium-severity security vulnerability in Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog. This decision follows reports indicating that the flaw is actively being exploited in real-world scenarios. The vulnerability, identified as CVE-2025-24054, received a…
Cyber Espionage Suspected in South American Diplomatic Attacks On Monday, Microsoft announced it has linked a China-based cyber espionage group to a series of attacks targeting diplomatic organizations in South America. The tech conglomerate’s Security Intelligence team is closely monitoring this group under the identifier DEV-0147. They characterized the recent…
Cloudflare Admits to Security Oversight in TLS Certificate Management On Thursday, Cloudflare officially acknowledged a series of failures concerning its handling of TLS certificates. The company stated that it encountered three primary issues: initially, the mismanagement of IP certificates for 1.1.1.1, followed by inadequate filtering of certificate issuance alerts, and…
Welcome to this week’s edition of the cybersecurity newsletter. Our goal is to arm you with the latest intelligence on cyber threats that could jeopardize your business operations. In this week’s issue, we examine critical updates regarding vulnerabilities affecting Apple devices, the rising threat of ransomware, unprecedented DDoS attacks, and…
Series A Accelerates AI Development, Integration Expansion, and Product-Led Growth Strategy Michael Novinson (MichaelNovinson) • September 4, 2025 Sola Security CEO Guy Flechter and COO Ron Peled (Image: Sola Security) Sola Security, under the leadership of former Palo Alto Networks’ application security head, has successfully secured $35 million in Series…
Potential Security Breach Due to Misissued TLS Certificates A recent alarming security discovery has raised concerns about the vulnerabilities inherent in the public key infrastructure (PKI) supporting internet trust. The precise details surrounding the organization or individual responsible for acquiring unauthorized credentials remain unclear, as representatives from Fina have not…
In a recent report, Google disclosed its findings on the exploitation of 75 zero-day vulnerabilities throughout 2024, a decline from 98 detected in 2023 yet an increase from the previous year’s 63. Notably, 44% of these vulnerabilities primarily targeted enterprise products, with 20 affecting security software and appliances. The Google…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Exploitation of Microsoft Blocklist Gap: Silver Fox’s Undetected Operations Pooja Tikekar ( @PoojaTikekar) • September 2, 2025 Image: Jim Cumming/Shutterstock A cyber-espionage campaign attributed to a Chinese nation-state actor, identified as Silver Fox, has successfully exploited a gap in Microsoft’s signed driver…
