Manuel BisseySep 30, 2025

CISA adds CVE-2025-32463 to its KEV list—this critical Sudo flaw lets local attackers run commands as root via the --chroot option, even without sudoers permissions. Patch before Oct 20. 🛠️🐧 #SudoExploit #CISAWarning

https://thehackernews.com/2025/09/cisa-sounds-alarm-on-critical-sudo-flaw.html

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

CISA adds critical Sudo flaw CVE-2025-32463 and four other exploited vulnerabilities to KEV list.

The Hacker News
Manuel BisseySep 19, 2025

CISA warns of two malware strains targeting critical infrastructure—stealthy, persistent, and evolving. Defenders must adapt fast. 🛡️⚠️ #CISAWarning #MalwareThreats

https://thehackernews.com/2025/09/cisa-warns-of-two-malware-strains.html

CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CISA details attackers exploiting Ivanti EPMM zero-days CVE-2025-4427/4428 in May 2025, enabling persistent remote code execution on vulnerable server

The Hacker News
PrivacyDigestAug 3, 2025

#cisawarning open-sources #Thorium platform for #malware , #forensic analysis

"Thorium enhances #cybersecurity teams' capabilities by automating analysis workflows through seamless integration of commercial, open-source, and custom tools," CISA said on Thursday.

https://www.bleepingcomputer.com/news/security/cisa-open-sources-thorium-platform-for-malware-forensic-analysis/

CISA open-sources Thorium platform for malware, forensic analysis

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today announced the public availability of Thorium, an open-source platform for malware and forensic analysts across the government, public, and private sectors.

BleepingComputer
ITSEC NewsSep 23, 2020
CISA: LokiBot Stealer Storms Into a Resurgence - The trojan has seen a big spike in activity since August, the Feds are warning. https://threatpost.com/cisa-lokibot-stealer-resurgence/159495/ #cve-2017-11882 #activityspike #spearphishing #steganography #info-stealer #cisawarning #government #commodity #malware #android #lokibot #windows #trojan
CISA: LokiBot Stealer Storms Into a Resurgence

The trojan has seen a big spike in activity since August, the Feds are warning.

Threatpost - English - Global - threatpost.com
ITSEC NewsMay 4, 2020
Microsoft Teams Impersonation Attacks Flood Inboxes - Two separate attacks have targeted as many as 50,000 different Teams users, with the goal of phish... more: https://threatpost.com/microsoft-teams-impersonation-attacks/155404/ #abnormalsecurity #credentialtheft #mobilesecurity #microsoftteams #cloudsecurity #impersonation #cyberattacks #emailattacks #websecurity #cisawarning #office365 #phishing #hacks
Microsoft Teams Impersonation Attacks Flood Inboxes

Two separate attacks have targeted as many as 50,000 different Teams users, with the goal of phishing Office 365 logins.

Threatpost - English - Global - threatpost.com
ITSEC NewsJan 23, 2020
Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices - The Feds have warned on six vulnerabilities in GE medical equipment that could affect patient moni... more: https://threatpost.com/critical-mdhex-bugs-ge-medical-devices/152163/ #securityvulnerabilities #criticalinfrastructure #hospitalequipment #vulnerabilities #patientmonitors #medicaldevices #cisawarning #carescape #cybermdx #mdhex #ge
Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices

The Feds have warned on six vulnerabilities in GE medical equipment that could affect patient monitor alarms and more.

Threatpost - English - Global - threatpost.com