Tag: infrastructure

CISA Alerts on Critical Lynx+ Gateway Flaw Leaks Data in Cleartext

Nov 17, 2025 9:49 PM

Tags: access, cisa, control, cve, cyber, cybersecurity, data, flaw, infrastructure, leak, risk, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding multiple vulnerabilities affecting General Industrial Controls’ Lynx+ Gateway device. Released on November 13, 2025, under alert code ICSA-25-317-08, these flaws pose significant risks to industrial control systems. They could enable remote attackers to access sensitive information or disrupt critical operations. CVE…
5 key ways attack surface management will evolve in 2026

Nov 17, 2025 5:49 PM

Tags: access, ai, api, attack, authentication, business, ceo, cloud, control, cyber, cybercrime, cybersecurity, data, deep-fake, defense, email, firewall, identity, incident, infrastructure, intelligence, iot, malicious, network, phishing, risk, risk-assessment, risk-management, service, social-engineering, software, supply-chain, threat, tool, vulnerability, vulnerability-management, zero-trust

The rise of IoT, which has added significantly more devices to networksThe increasing use of APIs and interconnected microservicesThe shift to remote work, which requires incorporating devices and connections from the homeThe seemingly uncontrollable inflation of shadow ITThe move to decentralized infrastructure management and cloud services, which has made the entire IT ecosystem more complicated…
Critical RCE Flaws in AI Inference Engines Expose Meta, Nvidia, and Microsoft Frameworks

Nov 17, 2025 2:49 PM

Tags: ai, cve, cyber, flaw, framework, infrastructure, microsoft, nvidia, open-source, rce, remote-code-execution, technology, vulnerability

Security researchers at Oligo Security have uncovered a series of critical Remote Code Execution vulnerabilities affecting widely deployed AI inference servers from major technology companies. The flaws affect frameworks developed by Meta, NVIDIA, Microsoft, and open-source projects such as vLLM, SGLang, and Modular, potentially exposing enterprise AI infrastructure to serious security risks. CVE ID Affected…
Akira ransomware expands to Nutanix AHV, raising stakes for enterprise security

Nov 17, 2025 1:49 PM

Tags: access, attack, backup, breach, business, cisco, data, detection, endpoint, exploit, firewall, infrastructure, leak, mfa, monitoring, network, ransomware, resilience, strategy, threat, update, veeam, vpn, vulnerability, windows

Threat that thrives in enterprise blind spots: Experts indicate that Akira leverages the blind spots that enterprises acknowledge but rarely fix. Of the blind spots, remote access tops the list, followed by patching.”Akira wins not because it has reinvented ransomware, but because it has perfected the parts enterprises fail to take seriously. It exploits the…
Akira ransomware expands to Nutanix AHV, raising stakes for enterprise security

Nov 17, 2025 1:49 PM

Tags: access, attack, backup, breach, business, cisco, data, detection, endpoint, exploit, firewall, infrastructure, leak, mfa, monitoring, network, ransomware, resilience, strategy, threat, update, veeam, vpn, vulnerability, windows

Threat that thrives in enterprise blind spots: Experts indicate that Akira leverages the blind spots that enterprises acknowledge but rarely fix. Of the blind spots, remote access tops the list, followed by patching.”Akira wins not because it has reinvented ransomware, but because it has perfected the parts enterprises fail to take seriously. It exploits the…
NSFOCUS Cloud DDoS Protection Service (Cloud DPS) Detected and Mitigated an 800G+ DDoS Attack towards a Critical Infrastructure Operator

Nov 17, 2025 10:49 AM

Tags: attack, cloud, cyber, ddos, infrastructure, network, service

Incident Summary On October 21, 2025, NSFOCUS Cloud DDoS Protection Service (Cloud DPS) detected and mitigated an 800G+ DDoS attack towards a critical infrastructure operator. The target network sustained a multi-vector volumetric DDoS attack peaking at 843.4 Gbps and 73.6 Mpps. The assault combined UDP-based floods (dominant) with amplification and reflection techniques. NSFOCUS Cloud DPS…The…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

Nov 16, 2025 5:50 PM

Tags: infrastructure, international, malicious, malware

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter 9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads GlassWorm Returns: New Wave Strikes as We Expose Attacker Infrastructure Gootloader Returns: What Goodies Did They Bring? Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector…
How shadow IT leaves every industry in the dark

Nov 15, 2025 12:49 AM

Tags: access, ai, breach, cloud, compliance, computer, control, data, data-breach, fintech, group, healthcare, infrastructure, insurance, Internet, mobile, network, privacy, regulation, risk, saas, service, technology, tool, unauthorized, vulnerability

Industry Examples of Shadow IT and Shadow AI Healthcare Consumer messaging, unapproved storage of medical imaging files, certificate challenges due to specialized portals for specific healthcare groups, department-run electronic health record (EHR) environments, unapproved telehealth platforms, AI for note summarization Insurance Custom applications for new insurance policy introductions, certificate challenges, maintenance issues, unsanctioned SaaS for…
How shadow IT leaves every industry in the dark

Nov 15, 2025 12:49 AM

Tags: access, ai, breach, cloud, compliance, computer, control, data, data-breach, fintech, group, healthcare, infrastructure, insurance, Internet, mobile, network, privacy, regulation, risk, saas, service, technology, tool, unauthorized, vulnerability

Industry Examples of Shadow IT and Shadow AI Healthcare Consumer messaging, unapproved storage of medical imaging files, certificate challenges due to specialized portals for specific healthcare groups, department-run electronic health record (EHR) environments, unapproved telehealth platforms, AI for note summarization Insurance Custom applications for new insurance policy introductions, certificate challenges, maintenance issues, unsanctioned SaaS for…
DOJ Issued Seizure Warrant to Starlink Over Satellite Internet Systems Used at Scam Compound

Nov 14, 2025 9:49 PM

Tags: crypto, infrastructure, Internet, law, scam

A new US law enforcement initiative is aimed at crypto fraudsters targeting Americans”, and now seeks to seize infrastructure it claims is crucial to notorious scam compounds. First seen on wired.com Jump to article: www.wired.com/story/doj-issued-seizure-warrants-to-starlink-over-satellite-internet-systems-used-at-scam-compounds/
TDL 009 – Inside DNS Threat Intelligence: Privacy, Security Innovation

Nov 14, 2025 7:49 PM

Tags: access, apple, attack, automation, backup, best-practice, business, ceo, cisco, ciso, cloud, computer, control, corporate, country, crime, cybersecurity, data, dns, encryption, finance, firewall, government, infrastructure, intelligence, Internet, jobs, law, linkedin, malicious, marketplace, middle-east, monitoring, msp, network, office, privacy, regulation, risk, service, software, strategy, threat, tool, windows, zero-trust

Summary Inside DNS Threat Intelligence: Privacy, Security & Innovation In this episode of the Defenders Log, host David Redekop speaks with Tim Adams, the founder of the protective DNS resolver Scout DNS. Tim shares his origin story, explaining how he transitioned from a wireless network integrator to building his own DNS solution. He saw a…
Northrop Grumman, Ford prep AI infrastructure with OpenShift

Nov 14, 2025 5:49 PM

Tags: ai, defense, identity, infrastructure

The defense contractor leaned on OpenShift AI and GitOps as it installed a 30,000-core GPU farm, while the automaker established workload identity federation across clouds. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366634397/Northrop-Grumman-Ford-prep-AI-infrastructure-with-OpenShift
Northrop Grumman, Ford prep AI infrastructure with OpenShift

Nov 14, 2025 5:49 PM

Tags: ai, defense, identity, infrastructure

The defense contractor leaned on OpenShift AI and GitOps as it installed a 30,000-core GPU farm, while the automaker established workload identity federation across clouds. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366634397/Northrop-Grumman-Ford-prep-AI-infrastructure-with-OpenShift
Cybersecurity Snapshot: Refresh Your Akira Defenses Now, CISA Says, as OWASP Revamps Its App Sec Top 10 Risks

Nov 14, 2025 4:49 PM

Tags: access, advisory, ai, antivirus, application-security, attack, authentication, backup, business, chatgpt, cisa, ciso, cloud, compliance, control, corporate, cve, cyber, cybersecurity, data, defense, detection, encryption, endpoint, exploit, finance, firewall, flaw, framework, germany, group, guide, healthcare, infrastructure, injection, Internet, iot, law, malware, mfa, mitigation, phishing, privacy, programming, ransomware, resilience, risk, service, soc, software, supply-chain, tactics, technology, threat, tool, update, vulnerability

Learn why you should revise your Akira ransomware protection plans. Plus, find out what’s new in OWASP’s revamped Top 10 Web Application Risks list. Also, find out about agentic AI’s cognitive degradation risk. And get the latest on AI security trends and CISO compensation. Key takeaways CISA and other agencies are urging organizations, especially in…
Cybersecurity Snapshot: Refresh Your Akira Defenses Now, CISA Says, as OWASP Revamps Its App Sec Top 10 Risks

Nov 14, 2025 4:49 PM

Tags: access, advisory, ai, antivirus, application-security, attack, authentication, backup, business, chatgpt, cisa, ciso, cloud, compliance, control, corporate, cve, cyber, cybersecurity, data, defense, detection, encryption, endpoint, exploit, finance, firewall, flaw, framework, germany, group, guide, healthcare, infrastructure, injection, Internet, iot, law, malware, mfa, mitigation, phishing, privacy, programming, ransomware, resilience, risk, service, soc, software, supply-chain, tactics, technology, threat, tool, update, vulnerability

Learn why you should revise your Akira ransomware protection plans. Plus, find out what’s new in OWASP’s revamped Top 10 Web Application Risks list. Also, find out about agentic AI’s cognitive degradation risk. And get the latest on AI security trends and CISO compensation. Key takeaways CISA and other agencies are urging organizations, especially in…
Copy-paste vulnerability hits AI inference frameworks at Meta, Nvidia, and Microsoft

Nov 14, 2025 1:49 PM

Tags: ai, authentication, cloud, data, data-breach, exploit, framework, google, infrastructure, Internet, linkedin, LLM, microsoft, nvidia, oracle, risk, vulnerability

Why this matters for AI infrastructure: The vulnerable inference servers form the backbone of many enterprise-grade AI stacks, processing sensitive prompts, model weights, and customer data. Oligo reported identifying thousands of exposed ZeroMQ sockets on the public internet, some tied to these inference clusters.If exploited, an attacker could execute arbitrary code on GPU clusters, escalate…
Copy-paste vulnerability hits AI inference frameworks at Meta, Nvidia, and Microsoft

Nov 14, 2025 1:49 PM

Tags: ai, authentication, cloud, data, data-breach, exploit, framework, google, infrastructure, Internet, linkedin, LLM, microsoft, nvidia, oracle, risk, vulnerability

Why this matters for AI infrastructure: The vulnerable inference servers form the backbone of many enterprise-grade AI stacks, processing sensitive prompts, model weights, and customer data. Oligo reported identifying thousands of exposed ZeroMQ sockets on the public internet, some tied to these inference clusters.If exploited, an attacker could execute arbitrary code on GPU clusters, escalate…
Fighting AI with AI: Adversarial bots vs. autonomous threat hunters

Nov 14, 2025 12:49 PM

Tags: access, ai, attack, automation, backup, breach, bug-bounty, cloud, credentials, cyber, cybersecurity, data, defense, endpoint, exploit, hacker, healthcare, identity, infrastructure, Internet, iot, least-privilege, malicious, network, phishing, startup, technology, threat, tool, update, vpn, vulnerability, zero-day

While there’s no doubt AI holds great potential for cybersecurity, in practice, it’s mainly being used to automate what we’re already doing. For companies to stand a chance, we need new approaches to AI-powered defense, not optimized ones. Attackers already have systemic advantages that AI amplifies dramatically. While there are some great examples of how…
Fighting AI with AI: Adversarial bots vs. autonomous threat hunters

Nov 14, 2025 12:49 PM

Tags: access, ai, attack, automation, backup, breach, bug-bounty, cloud, credentials, cyber, cybersecurity, data, defense, endpoint, exploit, hacker, healthcare, identity, infrastructure, Internet, iot, least-privilege, malicious, network, phishing, startup, technology, threat, tool, update, vpn, vulnerability, zero-day

While there’s no doubt AI holds great potential for cybersecurity, in practice, it’s mainly being used to automate what we’re already doing. For companies to stand a chance, we need new approaches to AI-powered defense, not optimized ones. Attackers already have systemic advantages that AI amplifies dramatically. While there are some great examples of how…
Agentic AI opens door to new ID challenges: Report

Nov 14, 2025 5:49 AM

Tags: access, ai, api, attack, awareness, best-practice, breach, cloud, control, credentials, cyber, cyberattack, data, defense, email, exploit, governance, group, iam, identity, incident, infrastructure, network, phishing, resilience, risk, social-engineering, software, strategy, technology, threat, tool, training, vulnerability, zero-trust

Identity Crisis: Understanding & Building Resilience Against Identity-Driven Threats, the result is a surge of both non-human identities (NHIs) and agentic identities.Key findings revealed:89% of organizations have “fully or partially incorporated AI agents into their identity infrastructure, and an additional 10% have plans to.”Of those polled, 58% estimate that, in the next 12 months, half…
Agentic AI opens door to new ID challenges: Report

Nov 14, 2025 5:49 AM

Tags: access, ai, api, attack, awareness, best-practice, breach, cloud, control, credentials, cyber, cyberattack, data, defense, email, exploit, governance, group, iam, identity, incident, infrastructure, network, phishing, resilience, risk, social-engineering, software, strategy, technology, threat, tool, training, vulnerability, zero-trust

Identity Crisis: Understanding & Building Resilience Against Identity-Driven Threats, the result is a surge of both non-human identities (NHIs) and agentic identities.Key findings revealed:89% of organizations have “fully or partially incorporated AI agents into their identity infrastructure, and an additional 10% have plans to.”Of those polled, 58% estimate that, in the next 12 months, half…
From Bots to Buyers: With Agentic AI, Bot Management Becomes Core Infrastructure

Nov 14, 2025 12:49 AM

Tags: ai, control, infrastructure

AI agents are reshaping online retail. Discover why bot management is essential infrastructure to control agentic commerce and drive growth. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/from-bots-to-buyers-with-agentic-ai-bot-management-becomes-core-infrastructure/
Enhanced Support Systems for Effective NHI Management

Nov 13, 2025 11:49 PM

Tags: cloud, cybersecurity, infrastructure, password

How Do Non-Human Identities Transform Cybersecurity Management? Where organizations increasingly pivot towards digital infrastructure, the management of Non-Human Identities (NHI) becomes paramount. These machine identities, comprising encrypted secrets like passwords, tokens, or keys, lay the foundation for secure cloud environments. But how are they reshaping cybersecurity management across various industries? The Growing Significance of NHI……
The 2025 Healthcare Cyber Crisis: Unified AI Defense Against $10.3M Breaches

Nov 13, 2025 10:49 PM

Tags: ai, breach, cloud, cyber, data, defense, healthcare, infrastructure, network, ransomware, theft

The U.S. healthcare system has entered its most dangerous cyber era.As digital transformation reshapes patient care, cloud infrastructure, IoT/IoMT ecosystems, and interconnected provider networks, the sector has simultaneously become the #1 most cyber-attacked industry for 13 consecutive years. Ransomware outages, data theft, and multi-week operational disruptions now hit hospitals at an unprecedented scale.With average breach…
The 2025 Healthcare Cyber Crisis: Unified AI Defense Against $10.3M Breaches

Nov 13, 2025 10:49 PM

Tags: ai, breach, cloud, cyber, data, defense, healthcare, infrastructure, network, ransomware, theft

The U.S. healthcare system has entered its most dangerous cyber era.As digital transformation reshapes patient care, cloud infrastructure, IoT/IoMT ecosystems, and interconnected provider networks, the sector has simultaneously become the #1 most cyber-attacked industry for 13 consecutive years. Ransomware outages, data theft, and multi-week operational disruptions now hit hospitals at an unprecedented scale.With average breach…
Operation Endgame Dismantles 1,025 Malware Servers

Nov 13, 2025 9:49 PM

Tags: botnet, infrastructure, malware, rat

Europol and Eurojust dismantled major criminal infrastructure powering widespread infostealer, RAT, and botnet operations. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/operation-endgame-dismantles-1025-malware-servers/
Infrastruktur des Infostealers Rhadamanthys, sowie VenomRAT und Elysium zerschlagen

Nov 13, 2025 6:49 PM

Tags: infrastructure

Strafverfolger unter Führung von Europol, sowie Beteiligung des Bundeskriminalamts haben im Rahmen der Operation Endgame einerseits die Infrastruktur des Infostealers Rhadamanthys und andererseits des Trojaners VenomRAT wie des Botnetzes Elysium zerschlagen bzw. Server und Geräte beschlagnahmt. Es gab wohl bereits … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/13/infrastruktur-des-infostealers-rhadamanthys-sowie-venomrat-und-elysium-zerschlagen/
Building checksec without boundaries with Checksec Anywhere

Nov 13, 2025 3:49 PM

Tags: access, android, apple, attack, control, data, exploit, firmware, infrastructure, mitigation, mobile, open-source, privacy, rust, software, threat, tool

Since its original release in 2009, checksec has become widely used in the software security community, proving useful in CTF challenges, security posturing, and general binary analysis. The tool inspects executables to determine which exploit mitigations (e.g., ASLR, DEP, stack canaries, etc.) are enabled, rapidly gauging a program’s defensive hardening. This success inspired numerous spinoffs:…
Operation Endgame schaltet Schadsoftware ab

Nov 13, 2025 2:49 PM

Tags: cybercrime, extortion, germany, infrastructure, malware, password, usa

Ermittler aus Deutschland sind gemeinsam mit internationalen Partnern erneut erfolgreich gegen Cyberkriminalität vorgegangen. BundeskriminalamtDank globaler Zusammenarbeit ist Ermittlern ein Schlag gegen die Verbreitung von Schadsoftware gelungen. Man habe “einen der gefährlichsten Stealer und einen der meistgenutzten Trojaner weltweit unschädlich gemacht”, teilten die Zentralstelle zur Bekämpfung der Internetkriminalität und das Bundeskriminalamt (BKA) mit. Solche Systeme nisten sich…
Threat Actors Use JSON Storage for Hosting and Delivering Malware via Trojanized Code

Nov 13, 2025 2:49 PM

Tags: control, cyber, infrastructure, malware, north-korea, service, software, threat

A sophisticated campaign attributed to North Korean-aligned threat actors is weaponizing legitimate JSON storage services as an effective vector for deploying advanced malware to software developers worldwide. The >>Contagious Interview