Month: September 2025

In August 2025, a coalition of cybersecurity agencies from the U.S., Canada, Australia, New Zealand, the Netherlands, Germany—and later joined by the U.K.—issued new guidance calling on OT/ICS operators to develop and maintain a definitive, continually updated system inventory. This isn’t just bureaucratic advice. It addresses a core pain point: if you don’t reliably know what’s in your environment and how it connects, you

As of September 26, 2025, CISA’s ED 25‑03 mandates immediate action to identify and mitigate potential compromise of Cisco ASA and Firepower devices amid an active campaign chaining CVE‑2025‑20362 (missing authorization) with CVE‑2025‑20333 (RCE). Cisco also disclosed CVE‑2025‑20363 (web services RCE) across ASA/FTD and IOS families. Patching is available. CISA set aggressive deadlines: core dump submissions and urgent upgrades by September 26, 2025, and

As of September 18, 2025, SonicWall advises impacted customers to perform a MySonicWall breach password reset and rotate other secrets after threat actors accessed some cloud‑stored firewall configuration backups. SonicWall reports fewer than 5% of firewalls had backup preference files accessed; credentials in those files were encrypted; no leak evidence is known and this was not a ransomware event, but brute-force activity against the

As of September 18, 2025, organizations that build or run JavaScript software face a high‑risk supply chain incident: the Shai‑Hulud npm worm is actively compromising maintainer accounts, inserting a malicious postinstall bundle.js into popular packages, harvesting tokens and secrets, and mass‑migrating private GitHub repositories to public. Evidence shows large‑scale propagation and data exposure; no CVE/KEV entry applies because this is a campaign, not a