Category: Security Insights

As of October 15, 2025, enterprise operators of Fortinet and Ivanti platforms should immediately review and apply October 2025 security patches and advisories. Fortinet published multiple PSIRTs, including issues in FortiOS/FortiProxy ZTNA, FortiOS CLI controls on specific appliances, FortiIsolator authentication/session handling, FortiClientMac LaunchDaemon permissions, and weak authentication affecting FortiPAM and FortiSwitchManager. Patches and fixed versions are available per PSIRT/NVD.

Red Hat disclosed on October 2, 2025 that a third party accessed a GitLab instance used for internal collaboration by Red Hat Consulting in select engagements; Red Hat removed access, isolated the instance, involved authorities, and is continuing the investigation. The company emphasized the incident is confined specifically to that Consulting GitLab environment. [1][2]. (redhat.com) Who claims what A group calling itself Crimson Collective

As of September 26, 2025, CISA’s ED 25‑03 mandates immediate action to identify and mitigate potential compromise of Cisco ASA and Firepower devices amid an active campaign chaining CVE‑2025‑20362 (missing authorization) with CVE‑2025‑20333 (RCE). Cisco also disclosed CVE‑2025‑20363 (web services RCE) across ASA/FTD and IOS families. Patching is available. CISA set aggressive deadlines: core dump submissions and urgent upgrades by September 26, 2025, and

As of September 18, 2025, SonicWall advises impacted customers to perform a MySonicWall breach password reset and rotate other secrets after threat actors accessed some cloud‑stored firewall configuration backups. SonicWall reports fewer than 5% of firewalls had backup preference files accessed; credentials in those files were encrypted; no leak evidence is known and this was not a ransomware event, but brute-force activity against the

As of September 18, 2025, organizations that build or run JavaScript software face a high‑risk supply chain incident: the Shai‑Hulud npm worm is actively compromising maintainer accounts, inserting a malicious postinstall bundle.js into popular packages, harvesting tokens and secrets, and mass‑migrating private GitHub repositories to public. Evidence shows large‑scale propagation and data exposure; no CVE/KEV entry applies because this is a campaign, not a

A coordinated data theft campaign leveraged compromised OAuth access and refresh tokens tied to the Salesloft Drift integration to pull large datasets from many organizations’ Salesforce instances. Google’s Threat Intelligence Group (GTIG) attributes the activity to UNC6395 and observed systematic SOQL querying focused on harvesting credentials and secrets from CRM records. The activity window runs from at least August 8 to August 18, 2025;

“Cybersecurity is more than just tech; it’s about resilience and adaptability,” shares Patrick Kelley, CEO of Léargas Security, in a candid conversation with Dr. Deborah Heiser on the After 40 Podcast. Patrick’s path in cybersecurity—spanning over three decades—has been defined by a relentless commitment to safeguarding critical infrastructures and a deep respect for the psychological toll that comes with defending against constantly evolving threats.

We are thrilled to announce the upcoming release of Léargas XDR version v0.1.0-beta.5, which includes several new features, enhancements, and performance improvements designed to optimize your experience and streamline your security operations. Here’s what you can expect in this version: New Features Enhanced Features Revamped Dashboards Other Key Enhancements With these new capabilities and improvements, Léargas XDR aims to provide you with the most powerful

In today's digital age, safeguarding critical infrastructure is more crucial than ever. However, many organizations are grappling with cybersecurity challenges due to limited budgets, insufficient staffing, and outdated solutions. Enter Léargas-a comprehensive SaaS cybersecurity platform designed to address these pressing issues and revolutionize how critical infrastructure is protected.

Patrick Kelley, CEO of Leargas Security, will be a featured speaker at the IAEC IT Fall Conference, hosted by the Iowa Association of Electric Cooperatives. The event is set for October 8-9, 2024, at The Rewind by Hilton in West Des Moines, Iowa. The conference brings together IT and cybersecurity leaders to tackle the pressing challenges in protecting critical infrastructure within the energy sector.

Patrick Kelley, CEO of Léargas Security, will be a featured speaker at the 2024 MRO Security Conference, scheduled to take place on October 1-2, 2024, in St. Paul, Minnesota. This annual conference brings together experts in the energy and security sectors to discuss pressing issues in cybersecurity, particularly as they relate to the protection of critical infrastructure.

When it comes to cybersecurity, companies often face a tough choice: invest heavily in multiple solutions or opt for a streamlined, cost-effective approach. Enter Léargas, a game-changer in the industry that offers comprehensive cybersecurity services at a fraction of the cost of traditional solutions.