Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

BlueVoyant’s Threat Fusion Cell (TFC) and Security Operations Center (SOC) researchers have uncovered a recent cyber campaign featuring a unique twist on fake browser updates. This attack leveraged the GrimResource vulnerability and delivered the PureLogs stealer malware to targeted environments through disguised Microsoft Management Console (MSC) files.

Exposure management doesn’t end when you discover and prioritize vulnerabilities. The real measure of success is whether you’ve effectively remediated those exposures. Too often, security teams identify risks but struggle to see them resolved because remediation processes aren’t aligned across people, tools, and workflows. Exposure remediation best practices address this gap, ensuring that insights lead to action and that action drives measurable risk reduction.

On September 18, 2025, an Analysis Report was issued by CISA that details information about two sets of malware it obtained from an organization that was compromised during May 2025. To gain initial access, the threat actors chained together known vulnerabilities outlined in CVE-2025-4427 and CVE-2025-4428 in Ivanti Endpoint Manager Mobile (Ivanti EPMM) before deploying the malware, which allowed them to achieve remote code execution (RCE).

GenAI adoption is exploding across organizations, transforming how work gets done and where data moves. CrowdStrike is announcing four new innovations in CrowdStrike Falcon Data Protection to empower organizations to embrace GenAI tools while securing data across endpoints, cloud, GenAI, and SaaS environments.

CrowdStrike continues to raise the bar for modern identity protection. We are excited to announce innovations including phishing-resistant multifactor authentication (MFA), new privileged access capabilities, and identity-driven case management, all part of CrowdStrike Falcon Next-Gen Identity Security.

Artificial intelligence (AI) has come a long way over the past six decades. From simple chatbots in the 1960s to today’s sophisticated large language models (LLMs), mimicking human behavior has always been one of AI’s most intriguing applications. At present, though, AI cannot plan or make decisions as humans do. If it could, the ethical implications of AI would suddenly become much more complex. That’s where agentic AI comes in.

Generative artificial intelligence (GenAI) has firmly embedded itself in the workplace. As of 2024, more than two-thirds of organizations in every global region have adopted GenAI. And, as always, cyber criminals are eager to capitalize on a new and potentially powerful piece of technology. Over the past few years, a GenAI tool called FraudGPT has made phishing, hacking, and identity theft as simple as entering an AI prompt. FraudGPT and similar tools are essentially democratizing cyber crime.

AI-assisted phishing attacks pose a significant and increasing threat to organizations, according to Matt Weidman, partner and vice president of Commercial Property & Casualty at USIA. In an article for CBIA, Weidman explains that attackers can use AI tools to craft targeted, convincing phishing messages that are almost indistinguishable from the real thing.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Plaintext? Really?

The APT group known as Librarian Ghouls has managed to infiltrate the networks of technical universities and industrial companies in Russia, Belarus, and Kazakhstan without arousing suspicion. How did the gang get inside? By using legitimate logins and moving laterally through internal networks, relying on legitimate access credentials without generating alerts.