Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Picture this: A new developer joins your team, excited to start contributing. On day one, they spend hours installing and configuring their IDE, searching for the “right” extensions. Their setup ends up being completely different from everyone else’s. Sound familiar? Worse yet, what if that “productivity-boosting” extension or new MCP server they just installed also secretly opened a backdoor in your codebase?

The IONIX research team is tracking CVE-2025-42944, an insecure deserialization vulnerability affecting SAP NetWeaver AS Java’s RMI-P4 module—a critical issue warranting immediate attention.

Intruder is a cloud-based vulnerability scanner that provides an automated overview of an organization’s attack surface. Its primary function is to proactively identify weaknesses across internet-facing infrastructure and applications before they are exploited. The platform’s scanning engine runs a set of checks for both infrastructure-level misconfigurations and application-layer vulnerabilities, like those in the OWASP Top 10. It leverages open-source engines like ZAP to execute its checks.

Risk doesn’t live in just one place—it comes from vendors, suppliers, partners, and from inside your business through processes, people, and systems. ‍ Managing that risk is often fragmented, too. Vendor reviews live in one system, internal issues in another, and leadership reports take hours to compile. And every new vendor, tool, or requirement contributes to another layer of risk.

On September 9, 2025, Adobe released an out-of-band security update to address a critical vulnerability in Adobe Commerce and Magento Open Source. The vulnerability, tracked as CVE-2025-54236 and referred to in open-source reporting as “SessionReaper,” allows a remote unauthenticated threat actor to take over customer accounts through the Commerce REST API.

In a day and age when cyber threats are top of mind, it may be difficult for an organization to shift gears and take its physical security precautions into consideration. This is to protect not only a firm’s physical assets but direct access to networks and information that an attacker could use at a later date for a cyberattack.

The use of “shadow AI” is an increasing security risk within organizations, according to a new report from Netskope. Shadow AI is a newer variant of shadow IT, in which employees use unauthorized technology without the knowledge of the IT department. This is generally driven by a desire for increased productivity rather than malicious motives, but employees are often unaware of the risks introduced by unauthorized tools.

In essence, that is the disclosure and notification message that the open-source developer "qix" sent to the world when he was social engineered to give up access credentials to his GitHub account. Using his account, the attackers inserted malware in a series of popular NPM packages to direct cryptocurrency payments to their own wallets.

Backup solutions are key to security and data protection. For healthcare organizations, a reliable backup strategy not only enables rapid recovery after a disaster but also ensures operational resilience and helps maintain compliance with strict regulatory requirements like the Health Insurance Portability and Accountability Act (HIPAA).

BlueTeamCon 2025 showed why progress beats perfection in cybersecurity. Explore highlights on visibility, AI safety, collaboration, identity, and pragmatic defense.