The 2025 Annual Cyber Threat Intelligence Report captures the year’s most impactful attack patterns across exploitation-led intrusion, advanced malware (including AI-assisted techniques), and the ongoing evolution of ransomware/RaaS economics.

Getting a certificate is the easy part. Getting it onto every server that needs it, in the right format, with the right permissions, and restarting the right services? That’s the part where things fall apart. The CertKit Agent closes that gap, just released from our product roadmap.

Text editors rarely show up in threat models. Installers show up even less. CVE-2025-49144 changes that. The issue is a local privilege escalation in the Notepad++ Windows installer that can allow a low-privileged user to gain SYSTEM-level execution by abusing insecure executable search behavior during installation. Affected versions include Notepad++ 8.8.1 and earlier, per the NVD record.

What data are your employees feeding into unapproved AI tools? If you can't answer that question, then you might have shadow AI security risks that you don't know about. The Netwrix Cybersecurity Trends Report 2025 found that 37% of organizations have already had to adjust their security strategies due to AI-driven threats, while 30% haven't started AI implementation at all. That gap between how fast AI threats are evolving and how slowly organizations are responding is where shadow AI thrives.

CISA recently published BOD 26-02, the latest Binding Operational Directive shaping how federal agencies manage cyber risk. While attention often gravitates toward highly visible directives like KEV, this one matters for a different reason: it raises the standard for how lifecycle risk must be tracked and sustained over time. BOD 26-02 is described as guidance on unsupported edge devices, which is accurate but incomplete.

For many organizations, risk management is still stuck in the past—reliant on spreadsheets, manual reviews, and static registers that go stale shortly after they’re created. Without clear ownership or automation, treatment plans linger, and accountability slips. Risks remain fragmented across departments, disconnected from business impact and board visibility. ‍ At the same time, emerging threats are evolving faster than ever.

Teams sprawl is one of the most overlooked security risks in Microsoft 365 environments. When all your employees can create teams on demand, without approval, naming conventions, or expiration policies, the result is hundreds of ungoverned workspaces with no clear ownership, inconsistent naming, and scattered data. That governance gap creates measurable risk.

A fragmented collection of security tools and services can’t deliver the protection modern organizations require. True resilience comes from integrating those capabilities into a unified, coordinated defense. LevelBlue recognizes that the full value of Managed Detection and Response (MDR) is realized when it operates as more than a standalone service. When positioned as the central nervous system of a broader security ecosystem, MDR connects signals, actions, and intelligence across the environment.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Not spooky season right? Well, this is a bit odd

Read Post