%term

React2Shell: The Frontend Vulnerability That Unlocks Your Internal APIs

Dec 10, 2025 By Eric Schwake In Salt Security

The cybersecurity world is currently buzzing about React2Shell (CVE-2025-55182), a critical remote code execution (RCE) vulnerability affecting React and Next.js. The scale of the threat is massive: researchers have already identified over 77,000 vulnerable IP addresses exposed to the internet, and confirmed that state-sponsored actors and opportunistic crypto miners have already breached at least 30 organizations. But if you look closely, this isn't really a story about React.

Read Post

Salt Security

Read more about React2Shell: The Frontend Vulnerability That Unlocks Your Internal APIs

Social Engineering Campaign Targets Microsoft Teams Users

Dec 10, 2025 By KnowBe4 Team In KnowBe4

Researchers at CyberProof warn that threat actors are launching phishing attacks via Microsoft Teams' “Chat with Anyone” feature, which lets external users send direct messages via email addresses. “Microsoft Teams now allows users to send direct chat invitations to any email address, even if recipients aren’t part of a Teams tenant,” the researchers explain.

Read Post

KnowBe4

Read more about Social Engineering Campaign Targets Microsoft Teams Users

Malware Analysis - 2025 MITRE ATT&CK Enterprise Evaluations

Dec 10, 2025 By CrowdStrike In CrowdStrike

The 2025 MITRE ATT&CK Enterprise Evaluations challenged defenders with sophisticated malware analysis scenarios, and CrowdStrike delivered 100% detection and protection with zero false positives. Traditional malware analysis takes hours or days, but modern threats like Mustang Panda require instant answers: What does this file do? What family does it belong to?

View Video

CrowdStrike

Read more about Malware Analysis - 2025 MITRE ATT&CK Enterprise Evaluations

Why most SOCs are failing (and how to fix them) with Alec Fenton from Foresite Cybersecurity [274]

Dec 10, 2025 By LimaCharlie In LimaCharlie

On this episode of The Cybersecurity Defenders Podcast we speak with Alec Fenton, VP of Security Operations at Foresite Cybersecurity about his journey from SOC analyst to security leader. Alec Fenton is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.

View Video

LimaCharlie

Read more about Why most SOCs are failing (and how to fix them) with Alec Fenton from Foresite Cybersecurity [274]

Beyond the Firewall: Securing Antiquated Systems from Agentic AI

Dec 10, 2025 By A10 Networks In A10 Networks

Beyond the Firewall: Securing Antiquated Systems from Agentic AI A10 Networks security experts Jamison Utter and Carlo Alpuerto delve into the critical need for contextual visibility in API security, particularly in the emerging landscape of Agentic AI.

View Video

A10 Networks

AI
Security

Read more about Beyond the Firewall: Securing Antiquated Systems from Agentic AI

CrowdStrike Leads the Way in the 2025 MITRE ATT&CK Enterprise Evaluations

Dec 10, 2025 By CrowdStrike In CrowdStrike

The results of the 2025 MITRE ATT&CK Enterprise Evaluations are in and CrowdStrike excelled, achieving 100% detection, 100% protection, and zero false positives. The MITRE ATT&CK evaluation is an independent assessment that tests how cybersecurity products detect and stop real-world adversary behavior. The 2025 round was the most challenging cross-domain evaluation to date, a true platform test. For the first time, MITRE tested defenses across endpoint, identity, and cloud.

View Video

CrowdStrike

Read more about CrowdStrike Leads the Way in the 2025 MITRE ATT&CK Enterprise Evaluations

Getting the Right People to the Table

Dec 10, 2025 By Tara Ragan and James Hart In BlueVoyant

Implementing Microsoft Purview is not just an IT project – it’s a company-wide transformation that touches nearly every aspect of how your organization manages, protects, and governs data. Success requires aligning diverse perspectives and building consensus across teams. The initial push for Purview can come from many departments. If you are leading the effort, identifying who needs to be involved and understanding why their input matters will be key to driving buy-in and long-term success.

Read Post

BlueVoyant

Read more about Getting the Right People to the Table

Response to "Principles for the Secure Integration of Artificial Intelligence in OT"

Dec 10, 2025 By James Slaby In Acronis

This new guidance amounts to leading Western governments telling OT users (industrial businesses in manufacturing, energy, power, logistics, critical infrastructure, and the like), “Yes, you can use AI in OT, but only if you’re prepared for it to fail and you can recover quickly when it does.”

Read Post

Acronis

Read more about Response to "Principles for the Secure Integration of Artificial Intelligence in OT"

Real-Time Cloud Detection & Response - 2025 MITRE ATT&CK Enterprise Evaluations

Dec 10, 2025 By CrowdStrike In CrowdStrike

For the first time, the 2025 MITRE ATT&CK Enterprise Evaluations tested cloud detection and response capabilities, and CrowdStrike delivered 100% detection and protection with zero false positives. The evaluation simulated Scattered Spider attacks achieving AWS admin access in under one minute. Traditional cloud security struggles with delayed log processing, but CrowdStrike's real-time cloud detection analyzes logs instantly for immediate visibility.

View Video

CrowdStrike

Read more about Real-Time Cloud Detection & Response - 2025 MITRE ATT&CK Enterprise Evaluations

Hyperautomation Transforms MSSP Cybersecurity Trends in 2026

Dec 10, 2025 By Torq In Torq

See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo Fareed Cheema is the Global Head of Sales Engineering at Torq, leading worldwide pre-sales strategy, execution, and technical innovation. Over the past 3.5 years, he has helped scale Torq’s technical and go-to-market teams while driving customer success in a rapidly changing security automation market.

Read Post