Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If shadow IT was the SaaS era’s guilty pleasure, shadow AIT is GenAI’s sugar rush: unsanctioned AI models, tools, and autonomous agents quietly wired into business workflows—often without approvals, logging, or controls. It’s fast, it’s useful, and it can bite.

Artificial Intelligence (AI) is transforming cybersecurity, but not always for the better. While organisations adopt AI to strengthen their defences, cybercriminals and nation-state actors are exploiting the same tools to launch faster, more sophisticated, and harder-to-detect attacks. From AI-powered phishing and malware evasion to deepfake-enabled fraud, adversarial AI is no longer a future risk, it’s a present-day reality.

Every IT team is under pressure to “do more with AI.” A new tool promises smarter workflows, a new agent claims to replace manual tasks. But if you’re managing service requests, availability SLAs, patch cycles, infrastructure capacity, and application performance every day, you know the truth: AI doesn’t automatically reduce complexity on its own.

Few security practices carry as much weight as patch management. Consider the cautionary tale of Travelex. In early 2020, the British currency exchange was hit by a ransomware attack that spread quickly across its network, locking staff out of their systems. Reports suggest the company paid millions to restore access and prevent sensitive data from being sold; an outcome that underscores how a single gap in patching can cascade into a business-wide crisis.

On September 9, 2025, Microsoft released details of CVE-2025-55234, a critical vulnerability in the Windows Server Message Block (SMB) protocol. With a CVSS v3 score of 8.8, it’s classified as High severity and poses a serious elevation-of-privilege (EoP) risk. An attacker exploiting this flaw could launch a relay attack, allowing them to gain the privileges of a legitimate user without elevated permissions or insider access.

On September 8, 2025, a large-scale npm supply chain attack quickly compromised 18 popular packages (with the 18 packages representing more than 2.6 billion weekly downloads within the bioinformatics ecosystem). Attackers hijacked a maintainer’s account by impersonating npm support in a phishing campaign to upload backdoored versions of popular packages like chalk, debug, ansi-styles, and supports-color.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Updates on last week’s certificate issuing error.

It’s one thing for us to say Nucleus is changing how enterprises address vulnerability and exposure management. It’s another when three different analyst firms all say it, and at the same time. In recent weeks, Forrester, IDC, and GigaOm each published their latest market evaluations, recognizing Nucleus in all three. That’s rare validation in a market where many vendors don’t even make the cut for inclusion.