Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Zenity

Why AI Security Requires Context: Introducing Issues & the Correlation Agent

Dec 4, 2025 By Dina Durutlic In Zenity
Data is never the problem. Security teams rarely complain about having too much of it. The real danger comes from data that sits unconnected and unexplained. What teams actually need is data that is actionable and converges into meaning. Data that cuts deeper than surface level signals. Data that reveals what is unfolding and what needs to happen next.
Read Post
CrowdStrike

Unveiling WARP PANDA: A New Sophisticated China-Nexus Adversary

Dec 4, 2025 By Counter Adversary Operations In CrowdStrike
Throughout 2025, CrowdStrike has identified multiple intrusions targeting VMware vCenter environments at U.S.-based entities, in which newly identified China-nexus adversary WARP PANDA deployed BRICKSTORM malware. WARP PANDA exhibits a high level of technical sophistication, advanced operations security (OPSEC) skills, and extensive knowledge of cloud and virtual machine (VM) environments.
Read Post
CrowdStrike

Indirect Prompt Injection Attacks: A Lurking Risk to AI Systems

Dec 4, 2025 By John Gamble In CrowdStrike
The rapid adoption of AI has introduced a new, semantic attack vector that many organizations are ill-prepared to defend against: prompt injection. While many security teams understand the threat of direct prompt injection attacks against AI agents developed by their organizations, another more subtle threat lurks in the shadows: indirect prompt injection attacks.
Read Post

Ep 1. Building DORA Ready Defenses

Dec 4, 2025 By SafeBreach In SafeBreach
In this premiere episode of The Cyber Resilience Brief, we dive into the EU’s Digital Operational Resilience Act (DORA) — and why its impact goes far beyond Europe. Host Tova Dvorin is joined by Adrian Culley and David Murray from SafeBreach to break down what means for financial institutions, insurers, and ICT providers worldwide. The session covers: Listen now for actionable insights on evolving from incident response to instant anticipation, staying ahead of attackers, and meeting tomorrow’s regulatory demands today.
View Video
the cyber helpline

What is Tech Facilitated Abuse? A Guide to Online Gender-Based Violence

Dec 4, 2025 By The Cyber Helpline In The Cyber Helpline
Technology is part of everyday life, offering connection and convenience. For many women and girls experiencing gender based violence in the UK, that same technology is increasingly used as a tool of control, surveillance and harm. Understanding how this abuse works is essential for safeguarding and accountability.
Read Post
safebreach

SafeBreach Coverage for Updated CISA AR25-338A: BRICKSTORM Backdoor

Dec 4, 2025 By Tova Dvorin In SafeBreach
On December 4, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the Canadian Centre for Cyber Security jointly released Malware Analysis Report AR25-338A analyzing BrickStorm malware, a sophisticated backdoor attributed to the People’s Republic of China (PRC) state-sponsored cyber actors.
Read Post
bitsight

Security Alert: CVE-2025-66478 & CVE-2025-55182 (React2Shell) - Next.js React Server Components Remote Code Execution

Dec 4, 2025 By Emma Stevens In BitSight
A critical vulnerability, CVE-2025-66478, has been identified in Next.js applications using React Server Components (RSC) with the App Router. This vulnerability receives a CVSS score of 10.0 and a Bitsight Dynamic Vulnerability Exploit (DVE) score of 7.85. This vulnerability may allow remote code execution (RCE) when affected servers process attacker-controlled RSC requests. CVE-2025-66478 is tied to an upstream React issue (CVE-2025-55182–DVE score 9.15) affecting the RSC protocol implementation.
Read Post
Feroot

How to Automate Payment Page Script Audits for PCI DSS: 6 Hours to 6 Minutes

Dec 4, 2025 By Feroot In Feroot
Most teams spend more than 40 hours a week just keeping their payment page script inventories updated. And that’s meticulous work as they have to load the page, watch what scripts fire, map domains, and compare it all to the last version, just to ensure the changes are documented before the details go stale. Also check out How to Maintain PCI Compliance Across Hundreds of Payment Pages But for organizations with 50 to more than 200 payment pages, it goes even further.
Read Post
Arctic Wolf

CVE-2025-55182: Critical Remote Code Execution Vulnerability Found in React Server Components

Dec 4, 2025 By Stefan Hostetler In Arctic Wolf
On December 3, 2025, the React team released fixes for a maximum severity vulnerability in React Server Components (RSC). The vulnerability, tracked as CVE-2025-55182, stems from unsafe handling of serialized DOM elements, allowing for remote code execution in React 19 and other frameworks built on top of it, such as Next.js 15–16. The vulnerability was responsibly disclosed to React as part of a bug bounty program and is not known to be actively exploited in the wild at this time.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.