Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sysdig

Detecting and Mitigating IngressNightmare - CVE-2025-1974

Mar 25, 2025 By Sysdig Threat Research Team In Sysdig
On Monday, March 24, 2025, a set of critical vulnerabilities affecting the admission controller component of the Ingress NGINX Controller for Kubernetes was announced. In total, five vulnerabilities were announced; the most severe vulnerability, CVE-2025-1974 (CVS 9.8), may result in remote code execution (RCE). Exploitation of this vulnerability can be detected with Sysdig Secure or the Falco rule provided in this article.
Read Post
centripetal

Security Bulletin: GitHub Action Supply Chain Attack - reviewdog/action-setup

Mar 25, 2025 By Lauren Farrell In Centripetal
On March 11, 2025, a supply chain attack targeting the widely used GitHub Action reviewdog/action-setup@v1, leading to the exposure of sensitive CI/CD secrets across multiple repositories. The attack was identified by Wiz Research, which determined that this compromise played a pivotal role in the tj-actions/changed-files incident (Wiz, 2025).
Read Post

POAM Process Automation: Breaking the Manual Grind

Mar 24, 2025 By Nucleus Security In Nucleus
Plans of Action and Milestones (POAM) play a critical role in public sector cybersecurity. In this webinar with government IT solutions provider Carahsoft, we break down the challenges security teams face when implementing POAMs, sharing real-life examples of where things go wrong and why. As part of the presentation, we also cover the intensive math of POAM programs: people, systems, and time.
View Video
jfrog

CVE-2025-29927 - Authorization Bypass Vulnerability in Next.js: All You Need to Know

Mar 24, 2025 By Yoav Saporta In JFrog
On March 21st, 2025, the Next.js maintainers announced a new authorization bypass vulnerability – CVE-2025-29927. This vulnerability can be easily exploited to achieve authorization bypass. In some cases – exploitation of the vulnerability can also lead to cache poisoning and denial of service.
Read Post
CrowdStrike

CrowdStrike Falcon Exposure Management Expands Security to Unmanaged Network Assets with Network Vulnerability Assessment

Mar 24, 2025 By Rona Kedmi In CrowdStrike
As organizations strengthen endpoint and cloud security, attackers are shifting their focus to often-overlooked network infrastructure like routers, switches, and firewalls. Legacy vulnerability management (VM) solutions struggle to keep pace, relying on slow, periodic scans that fail to provide real-time visibility into emerging threats.
Read Post

Falcon Exposure Management Network Vulnerability Assessment: Demo Drill Down

Mar 24, 2025 By CrowdStrike In CrowdStrike
Traditional network vulnerability scanners leave your critical network assets vulnerable, providing outdated visibility and ineffective prioritization. Falcon Exposure Management's Network Vulnerability Assessment (NVA) delivers real-time visibility, AI-powered prioritization with ExPRT.AI, and seamless integration for automated remediation. This demo showcases how NVA streamlines your security strategy, ensuring precise focus on threats that matter most and proactively protecting your network.
View Video
foresiet

Nation-State Threat Actors Leverage Windows Shortcut Vulnerability

Mar 24, 2025 By Foresiet In Foresiet
The newly found Windows shortcut vulnerability is now being actively exploited by state-sponsored Advanced Persistent Threat (APT) actors to execute covert malicious commands. According to new research conducted by Trend Micro's Zero Day Initiative (ZDI), the vulnerability, designated as ZDI-CAN-25373, is now being exploited by Chinese, Iranian, North Korean, and Russian threat actors for worldwide cyber espionage and data theft.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.