Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As of early May 2025, Arctic Wolf has observed exploitation in the wild of CVE-2024-7399 in Samsung MagicINFO 9 Server—a content management system (CMS) used to manage and remotely control digital signage displays. The vulnerability allows for arbitrary file writing by unauthenticated users, and may ultimately lead to remote code execution when the vulnerability is used to write specially crafted JavaServer Pages (JSP) files.

Snyk Learn, our developer security education platform, now includes lessons on risks in open source software! Check out the new learning path that covers the OWASP Top 10 risks for open source software. Open source software forms the backbone of today’s digital infrastructure. From libraries and frameworks to entire platforms, open source is everywhere. But as a famous uncle once said, with great power comes great responsibility!

The 2025 edition of Verizon’s Data Breach Investigations Report (DBIR) shows a new reality: about one in five confirmed breaches now starts with exploitation of a software vulnerability, a 34 percent jump over the previous year and the first time the vector has surpassed phishing.

It’s easy to think of ISO 27001 as a simple checkbox requirement to get through quickly. Still, technical vulnerabilities in constantly changing environments require more than short-term fixes, as ISO 27001 requires a structured approach for managing them specifically. Here’s the kicker: 60% of breaches exploited known vulnerabilities for which patches were available, but were either delayed or missed. Although the policy may exist, its execution often falls short in the details.

A quarter century ago, a former computer science student from the Philippines accidentally unleashed one of the most destructive computer viruses in modern history.

The rapid adoption of AI coding assistants is transforming software development in ways both good and bad. Developers can produce more code faster than ever with AI, and 96% of developers report using AI coding assistants to streamline their work. AI code generation is becoming mainstream, and in late 2024, Google reported that AI writes more than 25% of its code. While GenAI tools increase productivity, they’re also creating more work for application security teams.

In a previous security bulletin sent by Arctic Wolf on April 17, 2025, we advised of a credential access campaign targeting SonicWall SMA devices along with remediation guidance. As of April 29, 2025, SonicWall has updated their advisories for several vulnerabilities that are now linked to ongoing exploitation in the threat landscape.

In the vast landscape of cybersecurity, it’s often not the zero-click iPhone exploits or flashy ransomware variants that expose the most users — sometimes it’s the tools we’ve trusted for decades. One such example is CVE-2025-33028, a vulnerability in WinZip, a program that’s been a staple in personal and corporate environments for over 30 years.