Elles De Yeager
-
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
Grafana has issued urgent security updates for a critical vulnerability in its SCIM provisioning feature, carrying a maximum CVSS score of 10.0. This flaw (CVE-2025-41115) could allow attackers to escalate privileges or impersonate users, especially in Grafana versions 12.x where SCIM provisioning is active, leading to a newly provisioned user being treated as an existing…
-
Google: Data of two hundred Salesforce customers stolen via Gainsight apps
A major cyberattack has resulted in the theft of data from over 200 Salesforce customers, stemming from compromised Gainsight applications. The group claiming responsibility is known as “Scattered Lapsus$ Hunters,” also identified as UNC6040 by Google’s Mandiant team.
-
AI-Based Obfuscated Malware Evades AV Detection
Malicious Android applications use AI-powered obfuscation to bypass antivirus detection. These apps mimic delivery services, steal user data, and employ sophisticated evasion techniques. Security analysts identified advanced obfuscation, making reverse engineering difficult.
-
ShadowRay 2.0: Ray AI Flaw Exploited for Cryptomining
ShadowRay 2.0 exploits a Ray AI flaw, creating a self-spreading GPU cryptomining botnet. Attackers use unpatched vulnerabilities, GitLab, and GitHub to spread malware and hijack computing power.
-
German Firms Pioneer Mobile 3D Printing for Field Use
German firms NextFab and KMW develop a mobile 3D printing system for rapid deployment, revolutionizing military logistics and disaster response with on-site manufacturing of critical components.
-
Ukraine Mass Produces Octopus Drone Interceptors
Ukraine begins mass production of Octopus drone interceptors to counter Iranian-made Shahed drones, enhancing aerial defense and safeguarding infrastructure.
-
SpearSpecter — Iranian-linked APT42 uses WhatsApp lures and PowerShell backdoor
INDA analysis shows APT42’s SpearSpecter uses WhatsApp lures and a modular PowerShell backdoor that targets officials and family members; detection steps and IOCs are included in the report.
-
GTG-1002: AI-assisted espionage campaign abused an AI coding tool
A campaign tracked as GTG-1002 used an AI coding tool to automate reconnaissance, vulnerability validation, and exploit generation against roughly 30 organizations. The attackers relied on commodity tools rather than bespoke malware, making detection possible with standard defenses. Defenders should gate high‑risk actions, verify AI outputs, and prioritize patching.
-
What is EPSS? Exploit Prediction Scoring System
Explainer: what EPSS is and how teams use it to prioritize vulnerabilities.
-
What is OpenID Connect (OIDC)? — Explainer tied to CVE-2025-54603
A concise explainer of OpenID Connect (OIDC) and how product-level OIDC misimplementations (as in CVE-2025-54603) can lead to authentication bypasses.