Peter Chofield
-
Critical Vulnerability Triage Playbook: How SOCs Prioritize and Patch Critical CVEs
Vulnerability triage: Practical steps SOCs use to prioritize critical CVEs, assign risk, and speed safe patching.
·
·
5–7 minutes -
Pulse Secure network hacked via backdoor embedded in its VPN software
Pulse Secure network was breached after attackers planted a backdoor in the vendor’s VPN code, according to a Bloomberg report. The intrusion affected 119 customer organizations and underscores recurring Ivanti…
·
·
1–2 minutes -
UMMC ransomware attack forces closure of 35 Mississippi clinics
UMMC ransomware attack: University of Mississippi Medical Center closed all 35 statewide clinics after a ransomware infection took information systems offline, forcing cancellations of appointments and non‑urgent care.
·
·
2–3 minutes -
Critical BeyondTrust Remote Support flaw abused by ransomware gangs
BeyondTrust Remote Support vulnerability CVE-2026-1731 is under active exploitation by ransomware operators, CISA confirms. The flaw allows pre-auth command execution and has been used to stage web shells and exfiltrate…
·
·
2–3 minutes -
Critical Ivanti Vulnerability Exploited Since Last Summer in Attacks
Critical Ivanti EPMM vulnerability actively exploited since last summer.
·
·
2–3 minutes -
Critical RCE in Grandstream GXP1600 VoIP phones enables silent eavesdropping (CVE-2026-2329)
Grandstream GXP1600 vulnerability (CVE-2026-2329): critical unauthenticated RCE affecting GXP1600 series; Rapid7 provides PoC and vendor patch 1.0.7.81 is available—apply immediately.
·
·
2–3 minutes -
Amnesty finds Predator spyware on Angolan journalist’s iPhone
Predator spyware: Amnesty’s Security Lab confirms a 2024 infection of an Angolan journalist’s iPhone, documenting data access and repeated re-infection attempts. The report links the incident to known exploitation chains…
·
·
2–4 minutes -
Belgian hospital restores systems a month after ransomware attack
AZ Monica ransomware recovery: Systems at AZ Monica are largely restored a month after a ransomware attack; the hospital says no ransom was paid and there are no confirmed indications…
·
·
3–4 minutes -
AI Weaponization: State Hackers Using Google Gemini for Espionage and Malware Generation
What Happened Google’s Threat Intelligence Group (GTIG) has confirmed that multiple state-sponsored hacking groups are actively using its Gemini large language model (LLM) to enhance their cyber espionage and attack…
·
·
4–6 minutes -
D-Knife Spyware: China-Linked APT Hijacks Routers for Cyber Espionage
Unveiling the D-Knife spyware campaign, a sophisticated China-linked APT operation hijacking internet routers for persistent surveillance and data exfiltration. Discover its techni
·
·
1–2 minutes
