soc

U.S. State and Local Government Under Ransomware: 2025–2026 Trend Analysis U.S. state and local government organizations remain under growing pressure from ransomware, making the issue a major cybersecurity and public service concern in 2025 and 2026. From city administrations and county offices to school districts, courts, and public safety agencies, these institutions rely on connected […]

U.S. Institutions and the Dark Web: What’s Being Sold and Who’s Buying? The modern Dark Web has evolved from a fragmented collection of independent hackers into a highly sophisticated, industrialized economy. The Dark Web market features established business practices, including specialized labor (such as Initial Access Brokers or malware developers), escrow systems, vendor reputation scores, […]

Two cybersecurity leaders tested out AI in their respective SOCs for six months — and here’s what they learned.

AstraZeneca Data Breach: What You Need to Know A newly surfaced Dark Web post is drawing attention to an alleged AstraZeneca data breach linked to the LAPSUS$ threat group. Based on the materials reviewed, the claim goes beyond a routine leak post and suggests possible exposure of internal code repositories, access-related data, cloud and infrastructure […]

CVE-2025-32975: Quest KACE SMA SSO Authentication Bypass Enables Admin Takeover Quest KACE Systems Management Appliance (SMA) has a maximum-severity vulnerability, CVE-2025-32975, that allows an attacker to bypass authentication in the product’s SSO authentication handling. An unauthenticated attacker can potentially impersonate legitimate users and work toward full administrative takeover. Reporting in March 2026 tied suspicious, real-world […]

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2026-Adresse geschuetzt(FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal […]

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2022-20775 Cisco Catalyst SD-WAN Path Traversal Vulnerability CVE-2026-20127 Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability  These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the […]

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2021-Adresse geschuetzt(SSRF) Vulnerability CVE-2026-Adresse geschuetzt(RP4VMs) Use of Hard-coded Credentials Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing […]

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-Adresse geschuetzt CVE-2026-Adresse geschuetzt These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited […]

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2018-Adresse geschuetzt CVE-2025-Adresse geschuetzt CVE-2026-Adresse geschuetzt CVE-2026-Adresse geschuetzt CVE-2026-Adresse geschuetzt These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing […]