Exploitation of CVE-2025-0282 | CVSS 9.0 | SPAWN/SPAWNCHIMERA Malware Family Dominant ATT&CK Techniques: T1190 (Exploit Public-Facing Application), T1071.001 (Web Protocols), T1556 (Modify Authentication Process) Affected Technology: Ivanti Connect Secure (Pulse Secure) VPN Appliance Classification: TLP:CLEAR-PAP:CLEAR 1. Executive Summary (Board-Level Strategic Abstract) The RESURGE implant represents a first-order structural threat to any organization operating Ivanti Connect…
Executive Summary The Australian Signals Directorate (ASD) has released Azul, an open-source malware analysis platform designed for large-scale operational environments including national CERTs, government cyber teams, and large enterprise SOCs. Azul provides a structured malware repository, an automated analytical engine derived from reverse engineering workflows, and a clustering framework powered by Opensearch. The platform is…
Threat Analysis and Exposure Surfaces According to ANSSI 1. Scope and Context of the Analysis In its report CERTFR-2026-CTI-001 published on February 4, 2026, ANSSI provides a structured threat assessment focused on the role of generative artificial intelligence in cyber attacks. The document specifically addresses generative AI systems, defined as systems capable of producing text,…
Executive Summary In late January 2026, CERT-UA issued a critical alert regarding the active exploitation of CVE-2026-21509, a vulnerability affecting Microsoft Office. The vulnerability is being leveraged by the threat actor UAC-0001, attributed to the Russian state-sponsored group APT28 (Fancy Bear). Observed attacks primarily target Ukrainian governmental institutions, but multiple European Union organizations have also…
Context CISA published an alert on January 28, 2026, regarding active exploitation of vulnerability CVE-2026-24858 affecting multiple Fortinet products. This flaw was added to CISA’s KEV (Known Exploited Vulnerabilities) catalog on January 27, 2026. Fortinet has released patches and recommendations to remediate this critical authentication bypass vulnerability. Technical Description of the Vulnerability CVE-2026-24858 is an…
Executive Summary In January 2026, Microsoft’s Patch Tuesday addressed 114 vulnerabilities, including 8 Critical flaws primarily in Windows and Office. The release fixed multiple remote code execution (RCE) and elevation of privilege (EoP) bugs. Microsoft confirmed one actively exploited zero-day (CVE-2026-20805) and two publicly disclosed issues patched this month (CVE-2023-31096 and CVE-2026-21265). One publicly known…
