Executive Summary The U.S. Secret Service dismantled a network of electronic devices across the New York tristate area used to conduct telecommunications-related threats targeting senior U.S. government officials, which posed an imminent risk to protective operations. The investigation uncovered more than 300 co-located SIM servers and 100,000 SIM cards at multiple sites. The devices were…
The Weakest Link in the Digital Chain In the contemporary software development landscape, where speed and code reusability are paramount, the Node Package Manager (NPM) has become an indispensable pillar of the JavaScript ecosystem. Acting as the world’s largest open-source library repository, with over 3 million packages and billions of weekly downloads, NPM simplifies dependency…
Executive Summary On September 18, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a detailed Malware Analysis Report (AR25-261A) regarding a cyber intrusion targeting Ivanti Endpoint Manager Mobile (EPMM) systems. In this incident, cyber threat actors exploited two critical vulnerabilities (identified as CVE-2025-4427 and CVE-2025-4428) to bypass authentication in the Ivanti EPMM product…
On September 12, 2025, the Federal Bureau of Investigation (FBI) issued a FLASH alert detailing the operations of two cybercriminal groups, UNC6040 and UNC6395, which are targeting Salesforce instances to exfiltrate data and extort organizations. This alert, intended for cybersecurity professionals (CERTs, SOC analysts, CISOs), outlines the initial access vectors, data exfiltration techniques, authentication bypass…
On September 9, 2025, Microsoft released security updates addressing over 80 vulnerabilities across Windows operating systems and related software (81 vulnerabilities were patched on this date). Notably, there were no actively exploited “zero-day” vulnerabilities in this month’s update bundle. However, two publicly disclosed vulnerabilities (zero-days) were fixed, meaning they were known to attackers or researchers…
Executive Summary The Russian state-sponsored threat group APT-C-53 (Gamaredon), active since 2013, continues its espionage operations against Ukrainian governmental and military institutions. In 2025, its campaigns have evolved to include dynamic migration of command-and-control (C2) infrastructures to legitimate cloud services (Microsoft Dev Tunnels, Cloudflare Workers) and the use of advanced obfuscation techniques to bypass detection.…
