Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today’s security teams face disconnected tools and scattered data, which makes managing cyber risk increasingly complex. With the rapid rise in ransomware, new CVEs, and a constant stream of emerging threats, it has become difficult to monitor not only an organization’s own security posture but also the security of its third- and fourth-party vendors.

In December 2024, we announced Dynamic Remediation, an initiative that accelerates the feedback of customers' remediation efforts. The goal was simple but ambitious: reduce the time between a remediation and seeing that improvement reflected in Bitsight Security Ratings. This initiative was built in response to direct customer input. You asked for faster validation of your remediation, more transparency, and credit when vulnerable assets were remediated or taken offline.

This post will describe a long-running spam campaign from a Brazilian group known for using the Lampion stealer. We’ll detail the latest updates on the infection chain and its components, share previously undescribed indicators, and cover key takeaways, including.

According to Bitsight TRACE’s 2025 State of the Underground report, the most exposed devices tied to critical vulnerabilities were found in the United States, and the most affected sectors included Information (telecom, IT) and Professional, Scientific, and Technical Services (including security and software vendors).

In its 2025 State of the Underground report, Bitsight TRACE found that ransomware activity continued to escalate in 2024, with a 25% increase in unique victims listed on leak sites and a 53% increase in the number of ransomware group-operated leak sites. The report also observed a 43% increase in data breaches shared on underground forums, with nearly one in five victims based in the United States. These findings highlight a continued upward trend in cyberattack activity.

Security teams today face a widening visibility gap: while exposures appear daily, traditional scanning cycles take weeks to reflect them.

On October 15, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive ED 26-01, ordering federal agencies to mitigate a significant security breach involving F5 BIG-IP products. F5 disclosed that nation-state threat actors maintained long-term unauthorized access to internal systems, exfiltrating: This breach represents a major risk to organizations running F5 devices, especially those with exposed management interfaces or unpatched systems.

Helping customers understand rating changes has always been a core commitment at Bitsight. A rating shift can spark questions from executives, board members, or regulators, and security leaders must be ready to answer with clarity and confidence. That’s why we’ve introduced new updates to the Bitsight platform designed to make our cyber risk intelligence solutions more actionable.

Trust isn’t just a nice-to-have. It’s the foundation your organization is built on, fueling everything from customer loyalty to stronger partnerships and confident employees. But today, trust must be built across more digital channels than ever: websites, social platforms, app stores, and much more.

In a world where internet connectivity intersects with just about every facet of our physical world—from cameras and door locks to power grids and factory robots—cyber risk intelligence has moved well beyond just protecting the bits and bytes of logical IT ecosystems. Security and risk professionals also have to be on the lookout for and aware of improperly secured cyber physical devices, like IoT devices, which greatly expand the enterprise attack surface.

At Bitsight, one of the responsibilities of the Vulnerability Research team is to develop fingerprinting methods to not only identify exposed services, but also vulnerabilities in those services. When it comes to detecting vulnerabilities, there are increased challenges depending on the complexity of both the vulnerability and the vulnerable service.

At Bitsight, one of the responsibilities of the Vulnerability Research team is to develop fingerprinting methods to not only identify exposed services, but also vulnerabilities in those services. When it comes to detecting vulnerabilities, there are increased challenges depending on the complexity of both the vulnerability and the vulnerable service.

Third-party attacks have emerged as one of the most critical threats in the modern cyber landscape. Adversaries increasingly exploit vulnerabilities within external vendors, suppliers, contractors, and service providers to gain indirect access to target organizations, often with severe consequences. These breaches can lead to significant data loss, operational disruption, regulatory penalties, and reputational damage.

A critical vulnerability (CVE-2025-61882) has been identified in Oracle E-Business Suite, specifically impacting the Concurrent Processing component through its BI Publisher Integration. This widely used enterprise resource planning platform is deployed across finance, HR, procurement, and other critical business functions, making any compromise potentially devastating.

The Governance, Risk, and Compliance (GRC) team and the Security Operations Center (SOC) shouldn’t be working in silos. Yet in many organizations, these teams operate with different data, priorities, and goals, missing a critical opportunity to strengthen the organization’s overall resilience. When GRC and SOC collaborate, the organization is better prepared, whether it’s responding to a real-world attack, passing an audit, or navigating the daily chaos of the cyber threat landscape.