Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Artificial intelligence is changing how businesses work and compete. In every corner of the market, organizations expect more productivity. The question facing today’s business leaders is no longer whether to embrace artificial intelligence but how to harness its full potential to drive meaningful and sustainable transformation.

In September, we covered the Shai-Hulud worm, a self-replicating attack that exposed just how fragile the npm supply chain can be. But as we know, successful malware rarely stays static. Late November marked the arrival of Shai-Hulud v2, or as its authors rather dramatically titled it, “The Second Coming”. This isn’t just a rerun; it’s a remaster. The new iteration is stealthier, more aggressive, and significantly more dangerous. While v1 was a wake-up call, v2 is a fire drill.

The cybersecurity landscape is changing at a pace we haven’t experienced since the dawn of cloud computing. The newest disruptor, the rise of AI browsers such as Perplexity Comet and OpenAI’s ChatGPT Atlas, promises to revolutionize user interaction with the web. But behind the innovation lies a long list of risks that enterprises cannot afford to ignore.

‍On December 3rd, the React team disclosed a critical security flaw in React Server Components known as CVE-2025-55182. With a CVSS score of 10.0, this issue is extremely severe. React and Next.js are the backbone of the modern web. Consequently, this vulnerability likely sits deep within your third-party vendor ecosystem in addition to your own codebase.

Attackers thrive on ambiguity. They blend into normal traffic, pivot between cloud and on-prem systems, and use valid credentials to move quietly. Your conventional controls—while essential—often fire only after risky actions are taken on real assets. Cyber deception flips that sequence: it places deception decoys, breadcrumbs, and fake assets in the attacker’s path so that any touch is a high-fidelity signal.

The Mirai botnet, first unleashed in 2016, continues to evolve into increasingly sophisticated variants, posing severe risks to the Internet of Things(IoT) ecosystem. This report examines the Jackskid Botnet—a newly identified Mirai derivative—characterized by its aggressive propagation via zero-day exploits and brute-force attacks, resulting in daily active bot IPs surpassing 40,000 as of late November 2025.

When ransomware drove record losses, insurers began scrutinizing basic controls like multi-factor authentication (MFA), backups, and endpoint detection. Now, AI-driven automation is introducing a new category of risk—AI agents—and insurers are responding with heightened attention to privilege management. AI agents are non-human identities that can approve payments, access sensitive data, and execute commands using powerful API keys.

On Wednesday, December 3, a critical remote code execution (RCE) vulnerability in React Server Components (RSC), dubbed React2Shell (CVE-2025-55182), was disclosed. The CVE was discovered by security researcher Lachlan Davidson. It quickly gained traction with multiple third-party proof of concepts (PoCs) being published of varying quality and credibility.

Privileged Entitlements Management (PEM) is a specialized cybersecurity practice that focuses on securely managing high-risk entitlements, also known as permissions, access rights, or privileges, which grant access to sensitive data, critical resources, and essential services across an organization's IT infrastructure.

Every year, security teams and MSPs look to the MITRE ATT&CK Evaluations for one thing: clarity. Not marketing, but a transparent view of how endpoint products behave under real adversary tactics. MITRE ATT&CK Evaluations Enterprise Round 7 (MITRE ER7) is no exception. In the Windows “Hermes” scenario, modeled after Mustang Panda activity, the data shows how WatchGuard delivers strong, reliable protection with lower operational burden for security teams and MSPs.