Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Howler Episode 25 - Susan Corcoran, Chief Accounting Officer

Dec 15, 2025 By Arctic Wolf Networks In Arctic Wolf
This month, we sit down with Susan Corcoran, Chief Accounting Officer, as she unpacks common misconceptions about accounting, takes us on her journey from Minnesota dairy farm to London then back to Minnesota, and so much more! With nearly two decades of experience, spanning Deloitte and United Health Group, Susan Corcoran has led everything from SEC reporting to global accounting strategy. Now she's steering Arctic Wolf's financial integrity and compliance at the highest level as Chief Accounting Officer.
View Video

How to Prevent Fileless and In-Memory Attacks with Aurora Endpoint Defense

Dec 12, 2025 By Arctic Wolf Networks In Arctic Wolf
See how Aurora Endpoint Defense prevents advanced memory and script-based attacks before they disrupt your business. Using Alpha AI, Aurora Endpoint optimizes threat detection and response while reducing analyst workload resulting in stronger protection and less operational strain.
View Video
Arctic Wolf

CVE-2025-59718 and CVE-2025-59719: FortiCloud SSO Login Authentication Bypass

Dec 10, 2025 By Julian Tuin In Arctic Wolf
On December 9, 2025, Fortinet released an advisory detailing two critical authentication bypass vulnerabilities affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager. Designated CVE-2025-59718 and CVE-2025-59719, these vulnerabilities allow an unauthenticated threat actor to bypass FortiCloud SSO login authentication via a crafted SAML message if the feature is enabled on the device. Fortinet states that FortiCloud SSO login is disabled by default in factory settings.
Read Post
Arctic Wolf

CVE-2025-55182: Critical Remote Code Execution Vulnerability Found in React Server Components

Dec 4, 2025 By Stefan Hostetler In Arctic Wolf
On December 3, 2025, the React team released fixes for a maximum severity vulnerability in React Server Components (RSC). The vulnerability, tracked as CVE-2025-55182, stems from unsafe handling of serialized DOM elements, allowing for remote code execution in React 19 and other frameworks built on top of it, such as Next.js 15–16. The vulnerability was responsibly disclosed to React as part of a bug bounty program and is not known to be actively exploited in the wild at this time.
Read Post

How Arctic Wolf Delivers Managed Detection and Response with Broad Visibility and Proactive Security

Dec 3, 2025 By Arctic Wolf Networks In Arctic Wolf
In this Managed Detection and Response overview, we see how Arctic Wolf delivers 24x7 monitoring, broad visibility, response capabilities and proactive security recommendations to our customers leveraging their existing security tools and the Aurora Platform.
View Video
Arctic Wolf

Shai-Hulud Malware Targets Numerous NPM Packages in Second-Wave NPM Supply-Chain Attack

Nov 25, 2025 By Andres Ramos In Arctic Wolf
On November 24, 2025, researchers identified a renewed supply-chain attack linked to Shai-Hulud malware, revealing that numerous npm packages had been quietly trojanized following the initial wave of malicious activity in September. This second iteration involved compromised versions of popular packages uploaded between November 21, 2025, and November 23, 2025, with additional compromised packages continuing to surface at the time of writing.
Read Post
Arctic Wolf

How To Combat AI-Enhanced Social Engineering Attacks

Nov 25, 2025 By Arctic Wolf In Arctic Wolf
Artificial intelligence (AI) has supercharged social engineering. Global management consulting firm McKinsey & Company reported a 1,200% global surge in phishing attacks since the rise of generative AI in the latter half of 2022. And it’s not just the number of attacks that’s climbing; it’s also the success rate. Arctic Wolf’s Human Risk Behavior Snapshot: 2nd Edition reveals that nearly two-thirds of IT and security leaders self-reported falling for a phishing attempt.
Read Post
Arctic Wolf

Salesforce Discloses Unauthorized Access to Customer Data via Compromised Gainsight-published Applications

Nov 21, 2025 By Arctic Wolf Labs In Arctic Wolf
On November 19, 2025, Salesforce announced an investigation into unusual activity involving applications published by Gainsight, a company that provides customer success software integrated with Salesforce. In their advisory, Salesforce indicated that they had notified affected customers directly, and that an investigation is ongoing. Salesforce has not yet provided details about the full scope of the malicious activity.
Read Post
Arctic Wolf

CVE-2025-64446: Critical Fortinet FortiWeb Path Traversal Vulnerability Exploited to Create Administrative Accounts

Nov 14, 2025 By Andres Ramos In Arctic Wolf
On November 13, 2025, open source reporting began detailing active exploitation of a silently patched Fortinet FortiWeb vulnerability. The flaw is a path traversal issue in the FortiWeb web application firewall (WAF) that allows an unauthenticated threat actor to create new administrative users on exposed devices. The following day, November 14, Fortinet officially addressed the vulnerability in an advisory, tracking it as CVE‑2025‑64446.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.