Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

CVE-2025-14733: WatchGuard Firebox iked Out of Bounds Write Vulnerability Exploited in the Wild

Dec 19, 2025 By Andres Ramos In Arctic Wolf
On December 18, 2025, WatchGuard released fixes for CVE-2025-14733, a critical out-of-bounds write vulnerability in the Internet Key Exchange daemon (iked) process used to establish VPN tunnels in Fireware OS, which powers Firebox firewall appliances. Exploitation of this vulnerability allows a remote, unauthenticated threat actor to execute arbitrary code. WatchGuard has confirmed in-the-wild exploitation in their advisory.
Read Post
nucleus

Looking Ahead to 2026: Why Cyber Economics Will Redefine the CISO's Mandate

Dec 18, 2025 By Jeff Gouge In Nucleus
Cybersecurity in 2026 will be driven by economics. Not hype. Not novelty. Economics. Attackers follow financial incentives and scale their operations faster than most enterprises can defend. CISOs must shift from reporting technical metrics to explaining business impact, guide safe AI adoption as Shadow AI grows, and design programs that emphasize resilience over perfection.
Read Post
bitsight

CVE-2025-55182: First Days of React2Shell Exploitations

Dec 18, 2025 By João Godinho In BitSight
On December 3rd Lachlan Davidson disclosed an unauthenticated remote code execution vulnerability in React Server Components (RSC) that exploits how React.js (and Next.js) decodes payloads sent to React Server Function endpoints. On December 4th we started observing fingerprinting attempts for these vulnerabilities and on December 5th we started observing exploitation attempts. React.js is used by 66% of the global digital supply, in the top 0.06% of all technologies.
Read Post
foresiet

Lazarus Group (APT38 / APT-C-26) Exploits WinRAR Vulnerability CVE-2025-8088 for Archive Poisoning Attacks

Dec 18, 2025 By Foresiet In Foresiet
During routine threat research and monitoring of Chinese-language underground distribution channels, our team identified a malicious RAR archive. Specifically, this archive abuses a critical WinRAR directory traversal vulnerability to achieve arbitrary file write and persistence on Windows systems. To accomplish this, the archive leverages a combination of NTFS Alternate Data Streams (ADS) and directory traversal logic.
Read Post
How PPC Campaign Vulnerabilities Can Lead to Ransomware Attacks

How PPC Campaign Vulnerabilities Can Lead to Ransomware Attacks

Dec 18, 2025 By SecuritySenses In SecuritySenses
In the US, search ad spend was expected to reach $124.59 billion in 2024. Those big pay-per-click (PPC) advertising budgets are attracting the attention of cybercriminals. Click fraud is a well-known hazard in marketing circles. However, a more insidious threat lurks in the background.
Read Post
Digital Signage Security: The IoT Vulnerability Hiding in Plain Sight

Digital Signage Security: The IoT Vulnerability Hiding in Plain Sight

Dec 18, 2025 By SecuritySenses In SecuritySenses
Walk through any airport terminal, hospital corridor, or corporate lobby, and you will encounter digital signage displays. They announce flight departures, guide patients to their appointments, and broadcast company news to employees. These screens have become so common that we barely notice them anymore. And that invisibility is precisely the problem. While cybersecurity teams focus their attention on firewalls, endpoint protection, and cloud security, digital signage systems often slip under the radar as low-priority assets. Hackers, however, have taken notice.
Read Post
outpost 24

700Credit Breach: What Organizations Need to Know

Dec 17, 2025 By Dominique Adams In Outpost 24
700Credit, a US-based credit check and compliance provider, disclosed in late October that it had suffered a significant data breach affecting nearly 18,000 dealerships and more than 5.6 million consumers. According to the company’s disclosure and subsequent reporting, the exposed data includes names, addresses, dates of birth, and Social Security numbers.
Read Post
indusface

CVE-2025-66675: Apache Struts DoS Vulnerability Leads to Disk Exhaustion

Dec 17, 2025 By Bhargavi Pallati In Indusface
A newly disclosed denial-of-service vulnerability, CVE-2025-66675, affects a wide range of Apache Struts 2 versions and poses a serious availability risk for applications that handle file uploads. While the EPSS score is 0.05%, indicating a low probability of exploitation in the next 30 days, the vulnerability still represents a high availability risk for exposed and unpatched environments.
Read Post
seemplicity

Modern Exposure Management Is About Outcomes, Not Alerts

Dec 17, 2025 By Megan Horner In Seemplicity
Modern exposure management has evolved beyond vulnerability scanning and alert volume into a discipline focused on measurable risk reduction. As the exposure management market matures, security leaders are adopting cyber exposure management platforms that unify signals across vulnerability, cloud, application, and attack surface tools to prioritize what truly matters.
Read Post
Arctic Wolf

CVE-2025-40602: SonicWall Releases Fix for SMA1000 Privilege Escalation Zero-Day Under Active Attack

Dec 17, 2025 By Andres Ramos In Arctic Wolf
On December 17, 2025, SonicWall released fixes for an actively exploited medium-severity zero-day vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC), tracked as CVE-2025-40602. The vulnerability allows local threat actors to escalate privileges due to insufficient authorization in the SMA1000 AMC and does not affect SSL VPN functionality on SonicWall firewalls.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.