Small world: The revitalization of small AI models for cybersecurity
Sophos X-Ops explores why larger isn’t always better when it comes to solving security challenges with AI
-
-
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ecosystems and prevent software supply chain attacks. “As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream maintainers,” Matthew Suozzo, Google Open…
-
CISA Warns: SysAid Flaws Under Active Attack Enable Remote File Access and SSRF
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting SysAid IT support software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2025-2775 (CVSS score: 9.3) – An improper restriction of XML external entity (XXE) reference vulnerability in the
-
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. To that end, Federal Civilian Executive Branch (FCEB) agencies are required to remediate identified vulnerabilities by July 23, 2025. “CISA is
-
Proof of Concept for Microsoft Word RTF Font Table Heap Corruption (CVE-2023-21716) Released
Update 3/14 – Coverage section updated with available IPS signature.FortiGuard Labs is aware of a new proof of concept released over the weekend for CVE-2023-21716 (Microsoft Word Remote Code Execution Vulnerability).Patched in the February Microsoft Monthly Security Release, CVE-2023-21716 is a vulnerability within Microsoft Office’s wwlib which allows attackers to achieve remote code execution on…
-
China Introduces National Cyber ID Amid Privacy Concerns
China officially rolled out a voluntary Internet identity system to protect citizens’ online identities and personal information, but critics worry about privacy and surveillance.
-
Microsoft Integrates Data Lake With Sentinel SIEM
Microsoft Sentinel Data Lake aims to provide inexpensive storage for large volumes of telemetry, while threat intelligence will be included with Defender XDR at no extra cost.
-
Darktrace Acquires Mira Security for Network Visibility
The acquisition gives the British cybersecurity solutions provider more insights into encrypted network traffic and additional decryption capabilities.
-
3 China Nation-State Actors Target SharePoint Bugs
Hackers and cybercrime groups are part of a virtual feeding frenzy, after Microsoft’s recent disclosure of new vulnerabilities in on-premises editions of SharePoint Server.
-
Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups
Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a third China-based threat actor, which it tracks as Storm-2603, weaponizing the flaws as…