Manufacturing Security: Why Default Passwords Must Go

Blog

Byadmblake July 7, 2025

If you didn’t hear about Iranian hackers breaching US water facilities, it’s because they only managed to control a single pressure station serving 7,000 people. What made this attack noteworthy wasn’t its scale, but how easily the hackers gained access — by simply using the manufacturer’s default password “1111.” This narrow escape prompted CISA to urge manufacturers…

Blog

Microsoft SharePoint Zero-day

What is the Vulnerability?A critical zero-day vulnerability in Microsoft SharePoint, identified as CVE-2025-53770, has been actively exploited in the wild since at least July 18, 2025. This vulnerability affects on-premises SharePoint Servers and currently has no available patch. Microsoft has confirmed that attackers are targeting this flaw, which appears to be a variant of the…

Read More Microsoft SharePoint Zero-day
Blog

3 VMware Zero-Day Bugs Allow Sandbox Escape

The now-patched bugs are under active exploit and enable attackers to carry out a wide range of malicious activities, including escaping a virtual machine and gaining access to the underlying host.

Read More 3 VMware Zero-Day Bugs Allow Sandbox Escape
Blog

Anubis Threat Group Seeks Out Critical Industry Victims

The threat group has a variety of tactics in its toolbox, including double extortion and ransomware-as-a-service.

Read More Anubis Threat Group Seeks Out Critical Industry Victims
Blog

Attackers Target the Foundations of Crypto: Smart Contracts

A whole criminal ecosystem revolves around scamming users out of their crypto assets, but malicious — or vulnerable — smart contracts could be used against businesses as well.

Read More Attackers Target the Foundations of Crypto: Smart Contracts
Blog

⚡ Weekly Recap: VPN Exploits, Oracle’s Silent Breach, ClickFix Comeback and More

Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps — but in job offers, hardware, and cloud services we rely on every day. Hackers don’t need sophisticated exploits anymore. Sometimes, your credentials and…

Read More ⚡ Weekly Recap: VPN Exploits, Oracle’s Silent Breach, ClickFix Comeback and More
Blog

MITRE’s Latest ATT&CK Simulations Tackle Cloud Defenses

The MITRE framework’s applied exercise provides defenders with critical feedback about how to detect and defend against common, but sophisticated, attacks.

Read More MITRE’s Latest ATT&CK Simulations Tackle Cloud Defenses

Related