Attackers are hitting a frequent target in the network edge space, intruding victim networks through a defect in a widely used mobile endpoint security product.

Voice-based phishing was at the root of multiple attack sprees Mandiant responded to last year, reflecting a concerning shift in tactics.

Cisco’s response to the latest SD-WAN and firewall defects has been fast, but the harder question is how long sophisticated actors had a head start — and…

Blind spots in complex cloud environments allow identity-based attacks to achieve the same outcome as complex malware or zero-day exploits. Sophistication need not apply.

The average time from intrusion to network movement in 2025 was 29 minutes, a 65% increase in speed from the year prior.

Shadowserver scans have identified 86 compromised instances, and researchers warn multiple threat groups are involved.

Limited attacks occurred prior to Ivanti’s disclosure, followed by mass exploitation by multiple threat groups. More than 1,400 potentially vulnerable instances remain exposed.

The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon.

The tech giant addressed a record-high number of defects for the year in its latest update.

The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity.