- Home
- Cybercrime and Ransomware
- Emerging Tech
- Threat Intelligence
- Expert Insights
- Careers and Learning
- Compliance
Subscribe to Updates
Subscribe to our newsletter and never miss our latest news
Subscribe my Newsletter for New Posts & tips Let's stay updated!
Author: Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Fast Facts Two China-linked hacking groups, Earth Lamia and Jackpot Panda, rapidly exploited the critical React2Shell vulnerability (CVE-2025-55182) allowing remote code execution shortly after its public disclosure. The vulnerability, now patched in React versions 19.0.1, 19.1.2, and 19.2.1, was exploited to target sectors like finance, government, and tech across various regions, with actors using automated scans to identify vulnerable systems. Jackpot Panda has a history of supply chain attacks and domestic surveillance, with recent activity focusing on Chinese-speaking victims and aggressive exploitation of multiple zero-day flaws. Cloudflare’s outage was caused by a security patch deployment to mitigate React2Shell, highlighting the…
Top Highlights Rust Outperforming C/C++: Rust is gaining traction over C and C++ due to its memory safety, resulting in up to 1,000 times fewer bugs and improved code stability, according to Google’s insights. Enhanced Efficiency: Development metrics demonstrate a 25% reduction in code review time and lower rollback rates for Rust implementations compared to C++, indicating higher code quality and efficiency. Strategic Adoption: Companies like Google and Microsoft are transitioning to Rust incrementally, integrating it into specific high-risk areas rather than complete system rewrites, maximizing existing investments in legacy code. Beyond Memory Safety: While Rust significantly reduces memory-related issues,…
Top Highlights Barts Health NHS Trust’s database was compromised by Clop ransomware exploiting a zero-day Oracle EBS vulnerability (CVE-2025-61882), leading to the theft of several years’ worth of invoices containing personal data. The stolen data included full names, addresses of patients, former employees, and suppliers, with some information already publicly available; leaked files also involved accounting services for NHS Trusts. The breach was identified in November after data appeared on the dark web in August, prompting Barts to seek a High Court order to prevent further dissemination, though enforcement is limited. Major organizations, including Harvard and the University of Pennsylvania,…
Top Highlights Government Retraction: India’s government withdraws an order mandating smartphone manufacturers to pre-install an undeletable cybersecurity app, Sanchar Saathi, following public and industry backlash. App Impact: Launched in January, Sanchar Saathi aims to combat mobile crimes, achieving over 14 million downloads and reportedly deactivating millions of stolen devices and tracing others. Public Concerns: Pushback stemmed from fears of surveillance and privacy violations, especially given India’s history with state surveillance tactics like the use of spyware. Call for Transparency: Experts suggest improving public understanding of the app’s security benefits and the permissions it requires, rather than enforcing mandatory installation to…
Top Highlights The webinar on December 16 will focus on how cyberattacks increasingly stem from exposed digital assets rather than traditional software vulnerabilities. It highlights the limitations of CVE-based security approaches, emphasizing the need to address real-world cloud misconfigurations and publicly accessible services. Attendees will learn how attackers evaluate exposed assets, identify weak points, and how Attack Surface Management (ASM) can help organizations detect, reduce, and manage these risks. Criminal IP’s AI-powered Threat Intelligence platform offers visibility into hidden attack vectors, supporting proactive cybersecurity strategies across global digital environments. What’s the Problem? On December 16, 2025, Criminal IP hosted a…
Top Highlights China-backed Hack: A China-linked threat actor, dubbed Warp Panda, infiltrated VMware vCenter environments in the U.S., deploying Brickstorm malware to target multiple industries including legal and technology. Strategic Objectives: The attacks align with the Chinese Communist Party’s goals, aiming to gather sensitive data to bolster economic competition and regional influence. Persistent Access: Warp Panda has established long-term access in compromised networks, exemplified by an incident where hackers lingered from April 2024 to September 2025. CISA and NSA Warnings: Federal agencies issued alerts regarding these activities, highlighting the use of Brickstorm to extract credentials and create rogue virtual machines…
Summary Points A bipartisan Senate group is reviving the Health Care Cybersecurity and Resiliency Act to strengthen regulations, funding, and roles related to healthcare cybersecurity. The bill aims to improve coordination between HHS and CISA, enhance provider training, and update HIPAA regulations with modern cybersecurity practices. It proposes a five-year grant program for select healthcare entities to bolster cybersecurity resilience, though specific funding amounts are unspecified. The legislation responds to recent major healthcare data breaches, emphasizing the need for stronger protections of sensitive medical information. What’s the Problem? A bipartisan group of senators, including Bill Cassidy, Mark Warner, Maggie Hassan,…
Top Highlights Warp Panda, a sophisticated China-linked threat group, has been targeting US legal, manufacturing, and tech sectors since 2022, focusing on long-term network access via edge device exploitation and lateral movement through VMware vCenter using valid credentials and vulnerabilities. The group employs advanced malware like BrickStorm, which masquerades as legitimate processes, persists undetected for months, and uses stealth techniques such as log clearing and VM shutting to avoid detection. Exploiting vulnerabilities in VPNs, VMware, and F5 devices, Warp Panda deploys multiple malware families (e.g., Junction, GuestConduit) to facilitate command execution, network tunneling, and data exfiltration, notably targeting Microsoft Azure…
Fast Facts Security must be integrated from the start of development and decision-making, not added as an afterthought, to effectively safeguard applications and data. Cultivating a shared cultural responsibility and communal visibility between security and engineering teams is crucial for identifying vulnerabilities and strengthening resilience. The evolving role of the CISO is now organizational and strategic, requiring fluency in regulation, technical insight, and leadership to influence business strategy and ensure compliance. Embracing AI responsibly, fostering continuous assurance, and shifting from reactive to proactive security practices are essential for building trust, compliance, and innovation in the modern security landscape. What’s the…
Quick Takeaways Cloudflare blamed its Friday outage on mitigation measures for the React2Shell vulnerability (CVE-2025-55182), which is an unauthenticated remote code execution flaw. The company quickly rolled out Web Application Firewall (WAF) protections following the vulnerability’s disclosure, but a change to WAF parsing caused network outages. The outage affected major services like Zoom, LinkedIn, Coinbase, and DoorDash, with Cloudflare deploying a fix within half an hour. This incident follows a previous outage less than a month earlier, also not caused by cyberattacks, highlighting ongoing stability and security challenges. Problem Explained Cloudflare recently experienced an outage caused by its attempt to…